Invertible extractors and wiretap protocols

A wiretap protocol is a pair of randomized encoding and decoding functions such that knowledge of a bounded fraction of the encoding of a message reveals essentially no information about the message, while knowledge of the entire encoding reveals the message using the decoder. In this paper, the notion of efficiently invertible extractors is studied and it is shown that a wiretap protocol can be constructed from such an extractor. Then, invertible extractors for symbol-fixing, affine, and general sources are constructed and used to create wiretap protocols with asymptotically optimal trade-offs between their rate (ratio of the length of the message versus its encoding) and resilience (ratio of the observed positions of the encoding and the length of the encoding). The results are further applied to create wiretap protocols for challenging communication problems, such as active intruders who change portions of the encoding, network coding, and intruders observing arbitrary Boolean functions of the encoding.

[1]  Ran Raz,et al.  Deterministic extractors for affine sources over large fields , 2005, 46th Annual IEEE Symposium on Foundations of Computer Science (FOCS'05).

[2]  Hirosuke Yamamoto,et al.  Secret sharing system using (k, L, n) threshold scheme , 1986 .

[3]  Yuan Zhou Introduction to Coding Theory , 2010 .

[4]  Oded Goldreich,et al.  The bit extraction problem or t-resilient functions , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[5]  Ning Cai,et al.  Network Coding Theory (Foundations and Trends(R) in Communications and Information Theory) , 2006 .

[6]  S. K. Leung-Yan-Cheong On a special class of wiretap channels , 1976 .

[7]  A. Robert Calderbank,et al.  Applications of LDPC Codes to the Wiretap Channel , 2004, IEEE Transactions on Information Theory.

[8]  A. D. Wyner,et al.  The wire-tap channel , 1975, The Bell System Technical Journal.

[9]  Rudolf Ahlswede,et al.  Network information flow , 2000, IEEE Trans. Inf. Theory.

[10]  Ueli Maurer,et al.  Generalized privacy amplification , 1994, Proceedings of 1994 IEEE International Symposium on Information Theory.

[11]  T. Ho,et al.  On Linear Network Coding , 2010 .

[12]  Catherine A. Meadows,et al.  Security of Ramp Schemes , 1985, CRYPTO.

[13]  Michael Mitzenmacher,et al.  Probability And Computing , 2005 .

[14]  Gilles Brassard,et al.  Privacy Amplification by Public Discussion , 1988, SIAM J. Comput..

[15]  J. H. van Lint,et al.  Introduction to Coding Theory , 1982 .

[16]  Christopher Umans,et al.  Simple extractors for all min-entropies and a new pseudorandom generator , 2005, JACM.

[17]  Amnon Ta-Shma,et al.  Extractors from Reed-Muller Codes , 2001, Electron. Colloquium Comput. Complex..

[18]  Umesh V. Vazirani Towards a strong communication complexity theory or generating quasi-random sequences from two communicating slightly-random sources , 1985, STOC '85.

[19]  Yevgeniy Dodis,et al.  Entropic Security and the Encryption of High Entropy Messages , 2005, TCC.

[20]  Jean-Marc Robert,et al.  How to reduce your enemy's information , 1986, CRYPTO 1986.

[21]  V. D. Goppa Codes on Algebraic Curves , 1981 .

[22]  Avi Wigderson,et al.  Extractors: optimal up to constant factors , 2003, STOC '03.

[23]  Kristin E. Lauter,et al.  Cryptographic Hash Functions from Expander Graphs , 2008, Journal of Cryptology.

[24]  Ueli Maurer,et al.  Generalized Strong Extractors and Deterministic Privacy Amplification , 2005, IMACC.

[25]  Rajeev Motwani,et al.  Randomized algorithms , 1996, CSUR.

[26]  Xin Li,et al.  A New Approach to Affine Extractors and Dispersers , 2011, 2011 IEEE 26th Annual Conference on Computational Complexity.

[27]  R. Yeung,et al.  Network coding theory , 2006 .

[28]  Gilles Zémor,et al.  Collisions for the LPS Expander Graph Hash Function , 2008, EUROCRYPT.

[29]  D. Stinson,et al.  Resilient functions and large sets of orthogonal arrays , 2022 .

[30]  Shuo-Yen Robert Li,et al.  Network Coding Theory - Part I: Single Source , 2005, Found. Trends Commun. Inf. Theory.

[31]  Amir Yehudayoff,et al.  Affine extractors over prime fields , 2011, Comb..

[32]  Noga Alon,et al.  On the second eigenvalue of a graph , 1991, Discret. Math..

