1,122 research outputs found
Error Free Perfect Secrecy Systems
Shannon's fundamental bound for perfect secrecy says that the entropy of the
secret message cannot be larger than the entropy of the secret key initially
shared by the sender and the legitimate receiver. Massey gave an information
theoretic proof of this result, however this proof does not require
independence of the key and ciphertext. By further assuming independence, we
obtain a tighter lower bound, namely that the key entropy is not less than the
logarithm of the message sample size in any cipher achieving perfect secrecy,
even if the source distribution is fixed. The same bound also applies to the
entropy of the ciphertext. The bounds still hold if the secret message has been
compressed before encryption.
This paper also illustrates that the lower bound only gives the minimum size
of the pre-shared secret key. When a cipher system is used multiple times, this
is no longer a reasonable measure for the portion of key consumed in each
round. Instead, this paper proposes and justifies a new measure for key
consumption rate. The existence of a fundamental tradeoff between the expected
key consumption and the number of channel uses for conveying a ciphertext is
shown. Optimal and nearly optimal secure codes are designed.Comment: Submitted to the IEEE Trans. Info. Theor
Re-visiting the One-Time Pad
In 1949, Shannon proved the perfect secrecy of the Vernam cryptographic
system,also popularly known as the One-Time Pad (OTP). Since then, it has been
believed that the perfectly random and uncompressible OTP which is transmitted
needs to have a length equal to the message length for this result to be true.
In this paper, we prove that the length of the transmitted OTP which actually
contains useful information need not be compromised and could be less than the
message length without sacrificing perfect secrecy. We also provide a new
interpretation for the OTP encryption by treating the message bits as making
True/False statements about the pad, which we define as a private-object. We
introduce the paradigm of private-object cryptography where messages are
transmitted by verifying statements about a secret-object. We conclude by
suggesting the use of Formal Axiomatic Systems for investing N bits of secret.Comment: 13 pages, 3 figures, submitted for publication to IndoCrypt 2005
conferenc
Hiding Symbols and Functions: New Metrics and Constructions for Information-Theoretic Security
We present information-theoretic definitions and results for analyzing
symmetric-key encryption schemes beyond the perfect secrecy regime, i.e. when
perfect secrecy is not attained. We adopt two lines of analysis, one based on
lossless source coding, and another akin to rate-distortion theory. We start by
presenting a new information-theoretic metric for security, called symbol
secrecy, and derive associated fundamental bounds. We then introduce
list-source codes (LSCs), which are a general framework for mapping a key
length (entropy) to a list size that an eavesdropper has to resolve in order to
recover a secret message. We provide explicit constructions of LSCs, and
demonstrate that, when the source is uniformly distributed, the highest level
of symbol secrecy for a fixed key length can be achieved through a construction
based on minimum-distance separable (MDS) codes. Using an analysis related to
rate-distortion theory, we then show how symbol secrecy can be used to
determine the probability that an eavesdropper correctly reconstructs functions
of the original plaintext. We illustrate how these bounds can be applied to
characterize security properties of symmetric-key encryption schemes, and, in
particular, extend security claims based on symbol secrecy to a functional
setting.Comment: Submitted to IEEE Transactions on Information Theor
- …