Article

Indistinguishability amplification

Authors:

Ueli Maurer,

Krzysztof Pietrzak,

Renato RennerAuthors Info & Claims

CRYPTO'07: Proceedings of the 27th annual international cryptology conference on Advances in cryptology

Pages 130 - 149

Published: 19 August 2007 Publication History

Abstract

Many aspects of cryptographic security proofs can be seen as the proof that a certain system (e.g. a block cipher) is indistinguishable from an ideal system (e.g. a random permutation), for different types of distinguishers.

This paper presents a new generic approach to proving upper bounds on the information-theoretic distinguishing advantage (from an ideal system) for a combined system, assuming upper bounds of certain types for the component systems. For a general type of combination operation of systems, including the XOR of functions or the cascade of permutations, we prove two amplification theorems. The first is a product theorem, in the spirit of XOR-lemmas: The distinguishing advantage of the combination of two systems is at most twice the product of the individual distinguishing advantages. This bound is optimal. The second theorem states that the combination of systems is secure against some strong class of distinguishers, assuming only that the components are secure against some weaker class of distinguishers.

A key technical tool of the paper is the proof of a tight two-way correspondence, previously only known to hold in one direction, between the distinguishing advantage of two systems and the probability of winning an appropriately defined game.

References

[1]

Kaplan, E., Naor, M., Reingold, O.: Derandomized constructions of k-wise (almost) independent permutations. In: Chekuri, C., Jansen, K., Rolim, J.D.P., Trevisan, L. (eds.) APPROX 2005 and RANDOM 2005. LNCS, vol. 3624, pp. 354-365. Springer, Heidelberg (2005).

Digital Library

Google Scholar

[2]

Luby, M., Rackoff, C.: Pseudo-random permutation generators and cryptographic composition. In: Proc, 18th ACM Symposium on the Theory of Computing (STOC), pp. 356-363 (1986).

Digital Library

Google Scholar

[3]

Maurer, U.: Indistinguishability of random systems. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 110-132. Springer, Heidelberg (2002).

Digital Library

Google Scholar

[4]

Maurer, U., Oswald, Y.A., Pietrzak, K., Sjödin, J.: Luby-Rackoff ciphers with weak round functions. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 391-408. Springer, Heidelberg (2006).

Digital Library

Google Scholar

[5]

Maurer, U., Pietrzak, K.: Composition of random systems: When two weak make one strong. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 410- 427. Springer, Heidelberg (2004).

Google Scholar

[6]

Myers, S.: Efficient amplification of the security of weak pseudo-random function generators. Journal of Cryptology 16(1), 1-24 (2003).

Google Scholar

[7]

Myers, S.: Black-box composition does not imply adaptive security. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 189-206. Springer, Heidelberg (2004).

Google Scholar

[8]

Pietrzak, K.: Composition does not imply adaptive security. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 55-65. Springer, Heidelberg (2005).

Digital Library

Google Scholar

[9]

Pietrzak, K.: Composition implies adaptive security in minicrypt. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 328-338. Springer, Heidelberg (2006).

Digital Library

Google Scholar

[10]

Pietrzak, K., Sjödin, J.: Domain extension for weak PRFs; the good, the bad, and the ugly. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 517-533. Springer, Heidelberg (2002).

Digital Library

Google Scholar

[11]

Vaudenay, S.: Provable security for block ciphers by decorrelation. In: Meinel, C., Morvan, M. (eds.) STACS 98. LNCS, vol. 1373, pp. 249-275. Springer, Heidelberg (1998).

Digital Library

Google Scholar

[12]

Vaudenay, S.: Adaptive-attack norm for decorrelation and super-pseudorandomness. In: Heys, H.M., Adams, C.M. (eds.) SAC 1999. LNCS, vol. 1758, pp. 49-61. Springer, Heidelberg (2000).

Digital Library

Google Scholar

[13]

Vaudenay, S.: Decorrelation: A theory for block cipher security. J. Cryptology 16(4), 249-286 (2003).

Google Scholar

Cited By

View all

Boyle EGoldwasser STessaro S(2013)Communication locality in secure multi-party computationProceedings of the 10th theory of cryptography conference on Theory of Cryptography10.1007/978-3-642-36594-2_21(356-376)Online publication date: 3-Mar-2013
https://dl.acm.org/doi/10.1007/978-3-642-36594-2_21
Jetchev DÖzen OStam M(2012)Understanding adaptivityProceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security10.1007/978-3-642-34961-4_20(313-330)Online publication date: 2-Dec-2012
https://dl.acm.org/doi/10.1007/978-3-642-34961-4_20
Lampe RPatarin JSeurin Y(2012)An asymptotically tight security analysis of the iterated even-mansour cipherProceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security10.1007/978-3-642-34961-4_18(278-295)Online publication date: 2-Dec-2012
https://dl.acm.org/doi/10.1007/978-3-642-34961-4_18
Show More Cited By

Indistinguishability amplification
1. Theory of computation

Recommendations

Computational Indistinguishability Amplification: Tight Product Theorems for System Composition
CRYPTO '09: Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology

