TY - GEN
T1 - Doubly-affine extractors, and their applications
AU - Dodis, Yevgeniy
AU - Yeo, Kevin
N1 - Publisher Copyright:
© 2021 Schloss Dagstuhl- Leibniz-Zentrum fur Informatik GmbH, Dagstuhl Publishing. All rights reserved.
PY - 2021/7/1
Y1 - 2021/7/1
N2 - In this work we challenge the common misconception that information-theoretic (IT) privacy is too impractical to be used in the real-world: we propose to build simple and reusable IT-encryption solutions whose only efficiency penalty (compared to computationally-secure schemes) comes from a large secret key size, which is often a rather minor inconvenience, as storage is cheap. In particular, our solutions are stateless and locally computable at the optimal rate, meaning that honest parties do not maintain state and read only (optimally) small portions of their large keys with every use. Moreover, we also propose a novel architecture for outsourcing the storage of these long keys to a network of semi-trusted servers, trading the need to store large secrets with the assumption that it is hard to simultaneously compromise too many publicly accessible ad-hoc servers. Our architecture supports everlasting privacy and post-application security of the derived one-time keys, resolving two major limitations of a related model for outsourcing key storage, called bounded storage model. Both of these results come from nearly optimal constructions of so called doubly-affine extractors: locally-computable, seeded extractors Ext(X, S) which are linear functions of X (for any fixed seed S), and protect against bounded affine leakage on X. This holds unconditionally, even if (a) affine leakage may adaptively depend on the extracted key R = Ext(X, S); and (b) the seed S is only computationally secure. Neither of these properties are possible with general-leakage extractors.
AB - In this work we challenge the common misconception that information-theoretic (IT) privacy is too impractical to be used in the real-world: we propose to build simple and reusable IT-encryption solutions whose only efficiency penalty (compared to computationally-secure schemes) comes from a large secret key size, which is often a rather minor inconvenience, as storage is cheap. In particular, our solutions are stateless and locally computable at the optimal rate, meaning that honest parties do not maintain state and read only (optimally) small portions of their large keys with every use. Moreover, we also propose a novel architecture for outsourcing the storage of these long keys to a network of semi-trusted servers, trading the need to store large secrets with the assumption that it is hard to simultaneously compromise too many publicly accessible ad-hoc servers. Our architecture supports everlasting privacy and post-application security of the derived one-time keys, resolving two major limitations of a related model for outsourcing key storage, called bounded storage model. Both of these results come from nearly optimal constructions of so called doubly-affine extractors: locally-computable, seeded extractors Ext(X, S) which are linear functions of X (for any fixed seed S), and protect against bounded affine leakage on X. This holds unconditionally, even if (a) affine leakage may adaptively depend on the extracted key R = Ext(X, S); and (b) the seed S is only computationally secure. Neither of these properties are possible with general-leakage extractors.
KW - Everlasting privacy
KW - Extractors
KW - Information-theoretic privacy
UR - http://www.scopus.com/inward/record.url?scp=85115311829&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85115311829&partnerID=8YFLogxK
U2 - 10.4230/LIPIcs.ITC.2021.13
DO - 10.4230/LIPIcs.ITC.2021.13
M3 - Conference contribution
AN - SCOPUS:85115311829
T3 - Leibniz International Proceedings in Informatics, LIPIcs
BT - 2nd Conference on Information-Theoretic Cryptography, ITC 2021
A2 - Tessaro, Stefano
PB - Schloss Dagstuhl- Leibniz-Zentrum fur Informatik GmbH, Dagstuhl Publishing
T2 - 2nd Conference on Information-Theoretic Cryptography, ITC 2021
Y2 - 23 July 2021 through 26 July 2021
ER -