Skip to main content
Article thumbnail
Location of Repository

How to extract and expand randomness : a summary and explanation of existing results

By Yvonne Cliff, Colin Boyd and Juan M. Gonzalez Nieto


We examine the use of randomness extraction and expansion in key agreement (KA) pro-\ud tocols to generate uniformly random keys in the standard model. Although existing works provide the\ud basic theorems necessary, they lack details or examples of appropriate cryptographic primitives and/or\ud parameter sizes. This has lead to the large amount of min-entropy needed in the (non-uniform) shared\ud secret being overlooked in proposals and efficiency comparisons of KA protocols. We therefore summa-\ud rize existing work in the area and examine the security levels achieved with the use of various extractors\ud and expanders for particular parameter sizes. The tables presented herein show that the shared secret\ud needs a min-entropy of at least 292 bits (and even more with more realistic assumptions) to achieve an\ud overall security level of 80 bits using the extractors and expanders we consider. The tables may be used\ud to �nd the min-entropy required for various security levels and assumptions. We also �nd that when\ud using the short exponent theorems of Gennaro et al., the short exponents may need to be much longer\ud than they suggested

Topics: 080402 Data Encryption, 080201 Analysis of Algorithms and Complexity, randomness extraction, key agreement, randomness expansion, key exchange protocols
Publisher: Springer
Year: 2009
DOI identifier: 10.1007/978-3-642-01957-9_4
OAI identifier:

Suggested articles

To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.