Research On Information-theoretic Security In Cryptography

Both the symmetric key systems and public key systems currently used are based on the model of computational security. In principle, all of them can be broken by trying the possible keys in sequence. This thesis focuses on information-theoretic security, i.e. unconditional security. In information-theoretic security, we can assume that adversaries have the infinite computing power, and the cryptographic systems based on the model of information-theoretic security will not be broken down even if the adversaries can try all the possible keys in sequence in short time. With the development of science and technology, quantum computers and DNA computers with infinite computing power will be available. Therefore, it is significant for us to focus our attention on the research of information-theoretic security.Shannon抯 model can be modified to make practical provably secure cryptosystems possible. The first modification is to relax the requirement that perfect security means complete independence between the plaintext and the adversary抯 knowledge and to allow an arbitrarily small correlation. The second, crucial modification removes the assumption that the adversary receives exactly the same information as the legitimate users. The most realistic mechanisms proposed so far for limiting the information available to the adversary are quantum channels and noisy channels.Such a scenario can be abstracted from quantum channels and noisy channels: two communicants. Alice and Bob, and an adversary, Eve, receive three variables X, Y, Z which are distributed according to some probability distribution P~. Then Alice and Bob begin secret-key agreement over a public channel. Such a secret key agreement over a public channel usually consists of three phases, advantage distillation, information reconciliation and privacy amplification.The main work in this thesis is as follows:1.Demonstrate the effect of side information introduced by the communication over the public channel on Eve抯 Renyi entropy and show the relationship between information reconciliation and privacy amplification.2.When two communicants and an adversary obtain correlated information through independent binary symmetric channels from a random source, and the adversary抯 channel is noisier than those of communicants, an authentication scheme which uses the correlated information between the two communicants is proposed based on the coding theory to make possible information theoretic secret key agreement against active attacks.3With the help of the unconditional secure authentication codes constructed from error-correcting codes, privacy amplification secure against active attacks is possibleif the two communicants share some authentication key.4.An improvement is made to the strong protocol which is proposed by S.WolfJWol98] and implemented with help of interactive authentication. The improved strong protocol makes the privacy amplification by communication over an insecure and non-authentic channel possible for sufficiently large n ,the size of common string S shared by the two parties, when the adversary抯 R閚yi entropy about S exceeds only n12 rather than 2n13 which is required in [Wo198].5.Another authentication scheme is proposed which uses the common string between the two communicants to authenticate the messages over the public channel. Such an authentication scheme can make privacy amplification secure against active attack with some probability under the condition that the two communicants have no authentication key.