Cryptology ePrint Archive: Report 2012/383
Formalization of Information-Theoretic Security for Encryption and Key Agreement, Revisited
Abstract: In this paper, we revisit formalizations of information-theoretic security for symmetric-key encryption and key agreement protocols which are very fundamental primitives in cryptography. In general, we can formalize information-theoretic security in various ways: some of them can be formalized as stand-alone security by extending (or relaxing) Shannon's perfect secrecy; some of them can be done based on composable security. Then, a natural question about this is: what is the gap between the formalizations? To answer the question, we investigate relationships between several formalizations of information-theoretic security for symmetric-key encryption and key agreement protocols. Specifically, for symmetric-key encryption protocols which may have decryption-errors, we deal with the following formalizations of security: formalizations extended (or relaxed) from Shannon's perfect secrecy by using mutual information and statistical distance; information-theoretic analogue of indistinguishability by Goldwasser and Micali;
and the ones of composable security by Maurer et al. and Canetti.
Then, we explicitly show that those formalizations are essentially equivalent under both one-time and multiple-use models. Under the both models, we also derive lower bounds on the adversary's (or distinguisher's) advantage and secret-key size required under all of the above formalizations. Although some of them may be already known, we can explicitly derive them all at once through our relationships between the formalizations. In addition, we briefly observe impossibility results which easily follow from the lower bounds. The similar results are also shown for key agreement protocols which may have agreement-errors.
Category / Keywords: foundations / composable security, information-theoretic security, key agreement, symmetric-key encryption, unconditional security
Date: received 8 Jul 2012, last revised 4 Sep 2012
Contact author: shikata at ynu ac jp
Available format(s): PDF | BibTeX Citation
Version: 20120904:215152 (All versions of this report)
Short URL: ia.cr/2012/383
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]