Optimal Computational Split-state Non-malleable Codes
Non-malleable codes are a generalization of classical error-correcting codes where the act of “corrupting” a codeword is replaced by a “tampering” adversary. Non-malleable codes guarantee that the message contained in the tampered codeword is either the original message m, or a completely unrelated one. In the common split-state model, the codeword consists of multiple blocks (or states) and each block is tampered with independently.
The central goal in the split-state model is to construct high rate non-malleable codes against all functions with only two states (which are necessary). Following a series of long and impressive line of work, constant rate, two-state, non-malleable codes against all functions were recently achieved by Aggarwal et al. . Though constant, the rate of all known constructions in the split state model is very far from optimal (even with more than two states).
In this work, we consider the question of improving the rate of split-state non-malleable codes. In the “information theoretic” setting, it is not possible to go beyond rate 1/2. We therefore focus on the standard computational setting. In this setting, each tampering function is required to be efficiently computable, and the message in the tampered codeword is required to be either the original message m or a “computationally” independent one.
In this setting, assuming only the existence of one-way functions, we present a compiler which converts any poor rate, two-state, (sufficiently strong) non-malleable code into a rate-1, two-state, computational non-malleable code. These parameters are asymptotically optimal. Furthermore, for the qualitative optimality of our result, we generalize the result of Cheraghchi and Guruswami  to show that the existence of one-way functions is necessary to achieve rate \(>1/2\) for such codes.
Our compiler requires a stronger form of non-malleability, called augmented non-malleability. This notion requires a stronger simulation guarantee for non-malleable codes and simplifies their modular usage in cryptographic settings where composition occurs. Unfortunately, this form of non-malleability is neither straightforward nor generally guaranteed by known results. Nevertheless, we prove this stronger form of non-malleability for the two-state construction of Aggarwal et al. . This result is of independent interest.
KeywordsNon-malleable codes Split-state Explicit construction Computational setting One-way functions Pseudorandom generators Authenticated encryption schemes Rate 1
- 2.Aggarwal, D., Dodis, Y., Kazana, T., Obremski, M.: Non-malleable reductions and applications. In: Servedio, R.A., Rubinfeld, R. (eds.) Proceedings of the Forty-Seventh Annual ACM on Symposium on Theory of Computing, STOC 2015, Portland, OR, USA, 14–17 June 2015, pp. 459–468. ACM (2015). http://doi.acm.org/10.1145/2746539.2746544
- 3.Aggarwal, D., Dodis, Y., Lovett, S.: Non-malleable codes from additive combinatorics. In: STOC, pp. 774–783 (2014)Google Scholar
- 5.Agrawal, S., Gupta, D., Maji, H.K., Pandey, O., Prabhakaran, M.: A rate-optimizing compiler for non-malleable codes against bit-wise tampering and permutations. In: Dodis, Y., Nielsen, J.B. (eds.) TCC 2015, Part I. LNCS, vol. 9014, pp. 375–397. Springer, Heidelberg (2015). http://dx.doi.org/10.1007/978-3-662-46494-6_16 Google Scholar
- 7.Chandran, N., Goyal, V., Mukherjee, P., Pandey, O., Upadhyay, J.: Block-wise non-malleable codes. Cryptology ePrint Archive, Report 2015/129 (2015). http://eprint.iacr.org
- 9.Chattopadhyay, E., Zuckerman, D.: Non-malleable codes against constant split-state tampering. In: 55th IEEE Annual Symposium on Foundations of Computer Science, FOCS 2014, Philadelphia, PA, USA, 18–21 October 2014, pp. 306–315. IEEE Computer Society (2014). http://dx.doi.org/10.1109/FOCS.2014.40
- 10.Cheraghchi, M., Guruswami, V.: Capacity of non-malleable codes. In: Naor, M. (ed.) ITCS, pp. 155–168. ACM (2014)Google Scholar
- 13.Coretti, S., Maurer, U., Tackmann, B., Venturi, D.: From single-bit to multi-bit public-key encryption via non-malleable codes. In: Dodis, Y., Nielsen, J.B. (eds.) TCC 2015, Part I. LNCS, vol. 9014, pp. 532–560. Springer, Heidelberg (2015). http://dx.doi.org/10.1007/978-3-662-46494-6_22 Google Scholar
- 15.Cramer, R., Padró, C., Xing, C.: Optimal algebraic manipulation detection codes (2014). http://eprint.iacr.org/2014/116
- 18.Dziembowski, S., Pietrzak, K., Wichs, D.: Non-malleable codes. In: Yao, A.C.C. (ed.) ICS, pp. 434–452. Tsinghua University Press (2010)Google Scholar
- 22.Guruswami, V., Smith, A.: Codes for computationally simple channels: explicit constructions with optimal rate. In: FOCS, pp. 723–732. IEEE Computer Society (2010)Google Scholar
- 24.Impagliazzo, R.: Pseudo-random generators for cryptography and for randomized algorithms. Ph.D. thesis, University of California at Berkeley (1989)Google Scholar
- 25.Impagliazzo, R., Levin, L.A., Luby, M.: Pseudo-random generation from one-way functions (extended abstracts). In: Johnson, D.S. (ed.) STOC, pp. 12–24. ACM (1989)Google Scholar
- 26.Kurosawa, K.: Hybrid encryption. In: Encyclopedia of Cryptography and Security, 2nd edn., pp. 570–572 (2011). http://dx.doi.org/10.1007/978-1-4419-5906-5_321
- 27.Lipton, R.J.: A new approach to information theory. In: STACS, pp. 699–708 (1994)Google Scholar
- 31.Samorodnitsky, A.: Low-degree tests at large distances. In: ACM Symposium on Theory of Computing, pp. 506–515. ACM (2007)Google Scholar