Optimal randomizer efficiency in the bounded-storage model (Q1879466): Difference between revisions

From MaRDI portal
Created claim: Wikidata QID (P12): Q99673058, #quickstatements; #temporary_batch_1707232231678
Created claim: DBLP publication ID (P1635): journals/joc/DziembowskiM04, #quickstatements; #temporary_batch_1731483406851
 
(4 intermediate revisions by 3 users not shown)
Property / author
 
Property / author: Ueli M. Maurer / rank
Normal rank
 
Property / author
 
Property / author: Ueli M. Maurer / rank
 
Normal rank
Property / MaRDI profile type
 
Property / MaRDI profile type: MaRDI publication profile / rank
 
Normal rank
Property / OpenAlex ID
 
Property / OpenAlex ID: W2085355422 / rank
 
Normal rank
Property / DBLP publication ID
 
Property / DBLP publication ID: journals/joc/DziembowskiM04 / rank
 
Normal rank

Latest revision as of 08:57, 13 November 2024

scientific article
Language Label Description Also known as
English
Optimal randomizer efficiency in the bounded-storage model
scientific article

    Statements

    Optimal randomizer efficiency in the bounded-storage model (English)
    0 references
    0 references
    0 references
    22 September 2004
    0 references
    This paper deals with information theoretically secure encryption and key agreement. This means that secure expansion of a short secret key into a much longer key is considered in the bounded-storage model. Such model is based, contrary to classical and practical cryptographic systems, only on the sole assumption that the adversary Eve can store only \(s\) bits, even if her computational power is unlimited. The communicating parties, Alice and Bob generate their key, which is a one-time pad, based on a publicly available source of random bits which can output a string of bits \(R\) of length \(t\). The one-time pad \(X\) of length \(n\) is also based on the shorter key \(K\), therefore suiting both the one time pad and the key the adversary can gain no information on the ciphertext. The main contribution of the paper is providing a stronger security proof. This comprises of the observation of the inability of the adversary to correctly predict the last bit of the expanded key even if she has access to all previous key bits and proving the negligeability of any strategy the adversary chooses for the faction of randomizers that give her a non-negligible advantage. The first three sections of the paper are introductory to the matter, sections 4 and 5 deal with parameter sizes closest to practical interest. Reasonable parameter sizes studied in previous sections lead to the conclusion that randomness efficiency \(v\) should be in the range 10. Open problems remain as the authors wonder about the security of proposed schemes under the assumption of an adversary with the ability to store \(s\) quantum bits rather than \(s\) classical bits.
    0 references
    bounded-storage model
    0 references
    unconditional security
    0 references
    one-time pad
    0 references
    information theory
    0 references
    min-entropy
    0 references

    Identifiers