Towards an information-theoretically safe cryptographic protocol

نویسنده

  • Pedro Fortuny Ayuso
چکیده

We introduce what –if some kind of group action exists– is a truly (information-theoretically) safe cryptographic communication system: a protocol which provides zero information to any passive adversary having full access to the channel. 1. The false algorithm, simple version Assume Alice wants to share a secret s, which we assume for simplicity is a non-zero rational number s = p/q ∈ Q⋆. For example, s could be the key of a symmetric key protocol, a password or even a complete message such as a pair of coordinates in a map or a time. Alice picks another random rational t and calls v = (s, t) to the corresponding point in Q. She chooses a random transformation A ∈ GL2(Q) in the linear group of Q and computes v1 = v · A. Alice sends v1 to Bob. Bob picks another random transformation B ∈ GL2(Q) and computes v2 = v1 ·B, and sends v2 back to Alice. Notice that v1 gives no information to Bob or an eavesdropper (Eve) about s, because t is random and v1 can be any point in Q, depending on t and A, which are both unknown to both Bob and Eve. For a similar reason, the knowledge of v1 and v2 gives no useful information about B. Alice now computes v3 = v2 · A −1 and sends v3 back to Bob. Again, the knowledge of v1, v2 and v3 is useless in order to retrieve the original v. Finally, Bob computes v4 = v3 · B . If only v4 = v...! 2. The protocol “would be” safe Let us assume the above algorithm ends up with v4 = v and let us prove its safeness under this condition. Theorem 1. The above method of communication is information-theoretically safe, assuming v, A and B (and their inverses, obviously) are kept secret. That is, the knowledge of the whole communication gives no information on the message. Proof. We only need to show that an eavesdropper which knows all the communication has no clue about what s may be. In other words, it is Date: March 24, 2006. This assumption might be relaxed, using an infinite set is for exposition reasons, see section 3.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Safe enclosures: towards cryptographic techniques for server protection

Cryptography is generally used to protect sensitive data from an untrusted server. In this paper, we investigate the converse question: can we use cryptography to protect a trusted server from untrusted data? As a first step in this direction, we propose the notion of safe enclosures. Intuitively, a safe enclosure is a cryptographic primitive that encapsulates data in a way that allows to perfo...

متن کامل

Physical key-protected one-time pad

We describe an encrypted communication principle that forms a secure link between two parties without electronically saving either of their keys. Instead, random cryptographic bits are kept safe within the unique mesoscopic randomness of two volumetric scattering materials. We demonstrate how a shared set of patterned optical probes can generate 10 gigabits of statistically verified randomness ...

متن کامل

Towards a Mechanization of Cryptographic Protocal Verification

We revisit the approach deened in 2] for the formal veriication of cryptographic protocols so as to allow for some mechanization in the veriication process. In the original approach veriication uses theorem proving. Here we show that for a wide range of practical situations and properties it is possible to perform the veriication on a nite and safe abstract model.

متن کامل

A Virtual Wiretap Channel for Secure Message Transmission

In the Wyner wiretap channel a sender is connected to a receiver and an eavesdropper through two noisy channels. It has been shown that if the noise in the eavesdropper channel is higher than the receiver’s channel, information theoretically secure communication from Alice to Bob, without requiring a shared key, is possible. The approach is particularly attractive noting the rise of quantum com...

متن کامل

A New Ring-Based SPHF and PAKE Protocol On Ideal Lattices

emph{ Smooth Projective Hash Functions } ( SPHFs ) as a specific pattern of zero knowledge proof system are fundamental tools to build many efficient cryptographic schemes and protocols. As an application of SPHFs, emph { Password - Based Authenticated Key Exchange } ( PAKE ) protocol is well-studied area in the last few years. In 2009, Katz and Vaikuntanathan described the first lattice-based ...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • CoRR

دوره abs/cs/0603107  شماره 

صفحات  -

تاریخ انتشار 2006