1 / 9

Simple Protocols for OT and Secure Identification in the Noisy -Storage Model ( arxiv : 1002.1495)

Explore alternative approaches for 1-out-of-2 Oblivious Transfer with improved security features and reduced communication rounds, focusing on weak string erasure, privacy amplification, and interactive hashing. Discover how Min-Entropy Splitting enhances protocol security in noisy storage models.

patia
Download Presentation

Simple Protocols for OT and Secure Identification in the Noisy -Storage Model ( arxiv : 1002.1495)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Simple Protocolsfor OT and Secure Identification in theNoisy-Storage Model(arxiv: 1002.1495) Amsterdam, Netherlands Workshop on Cryptography from Storage Imperfections Institute for Quantum Information, Caltech, USA Christian Schaffner 22 March 2010

  2. Goal: 1-out-of-2 Oblivious Transfer s0 , s1 c sc 1-2 OT

  3. Previous Approach (KWW ‘09) weakstringerasure • Privacy Amplifi-cation • Inter-active Hashing • Min-entropy sampling 1-2 OT works well only on blocksofbits standardprotocol (NOVY 98) requiresmanycommunicationrounds • results in complicated post-processingandpoorerrorparameters • so far: nosecureidentification

  4. Alternative Approach weakstringerasure • Privacy Amplifi-cation • Min-Entropy Splitting • Inter-active Hashing • Min-entropy sampling 1-2 OT • easieranalysisandbettersecurityerror • canonicalprotocols • allowsforsecureidentification • requiresnoisierstorage, i.e. secureforsmallerclassofadversaries

  5. Standard Protocol for 1-2 OT [Wiesner ~70, Bennett Brassard Crepeau Skubiszewska 92] S0 , S1 C 1-2 OT SC weakstringerasure • secureidentification: protocol (aspresentedby Serge) works

  6. Rate Comparison • goal: 1-2 OT of - bitstrings • scenario: n=1010 (ca. 30 sec), securityerror < 10-8 • storagenoise: where Simple Protocol Interactive Hashing, Min-Entropy Sampling [KWW 09]

  7. Rate Comparison • goal: 1-2 OT of - bitstrings • scenario: n=1015 (ca. 30 days), securityerror < 10-8 • storagenoise: where Simple Protocol Interactive Hashing, Min-Entropy Sampling [KWW 09]

  8. Min-Entropy Splitting • classicalversion: (Wullschleger, Damgaard Fehr Renner Salvail S) • prooffor Shannon entropy: • (prooffor min-entropy: 3 lines) • withquantumsideinformation? • wrong in general, but weakerversion? • Min-Entropy Splitting • Privacy Amplification 1-2 OT

  9. Summary • take-homemessagesforexperimentalists: • interactivehashingisnot strictlynecessary • original simple protocolsremainsecure in thenoisy-storage model • take-homemessagesfortheorists: • min-entropysplittingis an alternative wayofprovingsecurity in thenoisy-storage model • doesit hold withquantumsideinformation? http://arxiv.org/abs/1002.1495

More Related