The leakage-resilience limit of a computational problem is equal to its unpredictability entropy
作者: Divesh Aggarwal , Ueli Maurer
DOI: 10.1007/978-3-642-25385-0_37
关键词: Search problem 、 Lattice problem 、 Learning with errors 、 Computational problem 、 Entropy (information theory) 、 Algorithm 、 Time complexity 、 Discrete logarithm 、 Computer science 、 Logarithm
摘要: A cryptographic assumption is the (unproven) mathematical statement that a certain computational problem (e.g. factoring integers) computationally hard. The leakage-resilience limit of assumption, and hence search problem, maximal number bits information can be leaked (adaptively) about an instance, without making easy to solve. This implies security underlying scheme against arbitrary side channel attacks by unbounded adversary as long less than leakage resilience limit. The hardness typically characterized running time fastest (known) algorithm for solving it. We propose consider, another natural complexity-theoretic quantity, success probability best polynomial-time (which exponentially small). refer its negative logarithm unpredictability entropy defined up additive logarithmic term). A main result paper are equal. demonstrates, first time, practical relevance studying algorithms even problems believed hard, if too small interest. With this view, we look at probabilistic polynomial learning with errors lattice have in recent years gained cryptography. We also introduce concept witness compression problems, namely reduction which witnesses shorter. length smallest achievable corresponds non-adaptive limit, it shown equal problem. independent theoretical An example implication our 3-SAT n variables compressed from (the variable assignments) 0.41 bits.
springer.com
sci-hub.st 参考文章(64)
A. K. Lenstra, H. W. Lenstra, L. Lovász, Factoring Polynomials with Rational Coefficients Mathematische Annalen. ,vol. 261, pp. 515- 534 ,(1982) , 10.1007/BF01457454
Nadia Heninger, Hovav Shacham, Reconstructing RSA Private Keys from Random Key Bits international cryptology conference. pp. 1- 17 ,(2009) , 10.1007/978-3-642-03356-8_1
Don Coppersmith, Finding a small root of a bivariate integer equation; factoring with high bits known theory and application of cryptographic techniques. pp. 178- 189 ,(1996) , 10.1007/3-540-68339-9_16
Chris Peikert, Public-Key Cryptosystems from the Worst-Case Shortest Vector Problem dagstuhl seminar proceedings. pp. 0- ,(2009)
Eike Kiltz, Krzysztof Pietrzak, Martijn Stam, Moti Yung, A New Randomness Extraction Paradigm for Hybrid Encryption international cryptology conference. pp. 590- 609 ,(2009) , 10.1007/978-3-642-01001-9_34
Chun-Yuan Hsiao, Chi-Jen Lu, Leonid Reyzin, Conditional Computational Entropy, or Toward Separating Pseudoentropy from Compressibility international cryptology conference. ,vol. 4515, pp. 169- 186 ,(2007) , 10.1007/978-3-540-72540-4_10
R. Beigel, D. Eppstein, 3-coloring in time 0(1.3446/sup n/): a no-MIS algorithm foundations of computer science. pp. 444- 452 ,(1995) , 10.1109/SFCS.1995.492575
Oded Goldreich, Shafi Goldwasser, On the Limits of Nonapproximability of Lattice Problems symposium on the theory of computing. ,vol. 60, pp. 540- 563 ,(2000) , 10.1006/JCSS.1999.1686
Jonathan Katz, Vinod Vaikuntanathan, Signature Schemes with Bounded Leakage Resilience international conference on the theory and application of cryptology and information security. pp. 703- 720 ,(2009) , 10.1007/978-3-642-10366-7_41
Evgeny Dantsin, Andreas Goerdt, Edward A Hirsch, Ravi Kannan, Jon Kleinberg, Christos Papadimitriou, Prabhakar Raghavan, Uwe Schöning, A deterministic (2 - 2/( k + 1)) n algorithm for k -SAT based on local search Theoretical Computer Science. ,vol. 289, pp. 69- 83 ,(2002) , 10.1016/S0304-3975(01)00174-8