The Exact Price for Unconditionally Secure Asymmetric Cryptography

A completely insecure communication channel can only be transformed into an unconditionally secure channel if some information-theoretic primitive is given to start from. All previous approaches to realizing such authenticity and privacy from weak primitives were symmetric in the sense that security for both parties was achieved. We show that asymmetric information-theoretic security can, however, be obtained at a substantially lower price than two-way security-like in the computational-security setting, as the example of public-key cryptography demonstrates. In addition to this, we show that also an unconditionally secure bidirectional channel can be obtained under weaker conditions than previously known. One consequence of these results is that the assumption usually made in the context of quantum key distribution that the two parties share a short key initially is unnecessarily strong.

[1]  Imre Csiszár,et al.  Broadcast channels with confidential messages , 1978, IEEE Trans. Inf. Theory.

[2]  Joel H. Spencer,et al.  On the (non)universality of the one-time pad , 2002, The 43rd Annual IEEE Symposium on Foundations of Computer Science, 2002. Proceedings..

[3]  Claude E. Shannon,et al.  Communication theory of secrecy systems , 1949, Bell Syst. Tech. J..

[4]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[5]  A. D. Wyner,et al.  The wire-tap channel , 1975, The Bell System Technical Journal.

[6]  Douglas R. Stinson,et al.  Advances in Cryptology — CRYPTO’ 93 , 2001, Lecture Notes in Computer Science.

[7]  U. Maurer,et al.  Secret key agreement by public discussion from common information , 1993, IEEE Trans. Inf. Theory.

[8]  Ueli Maurer,et al.  Information-Theoretic Cryptography , 1999, CRYPTO.

[9]  Ueli Maurer,et al.  A Calculus for Security Bootstrapping in Distributed Systems , 1996, J. Comput. Secur..

[10]  Christian Cachin,et al.  Entropy measures and unconditional security in cryptography , 1997 .

[11]  Benny Pinkas,et al.  On the Impossibility of Private Key Cryptography with Weakly Random Keys , 1990, CRYPTO.

[12]  Aggelos Kiayias,et al.  Traitor Tracing with Constant Transmission Rate , 2002, EUROCRYPT.

[13]  Walter Fumy,et al.  Advances in Cryptology — EUROCRYPT ’97 , 2001, Lecture Notes in Computer Science.

[14]  Moni Naor,et al.  Codes for Interactive Authentication , 1994, CRYPTO.

[15]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[16]  Gilles Brassard,et al.  Privacy Amplification by Public Discussion , 1988, SIAM J. Comput..

[17]  Ueli Maurer,et al.  Secret-key agreement over unauthenticated public channels I: Definitions and a completeness result , 2003, IEEE Trans. Inf. Theory.

[18]  Alexander Russell,et al.  How to fool an unbounded adversary with a short key , 2006, IEEE Trans. Inf. Theory.

[19]  Dan Boneh,et al.  Advances in Cryptology - CRYPTO 2003 , 2003, Lecture Notes in Computer Science.

[20]  Thomas M. Cover,et al.  Elements of Information Theory , 2005 .

[21]  Renato Renner,et al.  Unconditional Authenticity and Privacy from an Arbitrarily Weak Secret , 2003, CRYPTO.

[22]  Ueli Maurer,et al.  On the power of quantum memory , 2005, IEEE Transactions on Information Theory.

[23]  Ueli Maurer,et al.  Information-Theoretically Secure Secret-Key Agreement by NOT Authenticated Public Discussion , 1997, EUROCRYPT.