Secret-key agreement over unauthenticated public channels II: the simulatability condition

For pt.I see ibid., vol.49, no.4, p.822-31(2003). In the first part, we showed that when two parties, willing to generate a secret key, but connected only by a completely insecure communication channel, have access to independent repetitions of some random experiment, then the possibility of secret-key agreement depends on a certain property, called simulatability, of the probability distribution modeling the parties' initial knowledge. More generally, the simulatability condition is important in the context of identification and authentication among parties sharing some correlated but not necessarily identical partially secret keys. Unfortunately, this condition is a priori not very useful since it is not clear how to decide efficiently whether it is satisfied or not for a given distribution P/sub XYZ/. We introduce a new formalism, based on a mechanical model for representing the involved quantities, that allows for dealing with discrete joint distributions of random variables and their manipulations by noisy channels. We show that this representation leads to a simple and efficient characterization of the possibility of secret-key agreement secure against active adversaries.

[1]  Ueli Maurer,et al.  Towards Characterizing When Information-Theoretic Secret Key Agreement Is Possible , 1996, ASIACRYPT.

[2]  Ueli Maurer,et al.  Secret-key agreement over unauthenticated public channels I: Definitions and a completeness result , 2003, IEEE Trans. Inf. Theory.

[3]  A. D. Wyner,et al.  The wire-tap channel , 1975, The Bell System Technical Journal.

[4]  Stefan Wolf,et al.  Information-theoretically and computationally secure key agreement in cryptography , 1999 .

[5]  Nicolas Gisin,et al.  Linking Classical and Quantum Key Agreement: Is There a Classical Analog to Bound Entanglement? , 2002, Algorithmica.

[6]  Ueli Maurer,et al.  Secret-key agreement over unauthenticated public channels III: Privacy amplification , 2003, IEEE Trans. Inf. Theory.

[7]  Ueli Maurer,et al.  Information-Theoretically Secure Secret-Key Agreement by NOT Authenticated Public Discussion , 1997, EUROCRYPT.

[8]  Ueli Maurer,et al.  Unconditionally Secure Key Agreement and the Intrinsic Conditional Information , 1999, IEEE Trans. Inf. Theory.

[9]  I. Motivation,et al.  Secret-Key Agreement Over Unauthenticated Public Channels—Part III: Privacy Amplification , 2003 .

[10]  Nicolas Gisin,et al.  Linking Classical and Quantum Key Agreement: Is There "Bound Information"? , 2000, CRYPTO.

[11]  Rudolf Ahlswede,et al.  Common randomness in information theory and cryptography - I: Secret sharing , 1993, IEEE Trans. Inf. Theory.

[12]  Renato Renner,et al.  A property of the intrinsic mutual information , 2003, IEEE International Symposium on Information Theory, 2003. Proceedings..

[13]  U. Maurer,et al.  Secret key agreement by public discussion from common information , 1993, IEEE Trans. Inf. Theory.