Abstract
The problem of unconditionally secure key agreement, in particular privacy amplification, by communication over an insecure and not even authentic channel, is investigated. The previous definitions of such protocols were weak in the sense that it was only required that after the communication not both parties falsely believe that the key agreement was successful. In such a protocol however it is possible that Eve deceives one of the legitimate partners, i.e., makes him accept the outcome of the protocol although no secret key has been generated. In this paper we introduce the notion of strong protocols which protect each of the parties simultaneously and, in contrast to previous pessimism, it is shown that such protocols exist. For the important special case of privacy amplification, a strong protocol is presented that is based on a new, interactive way of message authentication with an only partially secret key. The use of feedback in such authentication allows to reduce the size of the authenticator, hence of the additional information about the key leaked to the adversary, without increasing the success probability ofan active attack. Finally, it is shown that in the scenario where the parties and the adversary have access to repeated realizations of a random experiment, previously derived criteria for the possibility of secret-key agreement against active opponents hold for the new, strong definition of robustness against active attacks rather than for the earlier definition.
Chapter PDF
Similar content being viewed by others
Keywords
References
C. H. Bennett, G. Brassard, C. Crépeau, and U. M. Maurer, Generalized privacy amplification, IEEE Transactions on Information Theory, Vol. 41, Nr. 6, 1995.
C. H. Bennett, G. Brassard, and J.-M. Robert, Privacy amplification by public discussion, SIAM Journal on Computing, Vol. 17, pp. 210–229, 1988.
C. Cachin, Entropy measures and unconditional security in cryptography, Ph. D. Thesis, ETH Zürich, Hartung-Gorre Verlag, Zürich, 1997.
U. M. Maurer, Information-theoretically secure secret-key agreement by NOT authenticated public discussion, Advances in Cryptology-EUROCRYPT’97, Lecture Notes in Computer Science, Vol. 1233, pp. 209–225, Springer-Verlag, 1997.
U. M. Maurer, Secret key agreement by public discussion from common information, IEEE Transactions on Information Theory, Vol. 39, No. 3, pp. 733–742, 1993.
U. M. Maurer and S. Wolf, Privacy amplification secure against active adversaries, Advances in Cryptology-CRYPTO’ 97, Lecture Notes in Computer Science, Vol. 1294, pp. 307–321, Springer-Verlag, 1996.
N. Nisan and D. Zuckerman, Randomness is linear in space, Journal of Computer and System Sciences, Vol. 52, No. 1, pp. 43–52, 1996.
D. R. Stinson, Universal hashing and authentication codes, Advances in Cryptology-CRYPTO’91, Lecture Notes in Computer Science, Vol. 576, pp. 74–85, Springer-Verlag, 1992.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1998 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Wolf, S. (1998). Strong Security Against Active Attacks in Information-Theoretic Secret-Key Agreement. In: Ohta, K., Pei, D. (eds) Advances in Cryptology — ASIACRYPT’98. ASIACRYPT 1998. Lecture Notes in Computer Science, vol 1514. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-49649-1_32
Download citation
DOI: https://doi.org/10.1007/3-540-49649-1_32
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-65109-3
Online ISBN: 978-3-540-49649-6
eBook Packages: Springer Book Archive