Sciweavers

IACR
2016

Pseudoentropy: Lower-bounds for Chain rules and Transformations

8 years 8 months ago
Pseudoentropy: Lower-bounds for Chain rules and Transformations
Computational notions of entropy have recently found many applications, including leakageresilient cryptography, deterministic encryption or memory delegation. The two main types of results which make computational notions so useful are (1) Chain rules, which quantify by how much the computational entropy of a variable decreases if conditioned on some other variable (2) Transformations, which quantify to which extend one type of entropy implies another. Such chain rules and transformations typically lose a significant amount in quality of the entropy, and are the reason why applying these results one gets rather weak quantitative security bounds. In this paper we for the first time prove lower bounds in this context, showing that existing results for transformations are, unfortunately, basically optimal for non-adaptive blackbox reductions (and it’s hard to imagine how non black-box reductions or adaptivity could be useful here.) A variable X has k bits of HILL entropy of quality ...
Krzysztof Pietrzak, Maciej Skorski
Added 03 Apr 2016
Updated 03 Apr 2016
Type Journal
Year 2016
Where IACR
Authors Krzysztof Pietrzak, Maciej Skorski
Comments (0)