TCC 2016: Theory of Cryptography pp 393-417

# Optimal Computational Split-state Non-malleable Codes

• Divesh Aggarwal
• Shashank Agrawal
• Divya Gupta
• Hemanta K. Maji
• Omkant Pandey
• Manoj Prabhakaran
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9563)

## Abstract

Non-malleable codes are a generalization of classical error-correcting codes where the act of “corrupting” a codeword is replaced by a “tampering” adversary. Non-malleable codes guarantee that the message contained in the tampered codeword is either the original message m, or a completely unrelated one. In the common split-state model, the codeword consists of multiple blocks (or states) and each block is tampered with independently.

The central goal in the split-state model is to construct high rate non-malleable codes against all functions with only two states (which are necessary). Following a series of long and impressive line of work, constant rate, two-state, non-malleable codes against all functions were recently achieved by Aggarwal et al. [2]. Though constant, the rate of all known constructions in the split state model is very far from optimal (even with more than two states).

In this work, we consider the question of improving the rate of split-state non-malleable codes. In the “information theoretic” setting, it is not possible to go beyond rate 1/2. We therefore focus on the standard computational setting. In this setting, each tampering function is required to be efficiently computable, and the message in the tampered codeword is required to be either the original message m or a “computationally” independent one.

In this setting, assuming only the existence of one-way functions, we present a compiler which converts any poor rate, two-state, (sufficiently strong) non-malleable code into a rate-1, two-state, computational non-malleable code. These parameters are asymptotically optimal. Furthermore, for the qualitative optimality of our result, we generalize the result of Cheraghchi and Guruswami [10] to show that the existence of one-way functions is necessary to achieve rate $$>1/2$$ for such codes.

Our compiler requires a stronger form of non-malleability, called augmented non-malleability. This notion requires a stronger simulation guarantee for non-malleable codes and simplifies their modular usage in cryptographic settings where composition occurs. Unfortunately, this form of non-malleability is neither straightforward nor generally guaranteed by known results. Nevertheless, we prove this stronger form of non-malleability for the two-state construction of Aggarwal et al. [3]. This result is of independent interest.

## Keywords

Non-malleable codes Split-state Explicit construction Computational setting One-way functions Pseudorandom generators Authenticated encryption schemes Rate 1

