A Better Chain Rule for HILL Pseudoentropy - Beyond Bounded Leakage

  • Maciej SkórskiEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10015)


Chain rules are inequalities used to estimate by how much entropy decreases when conditioning on some extra knowledge. Their popular application is to argue about security, by proving that the entropy of a secret remains sufficiently high even in the presence of leakage. We provide a chain rule for HILL/Metric conditional pseudoentropy (applicable for leakage-resilient cryptography), with the following new features:
  1. (a)

    Better quality loss - when conditioning on already conditioned distribution, the loss due to the “internal” conditional part is additive, not multiplicative as conjectured in folklore,

  2. (b)

    Better quantity loss - the leakage length is replaced by the effective leakage length which equals the “pseudoentropy gap” of the leakage conditioned on the secret,

  3. (c)

    Flexible quality loss - the loss can be continuously traded between both computational resources: time and advantage.


The relevance of these results is as follows: (a) is a result complementary to recent negative results (TCC’13) on the chain rule for HILL pseudoentropy - it explains that an efficient chain rule for HILL pseudoentropy is possible under certain conditions. With (b) we can extend some leakage resilient constructions, beyond the bounded leakage model, to capture noisy leakages (studied extensively in recent EUROCRYPT papers); interestingly, we show that the new chain rule can handle specific noisy leakages better than the noisy-leakage framework. Finally using (c) we can unify all previous results and techniques about pseudoentropy chain rules.


