6. Conclusions
If no eavesdropping occurred over the private channel, it is possible for Alice and Bob to publicly verify that no transmission errors nor tampering occurred either. with a 2−K error probability, and end up with an entirely secret final string that is only K bits shorter than the original private transmission. This is optimal. A somewhat shorter common string, on which Eve still has no information, can also be obtained with high probability despite transmission errors over the private channel.
If partial eavesdropping occurred over the private channel, leaking up to K bits of information to Eve, in Shannon’s sense, it is still possible for Alice and Bob to publicly verify that no transmission errors nor tampering occurred, with a 2−L error probability, and end up with a final string that is K+L+S bits shorter than the original private transmission, on which Eve has less than 2−s/ln2 bit of information. Here again, transmission errors can be handled at the cost of reducing some more the length of the final common string.
Finally, if partial eavesdropping over the private channel is restricted to K physical bits secretly chosen by Eve, it becomes possible again for Alice and Bob to verify with high probability that no errors nor tampering occurred, and end up with a new string on which Eve has no information whatsoever. However, the new string is substantially shorter than if Alice and Bob had tolerated knowledge by Eve of an arbitrarily small fraction of one bit of information.
A full paper was submitted for publication in SIAM J. Comp. as Privacy Amplification Through Public Discussion.
Partially supported by NSERC grant A4107 and by NSF grant MCS-8204506.
Part of this research was conducted while this author was visiting the University of California, Berkeley.
Partially supported by NSERC grant A4107.
Chapter PDF
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
7. References
E. R. Berlekamp, Algebraic Coding Theory, McGraw-Hill, New York, 1968.
G. Brassard, “On Computationally Secure Authentication Tags Requiring Short Secret Shared Keys”, in Advances in Cryptology: Proc. of Crypto 82, D. Chaum, R. L. Rivest and A. T. Sherman, eds., Plenum, New York, 1983, pp. 267–275.
C. H. Bennett and G. Brassard, “Quantum Cryptography and its Application to Provably Secure Key Expansion, Public-Key Distribution and Coin-Tossing”, in IEEE International Conference on Computers, Systems and Signal Processing, Bangalore, India, December 1984, pp. 175–179.
C. H. Bennett and G. Brassard, “An Update on Quantum Cryptography”, in Advances in Cryptology: Proc. of Crypto 84, G. R. Blakley and D. Chaum, eds., Lecture Notes in Computer Science 196, Springer-Verlag, Berlin, 1985, pp. 475–480.
C. H. Bennett, G. Brassard and J.-M. Robert, “Privacy Amplification through Public Discussion”, submitted to SIAM J. Comput., 1985.
J. L. Carter, and M. N. Wegman, “Universal Classes of Hash Functions”, J. Comput. System Sci., 18 (1979), pp. 143–154.
B. Chor, O. Goldreich, J. Hastad, J. Freidmann, S. Rudich and R. Smolensky, “The Bit Extraction Problem or t-Resilient Functions”, in Proc. 26th IEEE Symposium on Foundations of Computer Science, IEEE Computer Society Press, 1985, pp. 396–407.
W. Diffie and M. Hellman, “New Directions in Cryptography”, IEEE Trans. Information Theory, IT-22 (1976), pp. 644–654.
R. G. Gallager, Information Theory and Reliable Communication, John Wiley and Sons, New York, 1968.
O. Goldreich, S. Goldwasser and S. Micali, “How to Construct Random Functions”, in Proc. 25th IEEE Symposium on Foundations of Computer Science, IEEE Computer Society Press, 1984, pp. 464–479.
S. Goldwasser and S. Micali, “Probabilistic Encryption”, J. Comput. System Sci., 28 (1984), pp. 270–299.
F. J. MacWilliams and N. J. A. Sloane, The Theory of Error-Correcting Codes, North-Holland, New York, 1977.
M. N. Wegman and J. L. Carter, “New Hash Functions and Their Use in Authentication and Set Equality”, J. Comput. System Sci., 22 (1981), pp. 265–279.
A. D. Wyner, “The Wire-Tap Channel”, Bell System Journal, 54 (1975), pp. 1355–1387.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1986 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bennett, C.H., Brassard, G., Robert, JM. (1986). How to Reduce your Enemy’s Information (extended abstract). In: Williams, H.C. (eds) Advances in Cryptology — CRYPTO ’85 Proceedings. CRYPTO 1985. Lecture Notes in Computer Science, vol 218. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-39799-X_37
Download citation
DOI: https://doi.org/10.1007/3-540-39799-X_37
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-16463-0
Online ISBN: 978-3-540-39799-1
eBook Packages: Springer Book Archive