13,768 research outputs found
Security of almost ALL discrete log bits
Let G be a finite cyclic group with generator \alpha and with an encoding so that multiplication is computable in polynomial time. We study the security of bits of the discrete log x when given \exp_{\alpha}(x), assuming that the exponentiation function \exp_{\alpha}(x) = \alpha^x is one-way. We reduce he general problem to the case that G has odd order q. If G has odd order q the security of the least-significant bits of x and of the most significant bits of the rational number \frac{x}{q} \in [0,1) follows from the work of Peralta [P85] and Long and Wigderson [LW88]. We generalize these bits and study the security of consecutive shift bits lsb(2^{-i}x mod q) for i=k+1,...,k+j. When we restrict \exp_{\alpha} to arguments x such that some sequence of j consecutive shift bits of x is constant (i.e., not depending on x) we call it a 2^{-j}-fraction of \exp_{\alpha}. For groups of odd group order q we show that every two 2^{-j}-fractions of \exp_{\alpha} are equally one-way by a polynomial time transformation: Either they are all one-way or none of them. Our key theorem shows that arbitrary j consecutive shift bits of x are simultaneously secure when given \exp_{\alpha}(x) iff the 2^{-j}-fractions of \exp_{\alpha} are one-way. In particular this applies to the j least-significant bits of x and to the j most-significant bits of \frac{x}{q} \in [0,1). For one-way \exp_{\alpha} the individual bits of x are secure when given \exp_{\alpha}(x) by the method of Hastad, N\"aslund [HN98]. For groups of even order 2^{s}q we show that the j least-significant bits of \lfloor x/2^s\rfloor, as well as the j most-significant bits of \frac{x}{q} \in [0,1), are simultaneously secure iff the 2^{-j}-fractions of \exp_{\alpha'} are one-way for \alpha' := \alpha^{2^s}. We use and extend the models of generic algorithms of Nechaev (1994) and Shoup (1997). We determine the generic complexity of inverting fractions of \exp_{\alpha} for the case that \alpha has prime order q. As a consequence, arbitrary segments of (1-\varepsilon)\lg q consecutive shift bits of random x are for constant \varepsilon >0 simultaneously secure against generic attacks. Every generic algorithm using generic steps (group operations) for distinguishing bit strings of j consecutive shift bits of x from random bit strings has at most advantage O((\lg q) j\sqrt{t} (2^j/q)^{\frac14})
Achieving Secrecy Capacity of the Gaussian Wiretap Channel with Polar Lattices
In this work, an explicit wiretap coding scheme based on polar lattices is
proposed to achieve the secrecy capacity of the additive white Gaussian noise
(AWGN) wiretap channel. Firstly, polar lattices are used to construct
secrecy-good lattices for the mod- Gaussian wiretap channel. Then we
propose an explicit shaping scheme to remove this mod- front end and
extend polar lattices to the genuine Gaussian wiretap channel. The shaping
technique is based on the lattice Gaussian distribution, which leads to a
binary asymmetric channel at each level for the multilevel lattice codes. By
employing the asymmetric polar coding technique, we construct an AWGN-good
lattice and a secrecy-good lattice with optimal shaping simultaneously. As a
result, the encoding complexity for the sender and the decoding complexity for
the legitimate receiver are both O(N logN log(logN)). The proposed scheme is
proven to be semantically secure.Comment: Submitted to IEEE Trans. Information Theory, revised. This is the
authors' own version of the pape
Implementation of Quantum Key Distribution with Composable Security Against Coherent Attacks using Einstein-Podolsky-Rosen Entanglement
Secret communication over public channels is one of the central pillars of a
modern information society. Using quantum key distribution (QKD) this is
achieved without relying on the hardness of mathematical problems which might
be compromised by improved algorithms or by future quantum computers.
State-of-the-art QKD requires composable security against coherent attacks for
a finite number of samples. Here, we present the first implementation of QKD
satisfying this requirement and additionally achieving security which is
independent of any possible flaws in the implementation of the receiver. By
distributing strongly Einstein-Podolsky-Rosen entangled continuous variable
(CV) light in a table-top arrangement, we generated secret keys using a highly
efficient error reconciliation algorithm. Since CV encoding is compatible with
conventional optical communication technology, we consider our work to be a
major promotion for commercialized QKD providing composable security against
the most general channel attacks.Comment: 7 pages, 3 figure
Covert Bits Through Queues
We consider covert communication using a queuing timing channel in the
presence of a warden. The covert message is encoded using the inter-arrival
times of the packets, and the legitimate receiver and the warden observe the
inter-departure times of the packets from their respective queues. The
transmitter and the legitimate receiver also share a secret key to facilitate
covert communication. We propose achievable schemes that obtain non-zero covert
rate for both exponential and general queues when a sufficiently high rate
secret key is available. This is in contrast to other channel models such as
the Gaussian channel or the discrete memoryless channel where only
covert bits can be sent over channel uses, yielding
a zero covert rate.Comment: To appear at IEEE CNS, October 201
Secrecy in the 2-User Symmetric Deterministic Interference Channel with Transmitter Cooperation
This work presents novel achievable schemes for the 2-user symmetric linear
deterministic interference channel with limited-rate transmitter cooperation
and perfect secrecy constraints at the receivers. The proposed achievable
scheme consists of a combination of interference cancelation, relaying of the
other user's data bits, time sharing, and transmission of random bits,
depending on the rate of the cooperative link and the relative strengths of the
signal and the interference. The results show, for example, that the proposed
scheme achieves the same rate as the capacity without the secrecy constraints,
in the initial part of the weak interference regime. Also, sharing random bits
through the cooperative link can achieve a higher secrecy rate compared to
sharing data bits, in the very high interference regime. The results highlight
the importance of limited transmitter cooperation in facilitating secure
communications over 2-user interference channels.Comment: 5 pages, submitted to SPAWC 201
Hiding Symbols and Functions: New Metrics and Constructions for Information-Theoretic Security
We present information-theoretic definitions and results for analyzing
symmetric-key encryption schemes beyond the perfect secrecy regime, i.e. when
perfect secrecy is not attained. We adopt two lines of analysis, one based on
lossless source coding, and another akin to rate-distortion theory. We start by
presenting a new information-theoretic metric for security, called symbol
secrecy, and derive associated fundamental bounds. We then introduce
list-source codes (LSCs), which are a general framework for mapping a key
length (entropy) to a list size that an eavesdropper has to resolve in order to
recover a secret message. We provide explicit constructions of LSCs, and
demonstrate that, when the source is uniformly distributed, the highest level
of symbol secrecy for a fixed key length can be achieved through a construction
based on minimum-distance separable (MDS) codes. Using an analysis related to
rate-distortion theory, we then show how symbol secrecy can be used to
determine the probability that an eavesdropper correctly reconstructs functions
of the original plaintext. We illustrate how these bounds can be applied to
characterize security properties of symmetric-key encryption schemes, and, in
particular, extend security claims based on symbol secrecy to a functional
setting.Comment: Submitted to IEEE Transactions on Information Theor
- …