Computational indistinguishability amplification is the problem of strengthening cryptographic primitives whose security is defined by bounding the distinguishing advantage of an efficient distinguisher. Examples include pseudorandom generators (PRGs), ...
How to use indistinguishability obfuscation: deniable encryption, and more
STOC '14: Proceedings of the forty-sixth annual ACM symposium on Theory of computing

We introduce a new technique, that we call punctured programs, to apply indistinguishability obfuscation towards cryptographic problems. We use this technique to carry out a systematic study of the applicability of indistinguishability obfuscation to a ...
Quantum Indistinguishability of Random Sponges
Advances in Cryptology – CRYPTO 2019
Abstract
In this work we show that the sponge construction can be used to construct quantum-secure pseudorandom functions. As our main result we prove that random sponges are quantum indistinguishable from random functions. In this setting the adversary is ...

Comments

Information & Contributors

Information

Published In

CRYPTO'07: Proceedings of the 27th annual international cryptology conference on Advances in cryptology

August 2007

631 pages

ISBN:3540741429

Editor:
Alfred Menezes
University of Waterloo, Department of Combinatorics & Optimization, Waterloo, Ontario, Canada

In-Cooperation

Computer Science Department
University of California: University of California
IEEE Computer Society Technical Committee on Security and Privacy

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 19 August 2007

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

17
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 24 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Boyle EGoldwasser STessaro S(2013)Communication locality in secure multi-party computationProceedings of the 10th theory of cryptography conference on Theory of Cryptography10.1007/978-3-642-36594-2_21(356-376)Online publication date: 3-Mar-2013
https://dl.acm.org/doi/10.1007/978-3-642-36594-2_21
Jetchev DÖzen OStam M(2012)Understanding adaptivityProceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security10.1007/978-3-642-34961-4_20(313-330)Online publication date: 2-Dec-2012
https://dl.acm.org/doi/10.1007/978-3-642-34961-4_20
Lampe RPatarin JSeurin Y(2012)An asymptotically tight security analysis of the iterated even-mansour cipherProceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security10.1007/978-3-642-34961-4_18(278-295)Online publication date: 2-Dec-2012
https://dl.acm.org/doi/10.1007/978-3-642-34961-4_18
Bellare MRistenpart TTessaro S(2012)Multi-instance Security and Its Application to Password-Based CryptographyProceedings of the 32nd Annual Cryptology Conference on Advances in Cryptology --- CRYPTO 2012 - Volume 741710.1007/978-3-642-32009-5_19(312-329)Online publication date: 19-Aug-2012
https://dl.acm.org/doi/10.1007/978-3-642-32009-5_19
Hoang VMorris BRogaway P(2012)An Enciphering Scheme Based on a Card ShuffleProceedings of the 32nd Annual Cryptology Conference on Advances in Cryptology --- CRYPTO 2012 - Volume 741710.1007/978-3-642-32009-5_1(1-13)Online publication date: 19-Aug-2012
https://dl.acm.org/doi/10.1007/978-3-642-32009-5_1
Gaži PTessaro S(2012)Efficient and optimally secure key-length extension for block ciphers via randomized cascadingProceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques10.1007/978-3-642-29011-4_6(63-80)Online publication date: 15-Apr-2012
https://dl.acm.org/doi/10.1007/978-3-642-29011-4_6
Ishai YKushilevitz EOstrovsky RPrabhakaran MSahai AWullschleger J(2011)Constant-rate oblivious transfer from noisy channelsProceedings of the 31st annual conference on Advances in cryptology10.5555/2033036.2033087(667-684)Online publication date: 14-Aug-2011
https://dl.acm.org/doi/10.5555/2033036.2033087
Tessaro S(2011)Security amplification for the cascade of arbitrarily weak PRPsProceedings of the 8th conference on Theory of cryptography10.5555/1987260.1987264(37-54)Online publication date: 28-Mar-2011
https://dl.acm.org/doi/10.5555/1987260.1987264
Blech JChu WWong WPalakal MHung C(2011)Proving the security of ElGamal encryption via indistinguishability logicProceedings of the 2011 ACM Symposium on Applied Computing10.1145/1982185.1982527(1625-1632)Online publication date: 21-Mar-2011
https://dl.acm.org/doi/10.1145/1982185.1982527
Maurer U(2011)Constructive cryptography --- a new paradigm for security definitions and proofsProceedings of the 2011 international conference on Theory of Security and Applications10.1007/978-3-642-27375-9_3(33-56)Online publication date: 31-Mar-2011
https://dl.acm.org/doi/10.1007/978-3-642-27375-9_3
Show More Cited By

Abstract

References

Cited By

Recommendations

Computational Indistinguishability Amplification: Tight Product Theorems for System Composition

How to use indistinguishability obfuscation: deniable encryption, and more

Quantum Indistinguishability of Random Sponges

Comments

Information

Published In

Sponsors

In-Cooperation

Publisher

Publication History

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations