Abstract
Garg et al. (Crypto 2015) initiated the study of cryptographic protocols over noisy channels in the non-interactive setting, namely when only one party speaks. A major question left open by this work is the completeness of finite channels, whose input and output alphabets do not grow with the desired level of security. In this work, we address this question by obtaining the following results:
-
1.
Completeness of Bit-ROT with Inverse Polynomial Error. We show that bit-ROT (i.e., Randomized Oblivious Transfer channel, where each of the two messages is a single bit) can be used to realize general randomized functionalities with inverse polynomial error. Towards this, we provide a construction of string-ROT from bit-ROT with inverse polynomial error.
-
2.
No Finite Channel is Complete with Negligible Error. To complement the above, we show that no finite channel can be used to realize string-ROT with negligible error, implying that the inverse polynomial error in the completeness of bit-ROT is inherent. This holds even with semi-honest parties and for computational security, and is contrasted with the (negligible-error) completeness of string-ROT shown by Garg et al.
-
3.
Characterization of Finite Channels Enabling Zero-Knowledge Proofs. An important instance of secure computation is zero-knowledge proofs. Noisy channels can potentially be used to realize truly non-interactive zero-knowledge proofs, without trusted common randomness, and with non-transferability and deniability features that cannot be realized in the plain model. Garg et al. obtain such zero-knowledge proofs from the binary erasure channel (BEC) and the binary symmetric channel (BSC). We complete the picture by showing that in fact any non-trivial channel suffices.
This is a preview of subscription content, access via your institution.
Buying options
Notes
- 1.
In more detail, the sender can generate an anonymous \(\$100\) bill by letting the input be \(m\,=\,\)(Sender-name, 100) and the transmitted message be (m, id) for a random identifier id picked by the functionality. Consider the scenario where multiple \(\$100\) bills are sent to different receivers. The id is needed to prevent double spending. Anonymity comes from the fact that the sender doesn’t learn id, so it cannot associate a particular \(\$100\) bill with the receiver to whom it was sent.
- 2.
Indeed, an \(\mathsf {OWSC} / {\mathcal {C}}\) ZK-PoK protocol is equivalent to an information-theoretic UC-secure protocol for the ZK functionality in the \(\mathcal {C}\)-hybrid model, with an additional requirement that the protocol involves a single invocation of \(\mathcal {C}\) and no other communication.
- 3.
Note that the conceptually simpler approach of applying NIZK proofs is not applicable here, since in the setting of secure computation over noisy channels there is no public transcript to which such a proof can apply.
- 4.
The notions of redundancy and core were defined more generally in [21], in the context of 2-party functionalities where both parties have inputs and outputs. Here we present simpler definitions that suffice for the case of channels.
- 5.
This is essentially identical to the Von Neumann extractor trick.
- 6.
In [17], an encoding scheme was used to argue that with some probability, the bits sent through the BSC are “erased.” But this encoding turns out to be redundant, as a BSC implicitly guarantees erasure: Concretely, a BSC with error probability p can be simulated by post-processing a BEC with erasure probability 2p. The post-processing corresponds to decoding the erasure symbol as a uniformly random bit.
References
Agrawal, S., Ishai, Y., Kushilevitz, E., Narayanan, V., Prabhakaran, M., Prabhakaran, V., Rosen, A.: Cryptography from one-way communication: on completeness of finite channels. In: Cryptology ePrint Archive (2020)
Ajtai, M.: Oblivious rams without cryptogrpahic assumptions. In: STOC 2010, pp. 181–190 (2010)
Bellare, M., et al.: iKP - a family of secure electronic payment protocols. In: USENIX Workshop on Electronic Commerce (1995)
Bellare, M., Tessaro, S., Vardy, A.: Semantic security for the wiretap channel. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 294–311. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32009-5_18
Bennett, C.H., Brassard, G., Crepeau, C., Maurer, U.M.: Generalized privacy amplification. IEEE Trans. Inf. Theor. 41(6), 1915–1923 (1995)
Bennett, C.H., Brassard, G., Robert, J.-M.: Privacy amplification by public discussion. SIAM J. Comput. 17(2), 210–229 (1988)
Bertsimas, D., Tsitsiklis, J.N.: Introduction to Linear Optimization. Athena Scientific, Nashua (1997)
Bloch, M., Barros, J.: Physical-Layer Security: from Information Theory to Security Engineering. Cambridge University Press, Cambridge (2011)
Blum, M., Feldman, P., Micali, S.: Proving security against chosen ciphertext attacks. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 256–268. Springer, New York (1990). https://doi.org/10.1007/0-387-34799-2_20
Chaum, D.: Blind signatures for untraceable payments. In: Chaum, D., Rivest, R.L., Sherman, A.T. (eds.) Advances in Cryptology, pp. 199–203. Springer, Boston, MA (1983). https://doi.org/10.1007/978-1-4757-0602-4_18
