Correcting errors without leaking partial information

Yevgeniy Dodis; Adam Smith

doi:10.1145/1060590.1060688

Correcting errors without leaking partial information

Yevgeniy Dodis, Adam Smith

Computer Science

Research output: Contribution to journal › Conference article › peer-review

Abstract

This paper explores what kinds of information two parties must communicate in order to correct errors which occur in a shared secret string W. Any bits they communicate must leak a significant amount of information about W - that is, from the adversary's point of view, the entropy of W will drop significantly. Nevertheless, we construct schemes with which Alice and Bob can prevent an adversary from learning any useful information about W. Specifically, if the entropy of W is sufficiently high, then there is no function f(W) which the adversary can learn from the error-correction information with significant probability. This leads to several new results: (a) the design of noise-tolerant "perfectly oneway" hash functions in the sense of Canetti et al. [7], which in turn leads to obfuscation of proximity queries for high entropy secrets W; (b) private fuzzy extractors [11], which allow one to extract uniformly random bits from noisy and nonuniform data W, while also insuring that no sensitive information about W is leaked; and (c) noise tolerance and stateless key re-use in the Bounded Storage Model, resolving the main open problem of Ding [10]. The heart of our constructions is the design of strong randomness extractors with the property that the source W can be recovered from the extracted randomness and any string W′ which is close to W.

Original language	English (US)
Pages (from-to)	654-663
Number of pages	10
Journal	Proceedings of the Annual ACM Symposium on Theory of Computing
DOIs	https://doi.org/10.1145/1060590.1060688
State	Published - 2005
Event	13th Color Imaging Conference: Color Science, Systems, Technologies, and Applications - Scottsdale, AZ, United States Duration: Nov 7 2005 → Nov 11 2005

Keywords

Bounded Storage Model
Code Obfuscation
Cryptography
Entropic Security
Error-Correcting Codes
Information Reconciliation
Randomness Extractors

ASJC Scopus subject areas

Software

Access to Document

10.1145/1060590.1060688

Cite this

@article{7892d4fda024479fb5e14b7add4bd8ce,

title = "Correcting errors without leaking partial information",

abstract = "This paper explores what kinds of information two parties must communicate in order to correct errors which occur in a shared secret string W. Any bits they communicate must leak a significant amount of information about W - that is, from the adversary's point of view, the entropy of W will drop significantly. Nevertheless, we construct schemes with which Alice and Bob can prevent an adversary from learning any useful information about W. Specifically, if the entropy of W is sufficiently high, then there is no function f(W) which the adversary can learn from the error-correction information with significant probability. This leads to several new results: (a) the design of noise-tolerant {"}perfectly oneway{"} hash functions in the sense of Canetti et al. [7], which in turn leads to obfuscation of proximity queries for high entropy secrets W; (b) private fuzzy extractors [11], which allow one to extract uniformly random bits from noisy and nonuniform data W, while also insuring that no sensitive information about W is leaked; and (c) noise tolerance and stateless key re-use in the Bounded Storage Model, resolving the main open problem of Ding [10]. The heart of our constructions is the design of strong randomness extractors with the property that the source W can be recovered from the extracted randomness and any string W′ which is close to W.",

keywords = "Bounded Storage Model, Code Obfuscation, Cryptography, Entropic Security, Error-Correcting Codes, Information Reconciliation, Randomness Extractors",

author = "Yevgeniy Dodis and Adam Smith",

year = "2005",

doi = "10.1145/1060590.1060688",

language = "English (US)",

pages = "654--663",

journal = "Proceedings of the Annual ACM Symposium on Theory of Computing",

issn = "0737-8017",

publisher = "Association for Computing Machinery (ACM)",

note = "13th Color Imaging Conference: Color Science, Systems, Technologies, and Applications ; Conference date: 07-11-2005 Through 11-11-2005",

}

TY - JOUR

T1 - Correcting errors without leaking partial information

AU - Dodis, Yevgeniy

AU - Smith, Adam

PY - 2005

Y1 - 2005

N2 - This paper explores what kinds of information two parties must communicate in order to correct errors which occur in a shared secret string W. Any bits they communicate must leak a significant amount of information about W - that is, from the adversary's point of view, the entropy of W will drop significantly. Nevertheless, we construct schemes with which Alice and Bob can prevent an adversary from learning any useful information about W. Specifically, if the entropy of W is sufficiently high, then there is no function f(W) which the adversary can learn from the error-correction information with significant probability. This leads to several new results: (a) the design of noise-tolerant "perfectly oneway" hash functions in the sense of Canetti et al. [7], which in turn leads to obfuscation of proximity queries for high entropy secrets W; (b) private fuzzy extractors [11], which allow one to extract uniformly random bits from noisy and nonuniform data W, while also insuring that no sensitive information about W is leaked; and (c) noise tolerance and stateless key re-use in the Bounded Storage Model, resolving the main open problem of Ding [10]. The heart of our constructions is the design of strong randomness extractors with the property that the source W can be recovered from the extracted randomness and any string W′ which is close to W.

AB - This paper explores what kinds of information two parties must communicate in order to correct errors which occur in a shared secret string W. Any bits they communicate must leak a significant amount of information about W - that is, from the adversary's point of view, the entropy of W will drop significantly. Nevertheless, we construct schemes with which Alice and Bob can prevent an adversary from learning any useful information about W. Specifically, if the entropy of W is sufficiently high, then there is no function f(W) which the adversary can learn from the error-correction information with significant probability. This leads to several new results: (a) the design of noise-tolerant "perfectly oneway" hash functions in the sense of Canetti et al. [7], which in turn leads to obfuscation of proximity queries for high entropy secrets W; (b) private fuzzy extractors [11], which allow one to extract uniformly random bits from noisy and nonuniform data W, while also insuring that no sensitive information about W is leaked; and (c) noise tolerance and stateless key re-use in the Bounded Storage Model, resolving the main open problem of Ding [10]. The heart of our constructions is the design of strong randomness extractors with the property that the source W can be recovered from the extracted randomness and any string W′ which is close to W.

KW - Bounded Storage Model

KW - Code Obfuscation

KW - Cryptography

KW - Entropic Security

KW - Error-Correcting Codes

KW - Information Reconciliation

KW - Randomness Extractors

UR - http://www.scopus.com/inward/record.url?scp=34848837353&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=34848837353&partnerID=8YFLogxK

U2 - 10.1145/1060590.1060688

DO - 10.1145/1060590.1060688

M3 - Conference article

AN - SCOPUS:34848837353

SN - 0737-8017

SP - 654

EP - 663

JO - Proceedings of the Annual ACM Symposium on Theory of Computing

JF - Proceedings of the Annual ACM Symposium on Theory of Computing

T2 - 13th Color Imaging Conference: Color Science, Systems, Technologies, and Applications

Y2 - 7 November 2005 through 11 November 2005

ER -

Correcting errors without leaking partial information

Abstract

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this