## References

1. 1.
Aggarwal, D.: Affine-evasive sets modulo a prime. Inf. Process. Lett. 115(2), 382–385 (2015). http://dx.doi.org/10.1016/j.ipl.2014.10.015
2. 2.
Aggarwal, D., Dodis, Y., Kazana, T., Obremski, M.: Non-malleable reductions and applications. In: Servedio, R.A., Rubinfeld, R. (eds.) Proceedings of the Forty-Seventh Annual ACM on Symposium on Theory of Computing, STOC 2015, Portland, OR, USA, 14–17 June 2015, pp. 459–468. ACM (2015). http://doi.acm.org/10.1145/2746539.2746544
3. 3.
Aggarwal, D., Dodis, Y., Lovett, S.: Non-malleable codes from additive combinatorics. In: STOC, pp. 774–783 (2014)Google Scholar
4. 4.
Agrawal, S., Gupta, D., Maji, H.K., Pandey, O., Prabhakaran, M.: Explicit non-malleable codes against bit-wise tampering and permutations. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015, Part I. LNCS, vol. 9215, pp. 538–557. Springer, Heidelberg (2015)
5. 5.
Agrawal, S., Gupta, D., Maji, H.K., Pandey, O., Prabhakaran, M.: A rate-optimizing compiler for non-malleable codes against bit-wise tampering and permutations. In: Dodis, Y., Nielsen, J.B. (eds.) TCC 2015, Part I. LNCS, vol. 9014, pp. 375–397. Springer, Heidelberg (2015). http://dx.doi.org/10.1007/978-3-662-46494-6_16 Google Scholar
6. 6.
Balog, A., Szemeredi, E.: A statistical theorem for set addition. Combinatorica 14(3), 263–268 (1994)
7. 7.
Chandran, N., Goyal, V., Mukherjee, P., Pandey, O., Upadhyay, J.: Block-wise non-malleable codes. Cryptology ePrint Archive, Report 2015/129 (2015). http://eprint.iacr.org
8. 8.
Chandran, N., Kanukurthi, B., Ostrovsky, R.: Locally updatable and locally decodable codes. In: Lindell, Y. (ed.) TCC 2014. LNCS, vol. 8349, pp. 489–514. Springer, Heidelberg (2014)
9. 9.
Chattopadhyay, E., Zuckerman, D.: Non-malleable codes against constant split-state tampering. In: 55th IEEE Annual Symposium on Foundations of Computer Science, FOCS 2014, Philadelphia, PA, USA, 18–21 October 2014, pp. 306–315. IEEE Computer Society (2014). http://dx.doi.org/10.1109/FOCS.2014.40
10. 10.
Cheraghchi, M., Guruswami, V.: Capacity of non-malleable codes. In: Naor, M. (ed.) ITCS, pp. 155–168. ACM (2014)Google Scholar
11. 11.
Cheraghchi, M., Guruswami, V.: Non-malleable coding against bit-wise and split-state tampering. In: Lindell, Y. (ed.) TCC 2014. LNCS, vol. 8349, pp. 440–464. Springer, Heidelberg (2014)
12. 12.
Choi, S.G., Kiayias, A., Malkin, T.: BiTR: built-in tamper resilience. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 740–758. Springer, Heidelberg (2011)
13. 13.
Coretti, S., Maurer, U., Tackmann, B., Venturi, D.: From single-bit to multi-bit public-key encryption via non-malleable codes. In: Dodis, Y., Nielsen, J.B. (eds.) TCC 2015, Part I. LNCS, vol. 9014, pp. 532–560. Springer, Heidelberg (2015). http://dx.doi.org/10.1007/978-3-662-46494-6_22 Google Scholar
14. 14.
Cramer, R., Dodis, Y., Fehr, S., Padró, C., Wichs, D.: Detection of algebraic manipulation with applications to robust secret sharing and fuzzy extractors. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 471–488. Springer, Heidelberg (2008)
15. 15.
Cramer, R., Padró, C., Xing, C.: Optimal algebraic manipulation detection codes (2014). http://eprint.iacr.org/2014/116
16. 16.
Cramer, R., Shoup, V.: Design and analysis of practical public-key encryption schemes secure against adaptive chosen ciphertext attack. SIAM J. Comput. 33(1), 167–226 (2003). http://dx.doi.org/10.1137/S0097539702403773
17. 17.
Dziembowski, S., Kazana, T., Obremski, M.: Non-malleable codes from two-source extractors. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part II. LNCS, vol. 8043, pp. 239–257. Springer, Heidelberg (2013)
18. 18.
Dziembowski, S., Pietrzak, K., Wichs, D.: Non-malleable codes. In: Yao, A.C.C. (ed.) ICS, pp. 434–452. Tsinghua University Press (2010)Google Scholar
19. 19.
Faust, S., Mukherjee, P., Nielsen, J.B., Venturi, D.: Continuous non-malleable codes. In: Lindell, Y. (ed.) TCC 2014. LNCS, vol. 8349, pp. 465–488. Springer, Heidelberg (2014)
20. 20.
Faust, S., Mukherjee, P., Venturi, D., Wichs, D.: Efficient non-malleable codes and key-derivation for poly-size tampering circuits. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 111–128. Springer, Heidelberg (2014)
21. 21.
Gowers, T.: A new proof of Szemeredi’s theorem for arithmetic progression of length four. Geom. Func. Anal. 8(3), 529–551 (1998)
22. 22.
Guruswami, V., Smith, A.: Codes for computationally simple channels: explicit constructions with optimal rate. In: FOCS, pp. 723–732. IEEE Computer Society (2010)Google Scholar
23. 23.
Hemenway, B., Ostrovsky, R.: Public-key locally-decodable codes. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 126–143. Springer, Heidelberg (2008)
24. 24.
Impagliazzo, R.: Pseudo-random generators for cryptography and for randomized algorithms. Ph.D. thesis, University of California at Berkeley (1989)Google Scholar
25. 25.
Impagliazzo, R., Levin, L.A., Luby, M.: Pseudo-random generation from one-way functions (extended abstracts). In: Johnson, D.S. (ed.) STOC, pp. 12–24. ACM (1989)Google Scholar
26. 26.
Kurosawa, K.: Hybrid encryption. In: Encyclopedia of Cryptography and Security, 2nd edn., pp. 570–572 (2011). http://dx.doi.org/10.1007/978-1-4419-5906-5_321
27. 27.
Lipton, R.J.: A new approach to information theory. In: STACS, pp. 699–708 (1994)Google Scholar
28. 28.
Liu, F.-H., Lysyanskaya, A.: Tamper and leakage resilience in the split-state model. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 517–532. Springer, Heidelberg (2012)
29. 29.
Micali, S., Peikert, C., Sudan, M., Wilson, D.A.: Optimal error correction against computationally bounded noise. In: Kilian, J. (ed.) TCC 2005. LNCS, vol. 3378, pp. 1–16. Springer, Heidelberg (2005)
30. 30.
Ostrovsky, R., Pandey, O., Sahai, A.: Private locally decodable codes. In: Arge, L., Cachin, C., Jurdziński, T., Tarlecki, A. (eds.) ICALP 2007. LNCS, vol. 4596, pp. 387–398. Springer, Heidelberg (2007)
31. 31.
Samorodnitsky, A.: Low-degree tests at large distances. In: ACM Symposium on Theory of Computing, pp. 506–515. ACM (2007)Google Scholar
32. 32.
Sanders, T.: On the Bogolyubov-Ruzsa lemma. Anal. PDE 5, 627–655 (2012)

© International Association for Cryptologic Research 2016

## Authors and Affiliations

• Divesh Aggarwal
• 1
Email author
• Shashank Agrawal
• 2
• Divya Gupta
• 3
• Hemanta K. Maji
• 4
• Omkant Pandey
• 5
• Manoj Prabhakaran
• 2
1. 1.EPFLLausanneSwitzerland
2. 2.University of Illinois at Urbana-ChampaignChampaignUSA
3. 3.University of California at Los AngelesLos AngelesUSA
4. 4.Purdue UniversityWest LafayetteUSA
5. 5.University of California at BerkeleyBerkeleyUSA