8,788 research outputs found
Revisiting Randomness Extraction and Key Derivation Using the CBC and Cascade Modes
In this paper, we revisit a celebrated result by Dodis et al. from CRYPTO 2004, in relation with the suitability of CBC-MAC and cascade construction for randomness extraction. We first observe that the proof of three key sub-results are missing in the paper, which makes it difficult to verify the authors’ claims. Then, using a detailed and thorough analysis of the collision probability for both the CBC function and the cascade construction, we provide the missing proofs, thereby establishing the veracity of this old result. As a side-effect, we have made a significant advancement in the characterization of graph-based analysis of CBC and cascade construction, which could be of independent interest
Two-sources Randomness Extractors for Elliptic Curves
This paper studies the task of two-sources randomness extractors for elliptic
curves defined over finite fields , where can be a prime or a binary
field. In fact, we introduce new constructions of functions over elliptic
curves which take in input two random points from two differents subgroups. In
other words, for a ginven elliptic curve defined over a finite field
and two random points and , where and are two subgroups of
, our function extracts the least significant bits of the
abscissa of the point when is a large prime, and the -first
coefficients of the asbcissa of the point when , where is a prime greater than . We show that the extracted bits
are close to uniform.
Our construction extends some interesting randomness extractors for elliptic
curves, namely those defined in \cite{op} and \cite{ciss1,ciss2}, when
. The proposed constructions can be used in any
cryptographic schemes which require extraction of random bits from two sources
over elliptic curves, namely in key exchange protole, design of strong
pseudo-random number generators, etc
The Twist-AUgmented technique for key exchange
Key derivation refers to the process by which an agreed upon large random number, often named master secret, is used to derive keys to encrypt and authenticate data. Practitioners and standardization bodies have usually used the random oracle model to get key material from a Diffie-Hellman key exchange. However, formal proofs in the standard model require randomness extractors to formally extract the entropy of the random master secret into a seed prior to deriving other keys. Whereas this is a quite simple tool, it is not easy to use in practice Âor it is easy to misuse itÂ. In addition, in many standards, the acronym PRF (Pseudo-Random Functions) is used for several tasks, and namely the randomness extraction. While randomness extractors and pseudo-random functions are a priori distinct tools, we first study whether such an application is correct or not. We thereafter study the case of Zp where p is a safe-prime and the case of elliptic curve since in IPSec for example, only these two groups are considered. We present very efficient and provable randomness extraction techniques for these groups under the DDH assumption. In the special case of elliptic curves, we present a new technique --the so-called 'Twist-AUgmented' technique-- which exploits specific properties of some elliptic curves, and avoids the need of any randomness extractor. We finally compare the efficiency of this method with other solutions
Postprocessing for quantum random number generators: entropy evaluation and randomness extraction
Quantum random-number generators (QRNGs) can offer a means to generate
information-theoretically provable random numbers, in principle. In practice,
unfortunately, the quantum randomness is inevitably mixed with classical
randomness due to classical noises. To distill this quantum randomness, one
needs to quantify the randomness of the source and apply a randomness
extractor. Here, we propose a generic framework for evaluating quantum
randomness of real-life QRNGs by min-entropy, and apply it to two different
existing quantum random-number systems in the literature. Moreover, we provide
a guideline of QRNG data postprocessing for which we implement two
information-theoretically provable randomness extractors: Toeplitz-hashing
extractor and Trevisan's extractor.Comment: 13 pages, 2 figure
- …