Non-malleable Reductions and Applications

Proceedings of the forty-seventh annual ACM symposium on Theory of Computing Pub Date : 2015-06-14 DOI:10.1145/2746539.2746544

Divesh Aggarwal, Y. Dodis, Tomasz Kazana, Maciej Obremski

{"title":"Non-malleable Reductions and Applications","authors":"Divesh Aggarwal, Y. Dodis, Tomasz Kazana, Maciej Obremski","doi":"10.1145/2746539.2746544","DOIUrl":null,"url":null,"abstract":"Non-malleable codes, introduced by Dziembowski, Pietrzak and Wichs [DPW10], provide a useful message integrity guarantee in situations where traditional error-correction (and even error-detection) is impossible; for example, when the attacker can completely overwrite the encoded message. Informally, a code is non-malleable if the message contained in a modified codeword is either the original message, or a completely \"unrelated value\". Although such codes do not exist if the family of \"tampering functions\" cF allowed to modify the original codeword is completely unrestricted, they are known to exist for many broad tampering families cF. The family which received the most attention [DPW10,LL12,DKO13,ADL14,CG14a,CG14b] is the family of tampering functions in the so called (2-part) split-state model: here the message x is encoded into two shares L and R, and the attacker is allowed to arbitrarily tamper with each L and R individually. Despite this attention, the following problem remained open: Build efficient, information-theoretically secure non-malleable codes in the split-state model with constant encoding rate: |L|=|R|=O(|x|). In this work, we resolve this open problem. Our technique for getting our main result is of independent interest. We develop a generalization of non-malleable codes, called non-malleable reductions; show simple composition theorem for non-malleable reductions; build a variety of such reductions connecting various (independently interesting) tampering families cF to each other; construct several new non-malleable codes in the split-state model by applying the composition theorem to a series of easy to understand reductions. Most importantly, we show several \"independence amplification\" reductions, showing how to reduce split-state tampering of very few parts to an easier question of split-state tampering with a much larger number of parts. In particular, our final, constant-rate, non-malleable code composes one of these reductions with the very recent, \"9-split-state\" code of Chattopadhyay and Zuckerman [CZ14].","PeriodicalId":20566,"journal":{"name":"Proceedings of the forty-seventh annual ACM symposium on Theory of Computing","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2015-06-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"94","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the forty-seventh annual ACM symposium on Theory of Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2746539.2746544","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 94

Abstract

Non-malleable codes, introduced by Dziembowski, Pietrzak and Wichs [DPW10], provide a useful message integrity guarantee in situations where traditional error-correction (and even error-detection) is impossible; for example, when the attacker can completely overwrite the encoded message. Informally, a code is non-malleable if the message contained in a modified codeword is either the original message, or a completely "unrelated value". Although such codes do not exist if the family of "tampering functions" cF allowed to modify the original codeword is completely unrestricted, they are known to exist for many broad tampering families cF. The family which received the most attention [DPW10,LL12,DKO13,ADL14,CG14a,CG14b] is the family of tampering functions in the so called (2-part) split-state model: here the message x is encoded into two shares L and R, and the attacker is allowed to arbitrarily tamper with each L and R individually. Despite this attention, the following problem remained open: Build efficient, information-theoretically secure non-malleable codes in the split-state model with constant encoding rate: |L|=|R|=O(|x|). In this work, we resolve this open problem. Our technique for getting our main result is of independent interest. We develop a generalization of non-malleable codes, called non-malleable reductions; show simple composition theorem for non-malleable reductions; build a variety of such reductions connecting various (independently interesting) tampering families cF to each other; construct several new non-malleable codes in the split-state model by applying the composition theorem to a series of easy to understand reductions. Most importantly, we show several "independence amplification" reductions, showing how to reduce split-state tampering of very few parts to an easier question of split-state tampering with a much larger number of parts. In particular, our final, constant-rate, non-malleable code composes one of these reductions with the very recent, "9-split-state" code of Chattopadhyay and Zuckerman [CZ14].

查看原文本刊更多论文

非延展性还原及应用

由Dziembowski, Pietrzak和Wichs [DPW10]引入的不可延展性代码在传统的错误纠正(甚至错误检测)无法实现的情况下提供了有用的消息完整性保证;例如，当攻击者可以完全覆盖编码消息时。非正式地说，如果修改后的码字中包含的消息是原始消息，或者是完全“不相关的值”，则代码是不可延展性的。如果允许修改原码字的“篡改函数”族cF完全不受限制，则不存在此类代码，但已知许多广义篡改函数族cF都存在此类代码。最受关注的族[DPW10,LL12,DKO13,ADL14,CG14a,CG14b]是所谓(2-part)分裂状态模型中的篡改函数族:在这里，消息x被编码为两个共享L和R，攻击者可以任意篡改每个共享L和R。尽管如此，以下问题仍然没有解决:在分裂状态模型中构建具有恒定编码率的高效，信息理论上安全的不可延展性代码:|L|=|R|=O(|x|)。在这项工作中，我们解决了这个开放的问题。我们获得主要结果的技术是独立的。我们开发了一种非延展性代码的推广，称为非延展性还原;给出非延性约简的简单复合定理;建立各种这样的削减，将各种(独立有趣的)篡改家族cF相互连接起来;通过将组合定理应用于一系列易于理解的约简，在分裂状态模型中构造了几个新的不可延展性代码。最重要的是，我们展示了几个“独立放大”缩减，展示了如何将极少数部分的分裂状态篡改减少到更容易的分裂状态篡改问题。特别地，我们最终的，恒定速率的，不可延性的代码与最近的，Chattopadhyay和Zuckerman的“9分裂状态”代码[CZ14]组成了这些缩减之一。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the forty-seventh annual ACM symposium on Theory of Computing

自引率

0.00%

发文量

文献相关原料

公司名称	产品信息	采购帮参考价格