Abstract
A wiretap coding scheme (Wyner, Bell Syst. Tech. J. 1975) enables Alice to reliably communicate a message m to an honest Bob by sending an encoding c over a noisy channel \(\textsf{ChB}\), while at the same time hiding m from Eve who receives c over another noisy channel \(\textsf{ChE}\).
Wiretap coding is clearly impossible when \(\textsf{ChB}\) is a degraded version of \(\textsf{ChE}\), in the sense that the output of \(\textsf{ChB}\) can be simulated using only the output of \(\textsf{ChE}\). A classic work of Csiszár and Korner (IEEE Trans. Inf. Theory, 1978) shows that the converse does not hold. This follows from their full characterization of the channel pairs \((\textsf{ChB},\textsf{ChE})\) that enable information-theoretic wiretap coding.
In this work, we show that in fact the converse does hold when considering computational security; that is, wiretap coding against a computationally bounded Eve is possible if and only if \(\textsf{ChB}\) is not a degraded version of \(\textsf{ChE}\). Our construction assumes the existence of virtual black-box (VBB) obfuscation of specific classes of “evasive” functions that generalize fuzzy point functions, and can be heuristically instantiated using indistinguishability obfuscation. Finally, our solution has the appealing feature of being universal in the sense that Alice’s algorithm depends only on \(\textsf{ChB}\) and not on \(\textsf{ChE}\).
The full version of this paper can be found at https://eprint.iacr.org/2022/343.pdf.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
In the computational setting, any wiretap coding scheme for 1-bit messages can be bootstrapped into one that encodes long messages with rate achieving the capacity of \(\textsf{ChB}\) via the use of a standard hybrid encryption technique (see the full version for more details).
- 2.
A slight caveat is that this holds only when r contains sufficiently many of each \(x \in \mathcal X\), but this occurs with overwhelming probability over the choice of r.
- 3.
- 4.
This is also true with respect to statistically secure wiretap coding schemes over larger message spaces (see the full version).
References
Agrawal, S., et al.: Secure computation from one-way noisy communication, or: anti-correlation via anti-concentration. In: Malkin, T., Peikert, C. (eds.) CRYPTO 2021. LNCS, vol. 12826, pp. 124–154. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-84245-1_5
Badrinarayanan, S., Miles, E., Sahai, A., Zhandry, M.: Post-zeroizing obfuscation: new mathematical tools, and the case of evasive circuits. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016, Part II. LNCS, vol. 9666, pp. 764–791. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49896-5_27
Barak, B., Bitansky, N., Canetti, R., Kalai, Y.T., Paneth, O., Sahai, A.: Obfuscation for evasive functions. In: Lindell, Y. (ed.) TCC 2014. LNCS, vol. 8349, pp. 26–51. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-54242-8_2
Barak, B., et al.: On the (im)possibility of obfuscating programs. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 1–18. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44647-8_1
Bellare, M., Tessaro, S., Vardy, A.: Semantic security for the wiretap channel. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 294–311. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32009-5_18
Blum, M., Micali, S.: How to generate cryptographically strong sequences of pseudorandom bits. SIAM J. Comput. 13(4), 850–864 (1984)
Canetti, R., Fuller, B., Paneth, O., Reyzin, L., Smith, A.D.: Reusable fuzzy extractors for low-entropy distributions. J. Cryptol. 34(1), 2 (2021). Earlier version in Eurcrypt 2016
Coron, J.S., Lepoint, T., Tibouchi, M.: Practical multilinear maps over the integers. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 476–493. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40041-4_26
Cover, T.: Broadcast channels. IEEE Trans. Inf. Theory 18(1), 2–14 (1972)
Csiszár, I., Korner, J.: Broadcast channels with confidential messages. IEEE Trans. Inf. Theory 24(3), 339–348 (1978)
Dodis, Y., Ostrovsky, R., Reyzin, L., Smith, A.D.: Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. SIAM J. Comput. 38(1), 97–139 (2008)
Fuller, B., Meng, X., Reyzin, L.: Computational fuzzy extractors. Inf. Comput. 275, 104602 (2020). Earlier version in Asiacrypt 2013
Garg, S., Gentry, C., Halevi, S.: Candidate multilinear maps from ideal lattices. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 1–17. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38348-9_1
Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game or a completeness theorem for protocols with honest majority. In: Aho, A. (ed.) 19th Annual ACM Symposium on Theory of Computing, pp. 218–229. ACM Press, New York City, 25–27 May 1987
Goldwasser, S., Kalai, Y.T.: On the impossibility of obfuscation with auxiliary input. In: 46th Annual Symposium on Foundations of Computer Science, pp. 553–562. IEEE Computer Society Press, Pittsburgh, 23–25 October 2005
Goldwasser, S., Micali, S.: Probabilistic encryption. J. Comput. Syst. Sci. 28(2), 270–299 (1984)
Goldwasser, S., Rothblum, G.N.: On best-possible obfuscation. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 194–213. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-70936-7_11
Jain, A., Lin, H., Sahai, A.: Indistinguishability obfuscation from well-founded assumptions. In: Proceedings of the 53rd Annual ACM SIGACT Symposium on Theory of Computing, pp. 60–73 (2021)
Juels, A., Sudan, M.: A fuzzy vault scheme. Des. Codes Crypt. 38(2), 237–257 (2006)
Juels, A., Wattenberg, M.: A fuzzy commitment scheme. In: Motiwalla, J., Tsudik, G. (eds.) ACM CCS 1999: 6th Conference on Computer and Communications Security, pp. 28–36. ACM Press, Singapore, 1–4 November 1999
Liang, Y., Kramer, G., Poor, H.V.: Compound wiretap channels. EURASIP J. Wirel. Commun. Netw. 2009, 1–12 (2009)
Maurer, U.: Secret key agreement by public discussion from common information. IEEE Trans. Inf. Theory 39(3), 733–742 (1993)
Nair, C.: Capacity regions of two new classes of two-receiver broadcast channels. IEEE Trans. Inf. Theory 56(9), 4207–4214 (2010)
Poor, H.V., Schaefer, R.F.: Wireless physical layer security. Proc. Natl. Acad. Sci. 114(1), 19–26 (2017). https://www.pnas.org/content/114/1/19
Thomas, M., Joy, A.T.: Elements of Information Theory. Wiley-Interscience, Hoboken (2006)
Wyner, A.D.: The wire-tap channel. Bell Syst. Tech. J. 54(8), 1355–1387 (1975)
Yao, A.C.: Theory and application of trapdoor functions. In: 23rd Annual Symposium on Foundations of Computer Science (SFCS 1982), pp. 80–91. IEEE (1982)
Acknowledgements
Y. Ishai was supported in part by ERC Project NTSC (742754), BSF grant 2018393, and ISF grant 2774/20. This research was supported in part from a Simons Investigator Award, DARPA SIEVE award, NTT Research, NSF Frontier Award 1413955, BSF grant 2012378, a Xerox Faculty Research Award, a Google Faculty Research Award, and an Okawa Foundation Research Grant. This material is based upon work supported by the Defense Advanced Research Projects Agency through Award HR00112020024. We would also like to thank Mark Zhandry for his useful comments.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 International Association for Cryptologic Research
About this paper
Cite this paper
Ishai, Y., Korb, A., Lou, P., Sahai, A. (2022). Beyond the Csiszár-Korner Bound: Best-Possible Wiretap Coding via Obfuscation. In: Dodis, Y., Shrimpton, T. (eds) Advances in Cryptology – CRYPTO 2022. CRYPTO 2022. Lecture Notes in Computer Science, vol 13508. Springer, Cham. https://doi.org/10.1007/978-3-031-15979-4_20
Download citation
DOI: https://doi.org/10.1007/978-3-031-15979-4_20
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-15978-7
Online ISBN: 978-3-031-15979-4
eBook Packages: Computer ScienceComputer Science (R0)
