TY - GEN
T1 - On perfect and adaptive security in exposure-resilient cryptography
AU - Dodis, Yevgeniy
AU - Sahai, Amit
AU - Smith, Adam
N1 - Publisher Copyright:
© Springer-Verlag Berlin Heidelberg 2001.
PY - 2001
Y1 - 2001
N2 - We consider the question of adaptive security for two related cryptographic primitives: all-or-nothing transforms and exposure-resilient functions. Both are concerned with retaining security when an intruder learns some bits of a string which is supposed to be secret: all-or-nothing transforms (AONT) protect their input even given partial knowledge of the output; exposure-resilient functions (ERF) hide their output even given partial exposure of their input. Both of these primitives can be defined in the perfect, statistical and computational settings and have a variety of applications in cryptography. In this paper, we study how these notions fare against adaptive adversaries, who may choose which positions of a secret string to observe on the fly. In the perfect setting, we prove a new, strong lower bound on the con-structibility of (perfect) AONT. This applies to both standard and adap-tively secure AONT. In particular, to hide an input as short as logn bits, the adversary must see no more than half of the n-bit output. This bound also provides a new impossibility result on the existence of (ramp) secret-sharing schemes [6] and relates to a combinatorial problem of independent interest: finding “balanced” colorings of the hypercube. In the statistical setting, we show that adaptivity adds strictly more power to the adversary. We relate and reduce the construction of adaptive ERF’s to that of almost-perfect resilient functions [19], for which the adversary can actually set some of the input positions and still learn nothing about the output. We give a probabilistic construction of these functions which is essentially optimal and substantially improves on previous constructions of [19, 5]. As a result, we get nearly optimal adaptively secure ERF’s and AONT’s. Finally, extending the statistical construction we obtain optimal computational adaptive ERF’s, “public-value” AONT’s and resilient functions.
AB - We consider the question of adaptive security for two related cryptographic primitives: all-or-nothing transforms and exposure-resilient functions. Both are concerned with retaining security when an intruder learns some bits of a string which is supposed to be secret: all-or-nothing transforms (AONT) protect their input even given partial knowledge of the output; exposure-resilient functions (ERF) hide their output even given partial exposure of their input. Both of these primitives can be defined in the perfect, statistical and computational settings and have a variety of applications in cryptography. In this paper, we study how these notions fare against adaptive adversaries, who may choose which positions of a secret string to observe on the fly. In the perfect setting, we prove a new, strong lower bound on the con-structibility of (perfect) AONT. This applies to both standard and adap-tively secure AONT. In particular, to hide an input as short as logn bits, the adversary must see no more than half of the n-bit output. This bound also provides a new impossibility result on the existence of (ramp) secret-sharing schemes [6] and relates to a combinatorial problem of independent interest: finding “balanced” colorings of the hypercube. In the statistical setting, we show that adaptivity adds strictly more power to the adversary. We relate and reduce the construction of adaptive ERF’s to that of almost-perfect resilient functions [19], for which the adversary can actually set some of the input positions and still learn nothing about the output. We give a probabilistic construction of these functions which is essentially optimal and substantially improves on previous constructions of [19, 5]. As a result, we get nearly optimal adaptively secure ERF’s and AONT’s. Finally, extending the statistical construction we obtain optimal computational adaptive ERF’s, “public-value” AONT’s and resilient functions.
UR - http://www.scopus.com/inward/record.url?scp=84945116168&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84945116168&partnerID=8YFLogxK
U2 - 10.1007/3-540-44987-6_19
DO - 10.1007/3-540-44987-6_19
M3 - Conference contribution
AN - SCOPUS:84945116168
SN - 3540420703
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 301
EP - 324
BT - Advances in Cryptology - EUROCRYPT 2001 - International Conference on the Theory and Application of Cryptographic Techniques, Proceedings
A2 - Pfitzmann, Birgit
PB - Springer Verlag
T2 - International Conference on the Theory and Application of Cryptographic Techniques, EUROCRYPT 2001
Y2 - 6 May 2001 through 10 May 2001
ER -