Chaum, D.: Online cash checks. In: Quisquater, J.-J., Vandewalle, J. (eds.) EUROCRYPT 1989. LNCS, vol. 434, pp. 288–293. Springer, Heidelberg (1990). https://doi.org/10.1007/3-540-46885-4_30
Crepeau, C., Kilian, J.: Achieving oblivious transfer using weakened security assumptions. In: FOCS, pp. 42–52 (1988)
Crépeau, C., Morozov, K., Wolf, S.: Efficient unconditional oblivious transfer from almost any noisy channel. In: Blundo, C., Cimato, S. (eds.) SCN 2004. LNCS, vol. 3352, pp. 47–59. Springer, Heidelberg (2005). https://doi.org/10.1007/978-3-540-30598-9_4
Damgård, I., Kilian, J., Salvail, L.: On the (Im)possibility of basing oblivious transfer and bit commitment on weakened security assumptions. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 56–73. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48910-X_5
Feige, U., Lapidot, D., Shamir, A.: Multiple non-interactive zero knowledge proofs based on a single random string. In: FOCS, vol. 1, pp. 308–317, October 1990
Feige, U., Kilian, J., Naor, M.: A minimal model for secure computation (extended abstract). In: STOC, pp. 554–563 (1994)
Garg, S., Ishai, Y., Kushilevitz, E., Ostrovsky, R., Sahai, A.: Cryptography with one-way communication. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9216, pp. 191–208. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48000-7_10
Ishai, Y., Kushilevitz, E.: Private simultaneous messages protocols with applications. In: ISTCS 1997, pp. 174–184. IEEE Computer Society (1997)
Ishai, Y., Kushilevitz, E., Ostrovsky, R., Prabhakaran, M., Sahai, A.: Efficient non-interactive secure computation. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 406–425. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-20465-4_23
Kilian, J.: Founding cryptography on oblivious transfer. In: STOC, pp. 20–31 (1988)
Kraschewski, D., Maji, H.K., Prabhakaran, M., Sahai, A.: A full characterization of completeness for two-party randomized function evaluation. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 659–676. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-55220-5_36
Lin, F., Cheraghchi, M., Guruswami, V., Safavi-Naini, R., Wang, H.: Secret sharing with binary shares. In: ITCS, pp. 53:1–53:20 (2019)
Maurer, U.M.: Perfect cryptographic security from partially independent channels. In: STOC 1991, pp. 561–571 (1991)
Poor, H.V., Schaefer, R.F.: Wireless physical layer security. Proc. Natl. Acad. Sci. 114(1), 19–26 (2017)
Ranellucci, S., Tapp, A., Winkler, S., Wullschleger, J.: On the efficiency of bit commitment reductions. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 520–537. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-25385-0_28
Raz, R., Reingold, O., Vadhan, S.: Extracting all the randomness and reducing the error in trevisan’s extractors. J. Comput. Syst. Sci. 65, 97–128 (2002)
Trevisan, L.: Extractors and pseudorandom generators. J. ACM 48(4), 860–879 (2001)
Winter, A., Nascimento, A.C.A., Imai, H.: Commitment capacity of discrete memoryless channels. In: Paterson, K.G. (ed.) Cryptography and Coding 2003. LNCS, vol. 2898, pp. 35–51. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-40974-8_4
Wullschleger, J.: Oblivious transfer from weak noisy channels. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 332–349. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-00457-5_20
Wyner, A.D.: The wire-tap channel. Bell Syst. Tech. J. 54(8), 1355–1387 (1975)
Yao, A.C.C.: How to generate and exchange secrets (extended abstract). In: FOCS 1986, pp. 162–167 (1986)
Acknowledgements
We thank the anonymous Asiacrypt reviewers for their careful reading and many helpful comments. This Research was supported by Ministry of Science and Technology, Israel and Department of Science and Technology, Government of India, and in part by the International Centre for Theoretical Sciences (ICTS) during a visit for participating in the program-Foundational Aspects of Blockchain Technology (ICTS/Prog-fabt2020/01). In addition, S. Agrawal was supported by the DST “Swarnajayanti” fellowship, and Indo-French CEFIPRA project; Y. Ishai was supported by ERC Project NTSC (742754), NSF-BSF grant 2015782, ISF grant 2774/20, and BSF grant 2018393; E. Kushilevitz was supported by ISF grant 2774/20, BSF grant 2018393, and NSF-BSF grant 2015782; V. Narayanan and V. Prabhakaran were supported by the Department of Atomic Energy, Government of India, under project no. RTI4001, DAE OM No. 1303/4/2019/R&D-II/DAE/1969 dated 7.2.2020; M. Prabhakaran was supported by the Dept. of Science and Technology, India via the Ramanujan Fellowship; A. Rosen was supported in part by ISF grant No. 1399/17 and Project PROMETHEUS (Grant 780701).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 International Association for Cryptologic Research
About this paper
Cite this paper
Agrawal, S. et al. (2020). Cryptography from One-Way Communication: On Completeness of Finite Channels. In: Moriai, S., Wang, H. (eds) Advances in Cryptology – ASIACRYPT 2020. ASIACRYPT 2020. Lecture Notes in Computer Science(), vol 12493. Springer, Cham. https://doi.org/10.1007/978-3-030-64840-4_22
Download citation
DOI: https://doi.org/10.1007/978-3-030-64840-4_22
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-64839-8
Online ISBN: 978-3-030-64840-4
eBook Packages: Computer ScienceComputer Science (R0)
-
Published in cooperation with
https://iacr.org/
