Abstract
One of the basic problems in cryptography is the generation of a common secret key between two parties, for instance in order to communicate privately. In this paper we consider information-theoretically secure key agreement. Wyner and subsequently Csiszár and Körner described and analyzed settings for secret-key agreement based on noisy communication channels. Maurer as well as Ahlswede and Csiszár generalized these models to a scenario based on correlated randomness and public discussion. In all these settings, the secrecy capacity and the secret-key rate, respectively, have been defined as the maximal achievable rates at which a highly-secret key can be generated by the legitimate partners. However, the privacy requirements were too weak in all these definitions, requiring only the ratio between the adversary’s information and the length of the key to be negligible, but hence tolerating her to obtain a possibly substantial amount of information about the resulting key in an absolute sense. We give natural stronger definitions of secrecy capacity and secret-key rate, requiring that the adversary obtains virtually no information about the entire key. We show that not only secret-key agreement satisfying the strong secrecy condition is possible, but even that the achievable key-generation rates are equal to the previous weak notions of secrecy capacity and secret-key rate. Hence the unsatisfactory old definitions can be completely replaced by the new ones. We prove these results by a generic reduction of strong to weak key agreement. The reduction makes use of extractors, which allow to keep the required amount of communication negligible as compared to the length of the resulting key.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
R. Ahlswede and I. Csiszár, Common randomness in information theory and cryptography — Part I: secret sharing, IEEE Transactions on Information Theory, Vol. 39, No. 4, pp. 1121–1132, 1993.
C. H. Bennett, G. Brassard, C. Crépeau, and U. M. Maurer, Generalized privacy amplification, IEEE Transactions on Information Theory, Vol. 41, No. 6, pp. 1915–1923, 1995.
C. H. Bennett, G. Brassard, and J.-M. Robert, Privacy amplification by public discussion, SIAM Journal on Computing, Vol. 17, pp. 210–229, 1988.
G. Brassard and L. Salvail, Secret-key reconciliation by public discussion, Advances in Cryptology-EUROCRYPT’ 93, Lecture Notes in Computer Science, Vol. 765, pp. 410–423, Springer-Verlag, 1994.
C. Cachin, Entropy measures and unconditional security in cryptography, Ph. D. Thesis, ETH Zurich, Hartung-Gorre Verlag, Konstanz, 1997.
C. Cachin and U. M. Maurer, Linking information reconciliation and privacy amplification, Journal of Cryptology, Vol. 10, No. 2, pp. 97–110, 1997.
J. L. Carter and M. N. Wegman, Universal classes of hash functions, Journal of Computer and System Sciences, Vol. 18, pp. 143–154, 1979.
T. M. Cover and J. A. Thomas, Elements of information theory, Wiley Series in Telecommunications, 1992.
I. Csiszár, Almost independence and secrecy capacity (in Russian), in Problems of Information Transmission (PPI), Vol. 32, No. 1, pp. 48–57, 1996.
I. Csiszár and J. Körner, Broadcast channels with confidential messages, IEEE Transactions on Information Theory, Vol. 24, No. 3, pp. 339–348, 1978.
N. Gisin and S. Wolf, Linking classical and quantum key agreement: is there “bound information”?, manuscript, 2000.
J. Håstad, R. Impagliazzo, L. Levin, and M. Luby, Construction of a pseudo-random generator from any one-way function, ICSI Tech. Rep. 91-068, 1991.
U. M. Maurer, Secret key agreement by public discussion from common information, IEEE Transactions on Information Theory, Vol. 39, No. 3, pp. 733–742, 1993.
U. M. Maurer, The strong secret key rate of discrete random triples, in Communication and Cryptography — Two Sides of One Tapestry, Kluwer Academic Publishers, pp. 271–285, 1994.
U. M. Maurer and S. Wolf, Unconditionally secure key agreement and the intrinsic conditional information, IEEE Transactions on Information Theory, Vol. 45, No. 2, pp. 499–514, 1999.
L. Trevisan, Construction of Extractors Using Pseudorandom Generators, Proc. of the 31st Symposium on Theory of Computing (STOC), ACM, pp. 141–148, 1999.
S. P. Vadhan, Extracting all the randomness from a weakly random source, Electronic Colloquium on Computational Complexity, Tech. Rep. TR98-047, 1998.
A. D. Wyner, The wire-tap channel, Bell System Technical Journal, Vol. 54, No. 8, pp. 1355–1387, 1975.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2000 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Maurer, U., Wolf, S. (2000). Information-Theoretic Key Agreement: From Weak to Strong Secrecy for Free. In: Preneel, B. (eds) Advances in Cryptology — EUROCRYPT 2000. EUROCRYPT 2000. Lecture Notes in Computer Science, vol 1807. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45539-6_24
Download citation
DOI: https://doi.org/10.1007/3-540-45539-6_24
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-67517-4
Online ISBN: 978-3-540-45539-4
eBook Packages: Springer Book Archive