One-Way Secret-Key Agreement and Applications to Circuit Polarization and Immunization of Public-Key Encryption

  • Thomas Holenstein
  • Renato Renner
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3621)


Secret-key agreement between two parties Alice and Bob, connected by an insecure channel, can be realized in an information-theoretic sense if the parties share many independent pairs of correlated and partially secure bits. We study the special case where only one-way communication from Alice to Bob is allowed and where, for each of the bit pairs, with a certain probability, the adversary has no information on Alice’s bit. We give an expression which, for this situation, exactly characterizes the rate at which Alice and Bob can generate secret key bits.

This result can be used to analyze a slightly restricted variant of the problem of polarizing circuits, introduced by Sahai and Vadhan in the context of statistical zero-knowledge, which we show to be equivalent to secret-key agreement as described above. This provides us both with new constructions to polarize circuits, but also proves that the known constructions work for parameters which are tight.

As a further application of our results on secret-key agreement, we show how to immunize single-bit public-key encryption schemes from decryption errors and insecurities of the encryption, a question posed and partially answered by Dwork, Naor, and Reingold. Our construction works for stronger parameters than the known constructions.


Encryption Scheme Statistical Distance Polarization Method Bell System Technical Journal Decryption Error 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Ahlswede, R., Csiszàr, I.: Common randomness in information theory and cryptography—part I: Secret sharing. IEEE Transactions on Information Theory 39(4), 1121–1132 (1993)zbMATHCrossRefGoogle Scholar
  2. 2.
    Bennett, C.H., Brassard, G., Crépeau, C., Maurer, U.: Generalized privacy amplification. IEEE Transaction on Information Theory 41(6), 1915–1923 (1995)zbMATHCrossRefGoogle Scholar
  3. 3.
    Csiszár, I., Körner, J.: Broadcast channels with confidential messages. IEEE Transactions on Information Theory 22(6), 644–654 (1978)Google Scholar
  4. 4.
    Cover, T.M., Thomas, J.A.: Elements of Information Theory, 1st edn. John Wiley & Sons, Inc., Chichester (1991) ISBN 0-471-06259-6 zbMATHCrossRefGoogle Scholar
  5. 5.
    Dwork, C., Naor, M., Reingold, O.: Immunizing encryption schemes from decryption errors. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 342–360. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  6. 6.
    Dumer, I.I.: Concatenated codes and their multilevel generalizations. In: Pless, V.S., Huffman, W.C. (eds.) The Handbook of Coding Theory, ch. 23, vol. 2, pp. 1191–1988. North-Holland/ Elsevier (1998)Google Scholar
  7. 7.
    Holenstein, T.: Key agreement from weak bit agreement. In: Proceedings of the 37th STOC, pp. 664–673 (2005)Google Scholar
  8. 8.
    Holenstein, T., Renner, R.: On the smooth Rényi entropy of independently repeated random experiments (2005) (manuscript)Google Scholar
  9. 9.
    Impagliazzo, R., Levin, L.A., Luby, M.: Pseudo-random generation from one-way functions (extended abstract). In: Proceedings of the 21st STOC, pp. 12–24 (1989)Google Scholar
  10. 10.
    Impagliazzo, R.: Hard-core distributions for somewhat hard problems. In: 36th FOCS, pp. 538–545 (1995)Google Scholar
  11. 11.
    Maurer, U.: Secret key agreement by public discussion. IEEE Transaction on Information Theory 39(3), 733–742 (1993)zbMATHCrossRefMathSciNetGoogle Scholar
  12. 12.
    Maurer, U., Wolf, S.: Unconditionally secure key agreement and the intrinsic conditional information. IEEE Transaction on Information Theory 45(2), 499–514 (1999)zbMATHCrossRefMathSciNetGoogle Scholar
  13. 13.
    Renner, R., Wolf, S.: New bounds in secret-key agreement: The gap between formation and secrecy extraction. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 562–577. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  14. 14.
    Renner, R., Wolf, S.: Smooth Rényi entropy and applications. In: Proceedings of 2004 IEEE International Symposium on Information Theory, p. 233. IEEE, Los Alamitos (2004)Google Scholar
  15. 15.
    Renner, R., Wolf, S.: Simple and tight bounds for information reconciliation and privacy amplification (2005) (manuscript)Google Scholar
  16. 16.
    Shannon, C.E.: Communication theory of secrecy systems. Bell Systems Technical Journal 28, 656–715 (1949)zbMATHMathSciNetGoogle Scholar
  17. 17.
    Sahai, A., Vadhan, S.: A complete promise problem for statistical zero-knowledge. In: The 38th FOCS, pp. 448–457 (1997)Google Scholar
  18. 18.
    Sahai, A., Vadhan, S.: Manipulating statistical difference. In: Pardalos, P., Rajasekaran, S., Rolim, J. (eds.). DIMACS Series, vol. 43, pp. 251–270 (1999)Google Scholar
  19. 19.
    Wolf, S.: Information-Theoretically and Computationally Secure Key Agreement in Cryptography. PhD thesis, ETH Zürich (1999)Google Scholar
  20. 20.
    Wyner, A.D.: The wire-tap channel. Bell Systems Technical Journal 54, 1355–1387 (1975)MathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Thomas Holenstein
    • 1
  • Renato Renner
    • 1
  1. 1.Department of Computer ScienceSwiss Federal Institute of Technology (ETH)ZürichSwitzerland

Personalised recommendations