Chain Rule Quality Loss Stream Cipher Pseudorandom Generator Provable Security 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Barak, B., Shaltiel, R., Wigderson, A.: Computational analogues of entropy. In: Arora, S., Jansen, K., Rolim, J.D.P., Sahai, A. (eds.) APPROX/RANDOM 2003. LNCS, vol. 2764, pp. 200–215. Springer, Heidelberg (2003)Google Scholar
  2. 2.
    Chung, K.-M., Kalai, Y.T., Liu, F.-H., Raz, R.: Memory delegation. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 151–168. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  3. 3.
    Dodis, Y., Ostrovsky, R., Reyzin, L., Smith, A.: Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. SIAM J. Comput. 38(1), 97–139 (2008)MathSciNetCrossRefzbMATHGoogle Scholar
  4. 4.
    Dodis, Y., Pietrzak, K., Wichs, D.: Key derivation without entropy waste. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 93–110. Springer, Heidelberg (2014)CrossRefGoogle Scholar
  5. 5.
    Dodis, Y., Yu, Y.: Overcoming weak expectations. In: Sahai, A. (ed.) TCC 2013. LNCS, vol. 7785, pp. 1–22. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  6. 6.
    Duc, A., Dziembowski, S., Faust, S.: Unifying leakage models: from probing attacks to noisy leakage. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 423–440. Springer, Heidelberg (2014). doi: 10.1007/978-3-642-55220-5_24 CrossRefGoogle Scholar
  7. 7.
    Dziembowski, S., Faust, S., Skorski, M.: Noisy leakage revisited. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 159–188. Springer, Heidelberg (2015). doi: 10.1007/978-3-662-46803-6_6 Google Scholar
  8. 8.
    Dziembowski, S., Faust, S., Skórski, M.: Optimal amplification of noisy leakages. In: Kushilevitz, E., Malkin, T. (eds.) TCC 2016. LNCS, vol. 9563, pp. 291–318. Springer, Heidelberg (2016). doi: 10.1007/978-3-662-49099-0_11 CrossRefGoogle Scholar
  9. 9.
    Dziembowski, S., Pietrzak, K.: Leakage-resilient cryptography. In: Proceedings of the 2008 49th Annual IEEE Symposium on Foundations of Computer Science, FOCS 2008, pp. 293–302. IEEE Computer Society, Washington, DC, USA (2008)Google Scholar
  10. 10.
    Faust, S., Pietrzak, K., Schipper, J.: Practical leakage-resilient symmetric cryptography. In: Prouff, E., Schaumont, P. (eds.) CHES 2012. LNCS, vol. 7428, pp. 213–232. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-33027-8_13 CrossRefGoogle Scholar
  11. 11.
    Fuller, B., O’Neill, A., Reyzin, L.: A unified approach to deterministic encryption: new constructions and a connection to computational entropy. In: Cramer, R. (ed.) TCC 2012. LNCS, vol. 7194, pp. 582–599. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-28914-9_33 CrossRefGoogle Scholar
  12. 12.
    Fuller, B., Reyzin, L.: Computational entropy and information leakage. Cryptology ePrint Archive, Report 2012/466 (2012).
  13. 13.
    Hastad, J., Impagliazzo, R., Levin, L.A., Luby, M.: A pseudorandom generator from any one-way function. SIAM J. Comput. 28(4), 1364–1396 (1999)MathSciNetCrossRefzbMATHGoogle Scholar
  14. 14.
    Hsiao, C.-Y., Lu, C.-J., Reyzin, L.: Conditional computational entropy, or toward separating pseudoentropy from compressibility. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 169–186. Springer, Heidelberg (2007). doi: 10.1007/978-3-540-72540-4_10 CrossRefGoogle Scholar
  15. 15.
    Jetchev, D., Pietrzak, K.: How to fake auxiliary input. In: Sahai, A. (ed.) TCC 2014. LNCS, vol. 8349, pp. 566–590. Springer, Heidelberg (2014)CrossRefGoogle Scholar
  16. 16.
    Krenn, S., Pietrzak, K., Wadia, A.: A counterexample to the chain rule for conditional HILL entropy. In: Sahai, A. (ed.) TCC 2013. LNCS, vol. 7785, pp. 23–39. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  17. 17.
    George, M., Michael, L.: Pseudorandomness and Cryptographic Applications. Princeton University Press, Princeton (1994)Google Scholar
  18. 18.
    Pietrzak, K.: A leakage-resilient mode of operation. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 462–482. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  19. 19.
    Pietrzak, K., Skórski, M.: The chain rule for HILL pseudoentropy, revisited. In: Lauter, K., Rodríguez-Henríquez, F. (eds.) LATINCRYPT 2015. LNCS, vol. 9230, pp. 81–98. Springer, Heidelberg (2015). doi: 10.1007/978-3-319-22174-8_5 CrossRefGoogle Scholar
  20. 20.
    Prouff, E., Rivain, M.: Masking against side-channel attacks: a formal security proof. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 142–159. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-38348-9_9 CrossRefGoogle Scholar
  21. 21.
    Reingold, O., Trevisan, L., Tulsiani, M., Vadhan, S.: Dense subsets of pseudorandom sets. In: Proceedings of the 2008 49th Annual IEEE Symposium on Foundations of Computer Science, FOCS 2008, pp. 76–85. IEEE Computer Society, Washington (2008)Google Scholar
  22. 22.
    Shaltiel, R.: An introduction to randomness extractors. In: Loeckx, J. (ed.) ICALP 2011. LNCS, vol. 14, pp. 21–41. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-22012-8_2 CrossRefGoogle Scholar
  23. 23.
    Skórski, M.: Modulus computational entropy. In: Lehmann, A., Wolf, S. (eds.) ICITS 2013. LNCS, vol. 9063, pp. 179–199. Springer, Heidelberg (2014)CrossRefGoogle Scholar
  24. 24.
    Skorski, M.: Metric pseudoentropy: characterizations, transformations and applications. In: Lehmann, A., Wolf, S. (eds.) ICITS 2015. LNCS, vol. 9063, pp. 105–122. Springer, Heidelberg (2015). doi: 10.1007/978-3-319-17470-9_7 Google Scholar
  25. 25.
    Skórski, M., Golovnev, A., Pietrzak, K.: Condensed unpredictability. In: Halldórsson, M.M., Iwama, K., Kobayashi, N., Speckmann, B. (eds.) ICALP 2015. LNCS, vol. 9134, pp. 1046–1057. Springer, Heidelberg (2015). doi: 10.1007/978-3-662-47672-7_85 Google Scholar
  26. 26.
    Vadhan, S., Zheng, C.J.: A uniform min-max theorem with applications in cryptography. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 93–110. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  27. 27.
    Yu, Y., Standaert, F.-X.: Practical leakage-resilient pseudorandom objects with minimum public randomness. In: Dawson, E. (ed.) CT-RSA 2013. LNCS, vol. 7779, pp. 223–238. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-36095-4_15 CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2016

Authors and Affiliations

  1. 1.University of WarsawWarsawPoland

Personalised recommendations