TY - GEN
T1 - Privacy amplification and non-malleable extractors via character sums
AU - Dodis, Yevgeniy
AU - Li, Xin
AU - Wooley, Trevor D.
AU - Zuckerman, David
PY - 2011
Y1 - 2011
N2 - In studying how to communicate over a public channel with an active adversary, Dodis and Wichs introduced the notion of a non-malleable extractor. A non-malleable extractor dramatically strengthens the notion of a strong extractor. A strong extractor takes two inputs, a weakly-random x and a uniformly random seed y, and outputs a string which appears uniform, even given y. For a non-malleable extractor nmExt, the output nmExt(x,y) should appear uniform given y as well as nmExt(x,A(y)), where A is an arbitrary function with A(y) ≠ y. We show that an extractor introduced by Chor and Gold reich is non-malleable when the entropy rate is above half. It outputs a linear number of bits when the entropy rate is 1/2 + α, for any α > 0. Previously, no nontrivial parameters were known for any non-malleable extractor. To achieve a polynomial running time when outputting many bits, we rely on a widely-believed conjecture about the distribution of prime numbers in arithmetic progressions. Our analysis involves a character sum estimate, which may be of independent interest. Using our non-malleable extractor, we obtain protocols for "privacy amplification": key agreement between two parties who share a weakly-random secret. Our protocols work in the presence of an active adversary with unlimited computational power, and have asymptotically optimal entropy loss. When the secret has entropy rate greater than 1/2, the protocol follows from a result of Dodis and Wichs, and takes two rounds. When the secret has entropy rate δ for any constant δ > 0, our new protocol takes a constant (polynomial in 1/δ) number of rounds. Our protocols run in polynomial time under the above well-known conjecture about primes.
AB - In studying how to communicate over a public channel with an active adversary, Dodis and Wichs introduced the notion of a non-malleable extractor. A non-malleable extractor dramatically strengthens the notion of a strong extractor. A strong extractor takes two inputs, a weakly-random x and a uniformly random seed y, and outputs a string which appears uniform, even given y. For a non-malleable extractor nmExt, the output nmExt(x,y) should appear uniform given y as well as nmExt(x,A(y)), where A is an arbitrary function with A(y) ≠ y. We show that an extractor introduced by Chor and Gold reich is non-malleable when the entropy rate is above half. It outputs a linear number of bits when the entropy rate is 1/2 + α, for any α > 0. Previously, no nontrivial parameters were known for any non-malleable extractor. To achieve a polynomial running time when outputting many bits, we rely on a widely-believed conjecture about the distribution of prime numbers in arithmetic progressions. Our analysis involves a character sum estimate, which may be of independent interest. Using our non-malleable extractor, we obtain protocols for "privacy amplification": key agreement between two parties who share a weakly-random secret. Our protocols work in the presence of an active adversary with unlimited computational power, and have asymptotically optimal entropy loss. When the secret has entropy rate greater than 1/2, the protocol follows from a result of Dodis and Wichs, and takes two rounds. When the secret has entropy rate δ for any constant δ > 0, our new protocol takes a constant (polynomial in 1/δ) number of rounds. Our protocols run in polynomial time under the above well-known conjecture about primes.
UR - http://www.scopus.com/inward/record.url?scp=84863321325&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84863321325&partnerID=8YFLogxK
U2 - 10.1109/FOCS.2011.67
DO - 10.1109/FOCS.2011.67
M3 - Conference contribution
AN - SCOPUS:84863321325
SN - 9780769545714
T3 - Proceedings - Annual IEEE Symposium on Foundations of Computer Science, FOCS
SP - 668
EP - 677
BT - Proceedings - 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science, FOCS 2011
T2 - 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science, FOCS 2011
Y2 - 22 October 2011 through 25 October 2011
ER -