Towards characterizing when information-theoretic secret key agreement is possible

  • Ueli Maurer
  • Stefan Wolf
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1163)


This paper is concerned with information-theoretically secure secret key agreement in the general scenario where three parties, Alice, Bob, and Eve, know random variables X, Y, and Z, respectively, with joint distribution P xyz , for instance resulting from receiving a sequence of random bits broadcast by a satellite. We consider the problem of determining for a given distribution P xyz whether Alice and Bob can in principle, by communicating over an insecure channel accessible to Eve, generate a secret key about which Eve's information is arbitrarily small. When X, Y, and Z are random variables that result from a binary random variable being sent through three arbitrary independent channels, it is shown that secret key agreement is possible if and only if I(X;Y¦Z) >0, i.e., under the sole condition that X and Y have some (arbitrarily weak) statistical dependence when given Z.


Cryptography Secret key agreement Unconditional security Information theory 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    C. H. Bennett, F. Bessette, G. Brassard, L. Salvail, and J. Smolin, Experimental quantum cryptography, Journal of Cryptology, Springer Verlag, Vol. 5, No. 1, pp. 3–28, 1992.Google Scholar
  2. 2.
    T. M. Cover and J. A. Thomas, Elements of information theory, Wiley Series in Telecommunications, 1992.Google Scholar
  3. 3.
    I. Csiszár and J. Körner, Broadcast channels with confidential messages, IEEE Transactions on Information Theory, vol. IT-24, pp. 339–348, 1978.CrossRefGoogle Scholar
  4. 4.
    W. Feller, An introduction to probability theory and its applications, 3rd edition, Vol. 1, Wiley International, 1968.Google Scholar
  5. 5.
    M. J. Fischer and R. N. Wright, Bounds on secret key exchange using a random deal of cards, Journal of Cryptology, Springer Verlag, Vol. 9, No. 2, pp. 71–99, 1996.Google Scholar
  6. 6.
    U. M. Maurer, Protocols for secret key agreement based on common information, Advances in Cryptology — CRYPTO '92, Lecture Notes in Computer Science, Berlin: Springer-Verlag, Vol. 740, pp. 461–470, 1993.Google Scholar
  7. 7.
    U. M. Maurer, Secret key agreement by public discussion from common information, IEEE Transactions on Information Theory, Vol. 39, No. 3, pp. 733–742, 1993.CrossRefGoogle Scholar
  8. 8.
    C. E. Shannon, Communication theory of secrecy systems, Bell System Technical Journal, Vol. 28, pp. 656–715, Oct. 1949.Google Scholar
  9. 9.
    A. D. Wyner, The wire-tap channel, Bell System Technical Journal, Vol. 54, No. 8, pp. 1355–1387, 1975.Google Scholar

Copyright information

© Springer-Verlag 1996

Authors and Affiliations

  • Ueli Maurer
    • 1
  • Stefan Wolf
    • 1
  1. 1.Department of Computer ScienceSwiss Federal Institute of Technology (ETH Zurich)ZurichSwitzerland

Personalised recommendations