Novel improvements and extensions of the extractable results about (leakage-resilient) privacy schemes with imperfect randomness

IF 3.8 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications Pub Date : 2025-02-21 DOI:10.1016/j.jisa.2025.104008

Yanqing Yao , Zhoujun Li

{"title":"Novel improvements and extensions of the extractable results about (leakage-resilient) privacy schemes with imperfect randomness","authors":"Yanqing Yao , Zhoujun Li","doi":"10.1016/j.jisa.2025.104008","DOIUrl":null,"url":null,"abstract":"<div><div>Traditional cryptographic primitives usually take for granted the availability of perfect randomness. Unfortunately, in reality one must deal with various imperfect randomness (e.g., physical sources, secrets with partial leakage, biometric data). Bosley and Dodis in TCC’07 [BD07] proposed that private-key encryption requires extractable randomness and hoped their result would arouse more interest in exploring the extent to which cryptographic primitives can be grounded on imperfect randomness. Aggarwal et al. in TCC’22 [ACOR22] observed leakage-resilient secret sharing requires extractable randomness. Partially motivated by these, we study improvements and extensions of the extractable results proposed before. We consider the generalized (leakage-resilient) privacy schemes (including encryption, perfectly binding commitment, threshold secret sharing). We get the new results below. Firstly, we explore extractable results about the generalized privacy schemes using two methods: one is an improved and generalized method based on [BD07] by combining different Chernoff Bounds; the other creatively employs Lemma 3 of [ACOR22]. Afterwards, we improve and extend the above results grounded on the Rényi entropy. In particular, (a) substituting the collision entropy for the min-entropy, we obtain tighter bounds than the counterpart of Lemma 3 in [ACOR22]; (b) replacing the min-entropy with the Rényi entropy, we give a tricky and detailed proof for generalized version of Lemma 4 of [ACOR22], while the coupling argument in that proof of [ACOR22] is used directly without explanation, which is unclear and hard to understand. Finally, we propose the extractable results about the generalized leakage-resilient privacy schemes using two methods: one extends Theorem 1(a) of [BD07]; the other uses more generalized, more intuitive, and simpler proof ideas than the counterpart of [ACOR22]. Furthermore, we present concrete and essential restrictions on the parameters by proving the main theorem other than [ACOR22] that proposed unspecific parameters.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"89 ","pages":"Article 104008"},"PeriodicalIF":3.8000,"publicationDate":"2025-02-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Security and Applications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2214212625000468","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Traditional cryptographic primitives usually take for granted the availability of perfect randomness. Unfortunately, in reality one must deal with various imperfect randomness (e.g., physical sources, secrets with partial leakage, biometric data). Bosley and Dodis in TCC’07 [BD07] proposed that private-key encryption requires extractable randomness and hoped their result would arouse more interest in exploring the extent to which cryptographic primitives can be grounded on imperfect randomness. Aggarwal et al. in TCC’22 [ACOR22] observed leakage-resilient secret sharing requires extractable randomness. Partially motivated by these, we study improvements and extensions of the extractable results proposed before. We consider the generalized (leakage-resilient) privacy schemes (including encryption, perfectly binding commitment, threshold secret sharing). We get the new results below. Firstly, we explore extractable results about the generalized privacy schemes using two methods: one is an improved and generalized method based on [BD07] by combining different Chernoff Bounds; the other creatively employs Lemma 3 of [ACOR22]. Afterwards, we improve and extend the above results grounded on the Rényi entropy. In particular, (a) substituting the collision entropy for the min-entropy, we obtain tighter bounds than the counterpart of Lemma 3 in [ACOR22]; (b) replacing the min-entropy with the Rényi entropy, we give a tricky and detailed proof for generalized version of Lemma 4 of [ACOR22], while the coupling argument in that proof of [ACOR22] is used directly without explanation, which is unclear and hard to understand. Finally, we propose the extractable results about the generalized leakage-resilient privacy schemes using two methods: one extends Theorem 1(a) of [BD07]; the other uses more generalized, more intuitive, and simpler proof ideas than the counterpart of [ACOR22]. Furthermore, we present concrete and essential restrictions on the parameters by proving the main theorem other than [ACOR22] that proposed unspecific parameters.

查看原文本刊更多论文

具有不完全随机性的（弹性泄漏）隐私方案可提取结果的新改进和扩展

传统的密码原语通常认为完全随机的可用性是理所当然的。不幸的是，在现实中，人们必须处理各种不完美的随机性（例如，物理来源，部分泄漏的秘密，生物特征数据）。Bosley和Dodis在TCC ' 07 [BD07]中提出，私钥加密需要可提取的随机性，并希望他们的结果能够引起人们对探索加密原语可以在多大程度上基于不完美随机性的兴趣。Aggarwal等人在TCC ' 22 [ACOR22]中观察到泄漏弹性秘密共享需要可提取的随机性。部分出于这些动机，我们研究了之前提出的可提取结果的改进和扩展。我们考虑了广义（防泄漏）隐私方案（包括加密、完美绑定承诺、阈值秘密共享）。我们得到了下面的新结果。首先，我们利用两种方法探索了广义隐私方案的可提取结果：一种是基于[BD07]结合不同Chernoff界的改进和广义方法；另一个则创造性地使用了[ACOR22]的引理3。在此基础上，对上述结果进行了改进和推广。特别地，(a)用碰撞熵代替最小熵，我们得到了比[ACOR22]中引理3对应的更紧的界；(b)用r尼伊熵代替min-熵，对[ACOR22]引理4的广义版给出了一个棘手而详细的证明，而在[ACOR22]的证明中直接使用了不加解释的耦合论证，不清晰，难以理解。最后，我们利用两种方法提出了广义弹性泄漏隐私方案的可提取结果：一种方法扩展了[BD07]的定理1(a)；另一种使用了比[ACOR22]更广义、更直观、更简单的证明思想。此外，我们通过证明[ACOR22]以外提出非特定参数的主要定理，给出了对参数的具体和本质的限制。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Information Security and Applications Computer Science-Computer Networks and Communications

CiteScore

10.90

自引率

5.40%

发文量

206

审稿时长

56 days

期刊介绍： Journal of Information Security and Applications (JISA) focuses on the original research and practice-driven applications with relevance to information security and applications. JISA provides a common linkage between a vibrant scientific and research community and industry professionals by offering a clear view on modern problems and challenges in information security, as well as identifying promising scientific and "best-practice" solutions. JISA issues offer a balance between original research work and innovative industrial approaches by internationally renowned information security experts and researchers.