[33]  David Zuckerman,et al.  DETERMINISTIC EXTRACTORS FOR BIT-FIXING SOURCES AND EXPOSURE-RESILIENT CRYPTOGRAPHY , 2003 .

[34]  Ran Raz,et al.  Extracting all the randomness and reducing the error in Trevisan's extractors , 1999, STOC '99.

[35]  N. Linial,et al.  Expander Graphs and their Applications , 2006 .

[36]  Yevgeniy Dodis,et al.  Exposure-resilient cryptography , 2000 .

[37]  Jon Feldman,et al.  On the Capacity of Secure Network Coding , 2004 .

[38]  R. Yeung,et al.  Secure network coding , 2002, Proceedings IEEE International Symposium on Information Theory,.

[39]  Victor Shoup,et al.  New algorithms for finding irreducible polynomials over finite fields , 1988, [Proceedings 1988] 29th Annual Symposium on Foundations of Computer Science.

[40]  L. Fortnow,et al.  Recent Developments in Explicit Constructions of Extractors , 2002, Bull. EATCS.

[41]  Moshe Morgenstern,et al.  Existence and Explicit Constructions of q + 1 Regular Ramanujan Graphs for Every Prime Power q , 1994, J. Comb. Theory, Ser. B.

[42]  L. Asz Random Walks on Graphs: a Survey , 2022 .

[43]  Shi-Chun Tsai,et al.  Two Results on the Bit Extraction Problem , 2000, Discret. Appl. Math..

[44]  David Zuckerman,et al.  Electronic Colloquium on Computational Complexity, Report No. 100 (2005) Linear Degree Extractors and the Inapproximability of MAX CLIQUE and CHROMATIC NUMBER , 2005 .

[45]  Kaoru Kurosawa,et al.  Almost k -Wise Independent Sample Spaces and Their Cryptologic Applications , 2001, Journal of Cryptology.

[46]  Venkatesan Guruswami,et al.  Unbalanced expanders and randomness extractors from Parvaresh--Vardy codes , 2007, JACM.

[47]  Imre Csiszár,et al.  Broadcast channels with confidential messages , 1978, IEEE Trans. Inf. Theory.

[48]  László Lovász,et al.  Random Walks on Graphs: A Survey , 1993 .

[49]  G. G. Stokes "J." , 1890, The New Yale Book of Quotations.

[50]  Eyal Kushilevitz,et al.  Exposure-Resilient Functions and All-or-Nothing Transforms , 2000, EUROCRYPT.

[51]  Yevgeniy Dodis On extractors, error-correction and hiding all partial information , 2005, IEEE Information Theory Workshop on Theory and Practice in Information-Theoretic Security, 2005..

[52]  Jean Bourgain,et al.  On the Construction of Affine Extractors , 2007 .

[53]  Luca Trevisan,et al.  Extractors and pseudorandom generators , 2001, JACM.

[54]  E. Gilbert A comparison of signalling alphabets , 1952 .

[55]  A. Pizer Ramanujan graphs and Hecke operators , 1990 .

[56]  Muriel Médard,et al.  An algebraic approach to network coding , 2003, TNET.

[57]  Michael Luby,et al.  LT codes , 2002, The 43rd Annual IEEE Symposium on Foundations of Computer Science, 2002. Proceedings..

[58]  Ronen Shaltiel,et al.  How to Get More Mileage from Randomness Extractors , 2006, 21st Annual IEEE Conference on Computational Complexity (CCC'06).

[59]  Frank R. Kschischang,et al.  Security for wiretap networks via rank-metric codes , 2007, 2008 IEEE International Symposium on Information Theory.

[60]  M. Tsfasman,et al.  Modular curves, Shimura curves, and Goppa codes, better than Varshamov‐Gilbert bound , 1982 .

[61]  Joel Friedman,et al.  On the bit extraction problem , 1992, Proceedings., 33rd Annual Symposium on Foundations of Computer Science.

[62]  Emina Soljanin,et al.  On Wiretap Networks II , 2007, 2007 IEEE International Symposium on Information Theory.

[63]  Amit Sahai,et al.  On Perfect and Adaptive Security in Exposure-Resilient Cryptography , 2001, EUROCRYPT.

[64]  Ronald L. Rivest,et al.  All-or-Nothing Encryption and the Package Transform , 1997, FSE.

[65]  M. Murty Ramanujan Graphs , 1965 .

[66]  Ueli Maurer,et al.  Privacy Amplification Secure Against Active Adversaries , 1997, CRYPTO.

[67]  V. Rich Personal communication , 1989, Nature.

[68]  Lawrence H. Ozarow,et al.  Wire-tap channel II , 1984, AT&T Bell Lab. Tech. J..