Abstract
A chain rule for an entropy notion H(·) states that the entropy H(X) of a variable X decreases by at most ℓ if conditioned on an ℓ-bit string A, i.e., H(X|A) ≥ H(X) − ℓ. More generally, it satisfies a chain rule for conditional entropy if H(X|Y,A) ≥ H(X|Y) − ℓ.
All natural information theoretic entropy notions we are aware of (like Shannon or min-entropy) satisfy some kind of chain rule for conditional entropy. Moreover, many computational entropy notions (like Yao entropy, unpredictability entropy and several variants of HILL entropy) satisfy the chain rule for conditional entropy, though here not only the quantity decreases by ℓ, but also the quality of the entropy decreases exponentially in ℓ. However, for the standard notion of conditional HILL entropy (the computational equivalent of min-entropy) the existence of such a rule was unknown so far.
In this paper, we prove that for conditional HILL entropy no meaningful chain rule exists, assuming the existence of one-way permutations: there exist distributions X,Y,A, where A is a distribution over a single bit, but HHILL(X|Y)≫ HHILL(X|Y,A), even if we simultaneously allow for a massive degradation in the quality of the entropy.
The idea underlying our construction is based on a surprising connection between the chain rule for HILL entropy and deniable encryption.
This work was partly funded by the European Research Council under an ERC Starting Grant (259668-PSPC).
Chapter PDF
Similar content being viewed by others
References
Barak, B., Shaltiel, R., Wigderson, A.: Computational Analogues of Entropy. In: Arora, S., Jansen, K., Rolim, J.D.P., Sahai, A. (eds.) RANDOM 2003 and APPROX 2003. LNCS, vol. 2764, pp. 200–215. Springer, Heidelberg (2003)
Bendlin, R., Nielsen, J.B., Nordholt, P.S., Orlandi, C.: Lower and Upper Bounds for Deniable Public-Key Encryption. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 125–142. Springer, Heidelberg (2011)
Canetti, R., Dwork, C., Naor, M., Ostrovsky, R.: Deniable Encryption. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 90–104. Springer, Heidelberg (1997)
Chung, K.-M., Kalai, Y.T., Liu, F.-H., Raz, R.: Memory Delegation. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 151–168. Springer, Heidelberg (2011)
Dodis, Y., Ostrovsky, R., Reyzin, L., Smith, A.: Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data. SIAM Journal on Computing 38(1), 97–139 (2008)
Dürmuth, M., Freeman, D.M.: Deniable Encryption with Negligible Detection Probability: An Interactive Construction. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 610–626. Springer, Heidelberg (2011), Full version including a description of the flaw available at http://eprint.iacr.org/2011/066.pdf
Dziembowski, S., Pietrzak, K.: Leakage-Resilient Cryptography. In: FOCS 2008, pp. 293–302. IEEE Computer Society (2008)
Fuller, B., O’Neill, A., Reyzin, L.: A Unified Approach to Deterministic Encryption: New Constructions and a Connection to Computational Entropy. In: Cramer, R. (ed.) TCC 2012. LNCS, vol. 7194, pp. 582–599. Springer, Heidelberg (2012)
Fuller, B., Reyzin, L.: Computational Entropy and Information Leakage. Cryptology ePrint Archive, Report 2012/466 (2012), http://eprint.iacr.org/
Gentry, C., Wichs, D.: Separating Succinct Non-Interactive Arguments from All Falsifiable Assumptions. In: STOC 2011, pp. 99–108 (2011)
Goldreich, O.: Foundations of Cryptography: Basic Tools. Cambridge University Press, New York (2000)
Goldreich, O., Levin, L.A.: A Hard-Core Predicate for all One-Way Functions. In: Johnson, D.S. (ed.) STOC 1989, pp. 25–32. ACM (1989)
Håstad, J., Impagliazzo, R., Levin, L.A., Luby, M.: A Pseudorandom Generator from any One-way Function. SIAM Journal on Computing 28(4), 1364–1396 (1999)
Hsiao, C.-Y., Lu, C.-J., Reyzin, L.: Conditional Computational Entropy, or Toward Separating Pseudoentropy from Compressibility. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 169–186. Springer, Heidelberg (2007)
Reingold, O., Trevisan, L., Tulsiani, M., Vadhan, S.P.: Dense Subsets of Pseudorandom Sets. In: FOCS 2008, pp. 76–85. IEEE Computer Society (2008)
Reyzin, L.: Some Notions of Entropy for Cryptography. In: Fehr, S. (ed.) ICITS 2011. LNCS, vol. 6673, pp. 138–142. Springer, Heidelberg (2011)
Shoup, V.: A Computational Introduction to Number Theory and Algebra. Cambridge Press (2009)
Trevisan, L.: Cryptography. Lecture Notes from CS 276 (2009)
Wee, H.M.: One-Way Permutations, Interactive Hashing and Statistically Hiding Commitments. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 419–433. Springer, Heidelberg (2007)
Yao, A.C.: Theory and Applications of Trapdoor Functions (Extended Abstract). In: FOCS 1982, pp. 80–91. IEEE Computer Society (1982)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 International Association for Cryptologic Research
About this paper
Cite this paper
Krenn, S., Pietrzak, K., Wadia, A. (2013). A Counterexample to the Chain Rule for Conditional HILL Entropy. In: Sahai, A. (eds) Theory of Cryptography. TCC 2013. Lecture Notes in Computer Science, vol 7785. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-36594-2_2
Download citation
DOI: https://doi.org/10.1007/978-3-642-36594-2_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-36593-5
Online ISBN: 978-3-642-36594-2
eBook Packages: Computer ScienceComputer Science (R0)