Randomness in Cryptography January 10 , 2013 Lecture 1 : One - Time MACs , ( XOR ) Universal hashing , Weak Keys
نویسنده
چکیده
In today’s lecture we study one-time message authentication codes (MACs) which are secure in an information-theoretic sense. We will see that, compared to informationtheoretically secure encryption, significantly better parameters can be achieved. We will also study such MACs in the setting of imperfect randomness, i.e. when the secret key is not drawn from the uniform distribution but rather is only guaranteed to have some min-entropy.
منابع مشابه
Lecture 1 : One - Time MACs , ( XOR ) Universal hashing , Weak Keys
In today’s lecture we study one-time message authentication codes (MACs) which are secure in an information-theoretic sense. We will see that, compared to informationtheoretically secure encryption, significantly better parameters can be achieved. We will also study such MACs in the setting of imperfect randomness, i.e. when the secret key is not drawn from the uniform distribution but rather i...
متن کاملLower Bounds on Key Derivation for Square-Friendly Applications
Security of cryptographic applications is typically defined by security games. The adversary, within certain resources, cannot win with probability much better than 0 (for unpredictability applications, like one-way functions) or much better than 2 (indistinguishability applications for instance encryption schemes). In so called squared-friendly applications the winning probability of the adver...
متن کاملRandomness Extraction and Key Derivation Using the CBC, Cascade and HMAC Modes
We study the suitability of common pseudorandomness modes associated with cryptographic hash functions and block ciphers (CBCMAC, Cascade and HMAC) for the task of “randomness extraction”, namely, the derivation of keying material from semi-secret and/or semirandom sources. Important applications for such extractors include the derivation of strong cryptographic keys from non-uniform sources of...
متن کاملTwisted Polynomials and Forgery Attacks on GCM
Polynomial hashing as an instantiation of universal hashing is a widely employed method for the construction of MACs and authenticated encryption (AE) schemes, the ubiquitous GCM being a prominent example. It is also used in recent AE proposals within the CAESAR competition which aim at providing nonce misuse resistance, such as POET. The algebraic structure of polynomial hashing has given rise...
متن کاملA Security Real-time Privacy Amplification Scheme in QKD System
Quantum Key Distribution (QKD) technology, based on the laws of physics, can create unconditional security keys between communication parties. In recent years, researchers draw more and more attention to the QKD technology. Privacy amplification is a very significant procedure in QKD system. In this paper, we propose the real-time privacy amplification (RTPA) scheme which converts the weak secr...
متن کامل