165 research outputs found
Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data
We provide formal definitions and efficient secure techniques for
- turning noisy information into keys usable for any cryptographic
application, and, in particular,
- reliably and securely authenticating biometric data.
Our techniques apply not just to biometric information, but to any keying
material that, unlike traditional cryptographic keys, is (1) not reproducible
precisely and (2) not distributed uniformly. We propose two primitives: a
"fuzzy extractor" reliably extracts nearly uniform randomness R from its input;
the extraction is error-tolerant in the sense that R will be the same even if
the input changes, as long as it remains reasonably close to the original.
Thus, R can be used as a key in a cryptographic application. A "secure sketch"
produces public information about its input w that does not reveal w, and yet
allows exact recovery of w given another value that is close to w. Thus, it can
be used to reliably reproduce error-prone biometric inputs without incurring
the security risk inherent in storing them.
We define the primitives to be both formally secure and versatile,
generalizing much prior work. In addition, we provide nearly optimal
constructions of both primitives for various measures of ``closeness'' of input
data, such as Hamming distance, edit distance, and set difference.Comment: 47 pp., 3 figures. Prelim. version in Eurocrypt 2004, Springer LNCS
3027, pp. 523-540. Differences from version 3: minor edits for grammar,
clarity, and typo
Recommended from our members
Are PCPs Inherent in Efficient Arguments?
Starting with Kilian (STOC ‘92), several works have shown how to use probabilistically checkable proofs (PCPs) and cryptographic primitives such as collision-resistant hashing to construct very efficient argument systems (a.k.a. computationally sound proofs), for example with polylogarithmic communication complexity. Ishai et al. (CCC ‘07) raised the question of whether PCPs are inherent in efficient arguments, and to what extent. We give evidence that they are, by showing how to convert any argument system whose soundness is reducible to the security of some cryptographic primitive into a PCP system whose efficiency is related to that of the argument system and the reduction (under certain complexity assumptions).Engineering and Applied Science
The Bounded Storage Model in The Presence of a Quantum Adversary
An extractor is a function E that is used to extract randomness. Given an
imperfect random source X and a uniform seed Y, the output E(X,Y) is close to
uniform. We study properties of such functions in the presence of prior quantum
information about X, with a particular focus on cryptographic applications. We
prove that certain extractors are suitable for key expansion in the bounded
storage model where the adversary has a limited amount of quantum memory. For
extractors with one-bit output we show that the extracted bit is essentially
equally secure as in the case where the adversary has classical resources. We
prove the security of certain constructions that output multiple bits in the
bounded storage model.Comment: 13 pages Latex, v3: discussion of independent randomizers adde
A PCP Characterization of AM
We introduce a 2-round stochastic constraint-satisfaction problem, and show
that its approximation version is complete for (the promise version of) the
complexity class AM. This gives a `PCP characterization' of AM analogous to the
PCP Theorem for NP. Similar characterizations have been given for higher levels
of the Polynomial Hierarchy, and for PSPACE; however, we suggest that the
result for AM might be of particular significance for attempts to derandomize
this class.
To test this notion, we pose some `Randomized Optimization Hypotheses'
related to our stochastic CSPs that (in light of our result) would imply
collapse results for AM. Unfortunately, the hypotheses appear over-strong, and
we present evidence against them. In the process we show that, if some language
in NP is hard-on-average against circuits of size 2^{Omega(n)}, then there
exist hard-on-average optimization problems of a particularly elegant form.
All our proofs use a powerful form of PCPs known as Probabilistically
Checkable Proofs of Proximity, and demonstrate their versatility. We also use
known results on randomness-efficient soundness- and hardness-amplification. In
particular, we make essential use of the Impagliazzo-Wigderson generator; our
analysis relies on a recent Chernoff-type theorem for expander walks.Comment: 18 page
Algorithmic and Statistical Perspectives on Large-Scale Data Analysis
In recent years, ideas from statistics and scientific computing have begun to
interact in increasingly sophisticated and fruitful ways with ideas from
computer science and the theory of algorithms to aid in the development of
improved worst-case algorithms that are useful for large-scale scientific and
Internet data analysis problems. In this chapter, I will describe two recent
examples---one having to do with selecting good columns or features from a (DNA
Single Nucleotide Polymorphism) data matrix, and the other having to do with
selecting good clusters or communities from a data graph (representing a social
or information network)---that drew on ideas from both areas and that may serve
as a model for exploiting complementary algorithmic and statistical
perspectives in order to solve applied large-scale data analysis problems.Comment: 33 pages. To appear in Uwe Naumann and Olaf Schenk, editors,
"Combinatorial Scientific Computing," Chapman and Hall/CRC Press, 201
Parallelism with limited nondeterminism
Computational complexity theory studies which computational problems can be solved with limited access to resources. The past fifty years have seen a focus on the relationship between intractable problems and efficient algorithms. However, the relationship between inherently sequential problems and highly parallel algorithms has not been as well studied. Are there efficient but inherently sequential problems that admit some relaxed form of highly parallel algorithm? In this dissertation, we develop the theory of structural complexity around this relationship for three common types of computational problems.
Specifically, we show tradeoffs between time, nondeterminism, and parallelizability. By clearly defining the notions and complexity classes that capture our intuition for parallelizable and sequential problems, we create a comprehensive framework for rigorously proving parallelizability and non-parallelizability of computational problems. This framework provides the means to prove whether otherwise tractable problems can be effectively parallelized, a need highlighted by the current growth of multiprocessor systems. The views adopted by this dissertation—alternate approaches to solving sequential problems using approximation, limited nondeterminism, and parameterization—can be applied practically throughout computer science
- …