Abstract
We propose a modular construction of a semantically secure wiretap code that achieves secrecy capacity for a large class of wiretap channels. Security of the construction is proved by interpreting the construction as an instance of an invertible extractor, and use the framework in Bellare et al. [1] to complete the proof. The construction has computation for encoding and decoding equivalent to hashing, and the smallest effective transmission rate among known modular capacity achieving constructions. We also give a modular construction of invertible Universal Hash Functions (UHF) from an XOR Universal Hash Functions that is of independent interest.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
The paper [17] constructs an optimal letter splitting function using a greedy algorithm.
References
Bellare M, Tessaro S, Vardy A (2012) Semantic security for the wiretap channel. In: Advances in cryptology (CRYPTO 2012). Springer, Berlin, Heidelberg, pp 294–311
Wyner AD (1975) The wire-tap channel. Bell Syst Tech J 54(8):1355–1387
Csiszár I, Körner J (1978) Broadcast channels with confidential messages. IEEE Trans Inf Theory 24(3):339348
Maurer U (1994) The strong secret key rate of discrete random triples. In: Blahut RE (ed) Communication and cryptography—two sides of one tapestry. Kluwer, Dordrecht, pp 271–285
Goldwasser S, Micali S (1984) Probabilistic encryption. J Comput Syst Sci, 28(2):270–299
Mahdavifar H, Vardy A (2010) Achieving the secrecy capacity of wiretap channels using polar codes. In: Proceedings of the 2010 IEEE international symposium on information theory (ISIT 2010). IEEE, pp 913–917
Hayashi M, Matsumoto R (2010) Construction of wiretap codes from ordinary channel codes. In: Proceedings of the 2010 IEEE international symposium on information theory (ISIT 2010). IEEE, pp 2538–2542
Himanshu Tyagi and Alexander Vardy. “Semantically-secure Coding scheme achieving the capacity of a Gaussian wiretap channel”. arXiv:1412.4958v2 [cs.IT]
Cramer R, Damgard IB, Döttling N, Fehr S, Spini G (2015) Linear secret sharing schemes from error correcting codes and universal hash functions. In: Eurocrypt 2015, Part II. LNCS, vol 9057, pp 313–336
Bellare M, Tessaro S, Vardy A (2012) A cryptographic treatment of the wiretap channel. arXiv preprint arXiv:1201.2205
Dodis Y, Ostrovsky R, Reyzin L, Smith A (2008) Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. SIAM J Comput 38(1):97–139
Holenstein T, Renner R (2011) On the randomness of independent experiments. IEEE Trans Inf Theory 57(4):1865–1871
Nisan N, Zuckerman D (1996) Randomness is linear in space. J Comput Syst Sci 52(1):43–52
Impagliazzo R, Levin LA, Luby M (1989) Pseudo-random generation from one-way functions. In: Proceedings of the twenty-first annual ACM symposium on Theory of computing. ACM
Cheraghchi M, Didier F, Shokrollahi A (2012) Invertible extractors and wiretap protocols. IEEE Trans Inf Theory 58(2):1254–1274
Bellare M, Tessaro S (2012) Polynomial-time, semantically-secure encryption achieving the secrecy capacity. arxiv.org/abs/1201.3160 and Cryptology Eprint Archive Report 2012/022
Tal I, Vardy A (2013) Channel upgrading for semantically-secure encryption on wiretap channels. In: 2013 IEEE International Symposium on Information Theory Proceedings (ISIT). IEEE
Acknowledgements
This work in part is supported by Natural Sciences and Engineering Research Council of Canada.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Appendix
Appendix
1.1 Proof of Lemma 4
Proof
According to Lemma 3, we only need to show that \(\{{h}_\mathbf {s}|\mathbf {s}\in {\mathcal {S}}\}\) is XOR-Universal, which is easily verified.
-
When \({r}\ge {b}\), \({h}_\mathbf {s}({\mathbf {x}})\oplus {h}_\mathbf {s}({\mathbf {x}}^{'})=\mathbf {a}\) if and only if there exists an \(\mathbf {e}\in \{0,1\}^{{r}-{b}}\) satisfying \(s\odot ({\mathbf {x}}\oplus {\mathbf {x}}^{'})=(\mathbf {a}||\mathbf {e})\). Since we assume \({\mathbf {x}}\ne {\mathbf {x}}^{'}\), \(\mathbf {s}=(\mathbf {a}||\mathbf {e})\odot ({\mathbf {x}}\oplus {\mathbf {x}}^{'})^{-1}\) is uniquely determined by the right hand side. The number of s satisfying \({h}_\mathbf {s}({\mathbf {x}})\oplus {h}_\mathbf {s}({\mathbf {x}}^{'})=\mathbf {a}\) is exactly the number of \(\mathbf {e}\in \{0,1\}^{{r}-{b}}\), which is \(2^{{r}-{b}}\). The total number of seeds \(|{\mathcal {S}}|\) in this case is \(2^{r}\). Hence \(\text {Pr}[{h}_\mathbf {s}({\mathbf {x}})\oplus {h}_\mathbf {s}({\mathbf {x}}^{'})=\mathbf {a}]\le \frac{1}{2^{b}}\) for any \({\mathbf {x}}\ne {\mathbf {x}}^{'}\in {\mathcal {X}}\) and \(\mathbf {a}\in {\mathcal {Y}}\).
-
When \({r}< {b}\), \({h}_\mathbf {s}({\mathbf {x}})\oplus {h}_\mathbf {s}({\mathbf {x}}^{'})=\mathbf {a}\) if and only if \(s\odot ({\mathbf {x}}\oplus {\mathbf {x}}^{'}||0^{{b}-{r}})=\mathbf {a}\). Since we assume \({\mathbf {x}}\ne {\mathbf {x}}^{'}\), \(\mathbf {s}=\mathbf {a}\odot ({\mathbf {x}}\oplus {\mathbf {x}}^{'}||0^{{b}-{r}})^{-1}\) is uniquely determined by the right hand side. The number of s satisfying \({h}_\mathbf {s}({\mathbf {x}})\oplus {h}_\mathbf {s}({\mathbf {x}}^{'})=\mathbf {a}\) is exactly 1. The total number of seeds \(|{\mathcal {S}}|\) in this case is \(2^{b}\). Hence \(\text {Pr}[{h}_\mathbf {s}({\mathbf {x}})\oplus {h}_\mathbf {s}({\mathbf {x}}^{'})=\mathbf {a}]\le \frac{1}{2^{b}}\) for any \({\mathbf {x}}\ne {\mathbf {x}}^{'}\in {\mathcal {X}}\) and \(\mathbf {a}\in {\mathcal {Y}}\).
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this paper
Cite this paper
Sharifian, S., Lin, F., Safavi-Naini, R. (2018). Hash-then-Encode: A Modular Semantically Secure Wiretap Code. In: Baldi, M., Quaglia, E., Tomasin, S. (eds) Proceedings of the 2nd Workshop on Communication Security. WCS 2017. Lecture Notes in Electrical Engineering, vol 447. Springer, Cham. https://doi.org/10.1007/978-3-319-59265-7_4
Download citation
DOI: https://doi.org/10.1007/978-3-319-59265-7_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-59264-0
Online ISBN: 978-3-319-59265-7
eBook Packages: EngineeringEngineering (R0)