TY - GEN
T1 - Exposure-resilient functions and all-or-nothing transforms
AU - Canetti, Ran
AU - Dodis, Yevgeniy
AU - Halevi, Shai
AU - Kushilevitz, Eyal
AU - Sahai, Amit
N1 - Publisher Copyright:
© Springer-Verlag Berlin Heidelberg 2000.
PY - 2000
Y1 - 2000
N2 - We study the problem of partial key exposure. Standard cryptographic definitions and constructions do not guarantee any security even if a tiny fraction of the secret key is compromised. We show how to build cryptographic primitives that remain secure even when an adversary is able to learn almost all of the secret key. The key to our approach is a new primitive of independent interest, which we call an Exposure-Resilient Function (ERF) – a deterministic function whose output appears random (in a perfect, statistical or computational sense) even if almost all the bits of the input are known. ERF’s by themselves efficiently solve the partial key exposure problem in the setting where the secret is simply a random value, like in private-key cryptography. They can also be viewed as very secure pseudorandom generators, and have many other applications. To solve the general partial key exposure problem, we use the (generalized) notion of an All-Or-Nothing Transform (AONT), an invertible (randomized) transformation T which, nevertheless, reveals “no information” about x even if almost all the bits of T(x) are known. By applying an AONT to the secret key of any cryptographic system, we obtain security against partial key exposure. To date, the only known security analyses of AONT candidates were made in the random oracle model. We show how to construct ERF’s and AONT’s with nearly optimal parameters. Our computational constructions are based on any one-way function. We also provide several applications and additional properties concerning these notions.
AB - We study the problem of partial key exposure. Standard cryptographic definitions and constructions do not guarantee any security even if a tiny fraction of the secret key is compromised. We show how to build cryptographic primitives that remain secure even when an adversary is able to learn almost all of the secret key. The key to our approach is a new primitive of independent interest, which we call an Exposure-Resilient Function (ERF) – a deterministic function whose output appears random (in a perfect, statistical or computational sense) even if almost all the bits of the input are known. ERF’s by themselves efficiently solve the partial key exposure problem in the setting where the secret is simply a random value, like in private-key cryptography. They can also be viewed as very secure pseudorandom generators, and have many other applications. To solve the general partial key exposure problem, we use the (generalized) notion of an All-Or-Nothing Transform (AONT), an invertible (randomized) transformation T which, nevertheless, reveals “no information” about x even if almost all the bits of T(x) are known. By applying an AONT to the secret key of any cryptographic system, we obtain security against partial key exposure. To date, the only known security analyses of AONT candidates were made in the random oracle model. We show how to construct ERF’s and AONT’s with nearly optimal parameters. Our computational constructions are based on any one-way function. We also provide several applications and additional properties concerning these notions.
UR - http://www.scopus.com/inward/record.url?scp=84948973494&partnerID=8YFLogxK
U2 - 10.1007/3-540-45539-6_33
DO - 10.1007/3-540-45539-6_33
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:84948973494
SN - 9783540675174
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 453
EP - 469
BT - Advances in Cryptology - EUROCRYPT 2000 - International Conference on the Theory and Application of Cryptographic Techniques, Proceedings
A2 - Preneel, Bart
PB - Springer Verlag
T2 - 19th International Conference on the Theory and Application of Cryptographic Techniques, EUROCRYPT 2000
Y2 - 14 May 2000 through 18 May 2000
ER -