Generalized Strong Extractors and Deterministic Privacy Amplification

Extracting essentially uniform randomness from a somewhat random source X is a crucial operation in various applications, in particular in cryptography where an adversary usually possesses some partial information about X. In this paper we formalize and study the most general form of extracting randomness in such a cryptographic setting. Our notion of strong extractors captures in particular the case where the catalyst randomness is neither uniform nor independent of the actual extractor input. This is for example important for privacy amplification, where a uniform cryptographic key is generated by Alice and Bob sharing some partially secret information X by exchanging a catalyst R over an insecure channel accessible to an adversary Eve. Here the authentication information for R creates, from Eve's viewpoint, a dependence between X and R. We provide explicit constructions for this setting based on strong blenders. In addition, we give strong deterministic randomness extractors for lists of random variables, where only an unknown subset of the variables is required to have some amount of min-entropy.

[1]  Umesh V. Vazirani,et al.  Strong communication complexity or generating quasi-random sequences from two communicating semi-random sources , 1987, Comb..

[2]  Manuel Blum Independent unbiased coin flips from a correlated biased source—A finite state markov chain , 1986, Comb..

[3]  Aggelos Kiayias,et al.  Traceable Signatures , 2004, EUROCRYPT.

[4]  Umesh V. Vazirani,et al.  Efficiency considerations in using semi-random sources , 1987, STOC.

[5]  Ronen Shaltiel,et al.  Recent Developments in Explicit Constructions of Extractors , 2002, Bull. EATCS.

[6]  Gilles Brassard,et al.  Privacy Amplification by Public Discussion , 1988, SIAM J. Comput..

[7]  Miklos Santha,et al.  Generating Quasi-random Sequences from Semi-random Sources , 1986, J. Comput. Syst. Sci..

[8]  David Zuckerman Simulating BPP using a general weak random source , 2005, Algorithmica.

[9]  Miklos Santha,et al.  Generating Quasi-Random Sequences from Slightly-Random Sources (Extended Abstract) , 1984, FOCS.

[10]  Vojtech Rödl,et al.  Two lower bounds for branching programs , 1986, STOC '86.

[11]  Dan Boneh,et al.  Advances in Cryptology - CRYPTO 2003 , 2003, Lecture Notes in Computer Science.

[12]  A. Wigderson,et al.  Disperser graphs, deterministic amplification, and imperfect random sources (גרפים מפזרים, הגברה דטרמיניסטית ומקורות אקראים חלשים.) , 1991 .

[13]  Yevgeniy Dodis,et al.  Exposure-resilient cryptography , 2000 .

[14]  P. Elias The Efficient Construction of an Unbiased Random Sequence , 1972 .

[15]  Burton S. Kaliski Advances in Cryptology - CRYPTO '97 , 1997 .

[16]  Oded Goldreich,et al.  Unbiased Bits from Sources of Weak Randomness and Probabilistic Communication Complexity , 1988, SIAM J. Comput..

[17]  Ran Raz,et al.  Improved Randomness Extraction from Two Independent Sources , 2004, APPROX-RANDOM.

[18]  Oded Goldreich,et al.  The bit extraction problem or t-resilient functions , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[19]  Noam Nisan,et al.  Randomness is Linear in Space , 1996, J. Comput. Syst. Sci..

[20]  Ran Raz,et al.  Deterministic extractors for bit-fixing sources by obtaining an independent seed , 2004, 45th Annual IEEE Symposium on Foundations of Computer Science.

[21]  Guy Kindler,et al.  Simulating independence: new constructions of condensers, ramsey graphs, dispersers, and extractors , 2005, STOC '05.

[22]  David Zuckerman,et al.  General weak random sources , 1990, Proceedings [1990] 31st Annual Symposium on Foundations of Computer Science.

[23]  Ran Raz,et al.  Extractors with weak random seeds , 2005, STOC '05.

[24]  Avi Wigderson,et al.  Extracting randomness using few independent sources , 2004, 45th Annual IEEE Symposium on Foundations of Computer Science.

[25]  David Zuckerman,et al.  DETERMINISTIC EXTRACTORS FOR BIT-FIXING SOURCES AND EXPOSURE-RESILIENT CRYPTOGRAPHY , 2003 .

[26]  Wen-Guey Tzeng,et al.  Extracting randomness from multiple independent sources , 2005, IEEE Transactions on Information Theory.

[27]  Ueli Maurer,et al.  Privacy Amplification Secure Against Active Adversaries , 1997, CRYPTO.

[28]  Amit Sahai,et al.  On Perfect and Adaptive Security in Exposure-Resilient Cryptography , 2001, EUROCRYPT.

[29]  Avi Wigderson,et al.  Dispersers, deterministic amplification, and weak random sources , 1989, 30th Annual Symposium on Foundations of Computer Science.

[30]  Avi Wigderson,et al.  Extracting Randomness via Repeated Condensing , 2006, SIAM J. Comput..

[31]  Yevgeniy Dodis,et al.  On Extracting Private Randomness over a Public Channel , 2003, RANDOM-APPROX.

[32]  Renato Renner,et al.  Unconditional Authenticity and Privacy from an Arbitrarily Weak Secret , 2003, CRYPTO.

[33]  Michael Saks omization and Derandomization in Space-Bounded Computation , 1996 .

[34]  Luca Trevisan,et al.  Extracting randomness from samplable distributions , 2000, Proceedings 41st Annual Symposium on Foundations of Computer Science.