Secret-Key Reconciliation by Public Discussion

  • Gilles Brassard
  • Louis Salvail
Conference paper

DOI: 10.1007/3-540-48285-7_35

Part of the Lecture Notes in Computer Science book series (LNCS, volume 765)
Cite this paper as:
Brassard G., Salvail L. (1994) Secret-Key Reconciliation by Public Discussion. In: Helleseth T. (eds) Advances in Cryptology — EUROCRYPT ’93. EUROCRYPT 1993. Lecture Notes in Computer Science, vol 765. Springer, Berlin, Heidelberg


Assuming that Alice and Bob use a secret noisy channel (modelled by a binary symmetric channel) to send a key, reconciliation is the process of correcting errors between Alice’s and Bob’s version of the key. This is done by public discussion, which leaks some information about the secret key to an eavesdropper. We show how to construct protocols that leak a minimum amount of information. However this construction cannot be implemented efficiently. If Alice and Bob are willing to reveal an arbitrarily small amount of additional information (beyond the minimum) then they can implement polynomial-time protocols. We also present a more efficient protocol, which leaks an amount of information acceptably close to the minimum possible for sufficiently reliable secret channels (those with probability of any symbol being transmitted incorrectly as large as 15%). This work improves on earlier reconciliation approaches [R, BBR, BBBSS].

Download to read the full conference paper text

Copyright information

© Springer-Verlag Berlin Heidelberg 1994

Authors and Affiliations

  • Gilles Brassard
    • 1
  • Louis Salvail
    • 1
  1. 1.Département IROUniversité de MontréalMontréalCanada

Personalised recommendations