Trade-Offs in Information-Theoretic Multi-party One-Way Key Agreement

  • Renato Renner
  • Stefan Wolf
  • Jürg Wullschleger
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4883)


We consider the following scenario involving three honest parties, Alice, Bob, and Carol, as well as an adversary, Eve. Each party has access to a single piece of information, jointly distributed according to some distribution P. Additionally, authentic public communication is possible from Alice to Carol and from Bob to Carol. Their goal is to establish two information-theoretically secret keys, one known to Alice and Carol, and one known to Bob and Carol. We derive joint bounds on the lengths of these keys. Our protocols combine distributed variants of Slepian-Wolf coding and the leftover hash lemma. The obtained bounds are expressed in terms of smooth Rényi entropies and show that these quantities are useful in this—single-serving—context as well.


IEEE Transaction Shannon Entropy Secrecy Capacity Honest Party Decode Error 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [AC93]
    Ahlswede, R., Csiszár, I.: Common randomness in information theory and cryptography – part I: Secret sharing. IEEE Transactions on Information Theory 39(4), 1121–1132 (1993)zbMATHCrossRefGoogle Scholar
  2. [BBCM95]
    Bennett, C.H., Brassard, G., Crépeau, C., Maurer, U.: Generalized privacy amplification. IEEE Transactions on Information Theory 41(6), 1915–1923 (1995)zbMATHCrossRefGoogle Scholar
  3. [BBR88]
    Bennett, C.H., Brassard, G., Robert, J.-M.: Privacy amplification by public discussion. SIAM Journal on Computing 17(2), 210–229 (1988)CrossRefMathSciNetGoogle Scholar
  4. [BS94]
    Brassard, G., Salvail, L.: Secret-key reconciliation by public discussion. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 410–423. Springer, Heidelberg (1994)Google Scholar
  5. [Cac97]
    Cachin, C.: Entropy Measures and Unconditional Security in Cryptography. PhD thesis, ETH Zurich, Switzerland (1997)Google Scholar
  6. [CK78]
    Csiszár, I., Körner, J.: Broadcast channels with confidential messages. IEEE Transactions on Information Theory 24, 339–348 (1978)zbMATHCrossRefGoogle Scholar
  7. [CN04]
    Csiszár, I., Narayan, P.: Secrecy capacities for multiple terminals. IEEE Transactions on Information Theory 50(12), 3047–3061 (2004)CrossRefGoogle Scholar
  8. [Cov75]
    Cover, T.: A proof of the data compression theorem of Slepian and Wolf for ergodic sources. IEEE Transactions on Information Theory 21, 226–228 (1975)zbMATHCrossRefMathSciNetGoogle Scholar
  9. [CW79]
    Carter, J.L., Wegman, M.N.: Universal classes of hash functions. Journal of Computer and System Sciences 18, 143–154 (1979)zbMATHCrossRefMathSciNetGoogle Scholar
  10. [DRS04]
    Dodis, Y., Reyzin, L., Smith, A.: Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 523–540. Springer, Heidelberg (2004)Google Scholar
  11. [ILL89]
    Impagliazzo, R., Levin, L.A., Luby, M.: Pseudo-random generation from one-way functions. In: Proceedings of the 21st Annual ACM Symposium on Theory of Computing (STOC 1989), pp. 12–24. ACM Press, New York (1989)CrossRefGoogle Scholar
  12. [Mau93]
    Maurer, U.: Secret key agreement by public discussion. IEEE Transaction on Information Theory 39(3), 733–742 (1993)zbMATHCrossRefMathSciNetGoogle Scholar
  13. [MKM03]
    Muramatsu, J., Koga, H., Mukouchi, T.: On the problem of generating mutually independent random sequences. IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences 86(5), 1275–1284 (2003)Google Scholar
  14. [MW97]
    Maurer, U., Wolf, S.: Privacy amplification secure against active adversaries. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 307–321. Springer, Heidelberg (1997)Google Scholar
  15. [Ren05]
    Renner, R.: Security of Quantum Key Distribution. PhD thesis, ETH Zurich, Switzerland (2005),
  16. [RW05]
    Renner, R., Wolf, S.: Simple and tight bounds for information reconciliation and privacy amplification. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 199–216. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  17. [RWW06]
    Renner, R., Wolf, S., Wullschleger, J.: The single-serving channel capacity. In: Proceedings of the IEEE International Symposium on Information Theory, ISIT 2006 (2006)Google Scholar
  18. [Sha48]
    Shannon, C.E.: A mathematical theory of communication. Bell System Tech. Journal 27, 379–423, 623–656 (1948)zbMATHMathSciNetGoogle Scholar
  19. [SW73]
    Slepian, D., Wolf, J.K.: Noiseless coding of correlated information sources. IEEE Transactions on Information Theory IT-19, 471–480 (1973)zbMATHCrossRefMathSciNetGoogle Scholar
  20. [Wul07]
    Wullschleger, J.: Oblivious-transfer amplification. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 555–572. Springer, Heidelberg (2007)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Renato Renner
    • 1
  • Stefan Wolf
    • 2
  • Jürg Wullschleger
    • 2
  1. 1.Centre for Quantum ComputationUniversity of CambridgeUK
  2. 2.Computer Science DepartmentETH ZürichSwitzerland

Personalised recommendations