Randomness in Cryptography January 24 , 2013 Lecture 3 : Privacy and Weak Sources
نویسنده
چکیده
Let’s quickly review some results from previous lectures. Definition 1 Let (Enc,Dec) denote an encryption scheme where Enc : {0, 1}m×{0, 1}n → {0, 1}λ and Dec : {0, 1}m × {0, 1}λ → {0, 1}n are functions. A correct encryption scheme satisfies ∀r, x Decr(Encr(x)) = x. Let R and X denote distributions on r and x respectively. (Enc,Dec) is said to be (k, ε)-secure if it is (R, ε)-secure for every k-source R; i.e. H∞(R) ≥ k. Clearly, ε = 0 means perfect security on k-sources. ♦
منابع مشابه
Randomness in Cryptography January 31 , 2013 Lecture 4 : Introduction to Differential Privacy
Given a database containing confidential information, we would like to allow learning of statistical information about the contents of database without violating the privacy of any of its individual entries. The traditional notion of privacy is not suitable, because it only allows negligible information to be revealed from the database. Therefore a new notion of privacy is needed to allow a bet...
متن کاملRandomness in Cryptography January 21 , 2013 Lecture 7 : Privacy ⇒ Extraction Continued
These steps will be useful when we consider other privacy primitives. We can use this proof as a blueprint with other primitives, as long as they have similar properties we can use in the security and correctness steps. The main question we will answer today is: to what extent can we generalize this result from encryption to other privacy primitives? We will also explore the limits of this proo...
متن کاملRandomness in Cryptography January 10 , 2013 Lecture 1 : One - Time MACs , ( XOR ) Universal hashing , Weak Keys
In today’s lecture we study one-time message authentication codes (MACs) which are secure in an information-theoretic sense. We will see that, compared to informationtheoretically secure encryption, significantly better parameters can be achieved. We will also study such MACs in the setting of imperfect randomness, i.e. when the secret key is not drawn from the uniform distribution but rather i...
متن کاملSecrecy Without Perfect Randomness: Cryptography with (Bounded) Weak Sources
Cryptographic protocols are commonly designed and their security proven under the assumption that the protocol parties have access to perfect (uniform) randomness. Physical randomness sources deployed in practical implementations of these protocols often fall short in meeting this assumption, but instead provide only a steady stream of bits with certain high entropy. Trying to ground cryptograp...
متن کاملLecture 5 : SV - robust Mechanisms and Bias - Control - Limited Source
We have seen that additive noise technique is not (SV (γ), ε)-DP. So, the question that we explore in todays class is whether differential privacy (DP) is achievable with SV sources. Interestingly, we give a differential private mechanism for approximate arbitrary “low sensitive” functions that works even with randomness coming from SV source, for any γ < 1. We conclude todays lecture with some...
متن کامل