Cryptology ePrint Archive: Report 2012/383

Formalization of Information-Theoretic Security for Encryption and Key Agreement, Revisited

Junji Shikata

Abstract: In this paper, we revisit formalizations of information-theoretic security for symmetric-key encryption and key agreement protocols which are very fundamental primitives in cryptography. In general, we can formalize information-theoretic security in various ways: some of them can be formalized as stand-alone security by extending (or relaxing) Shannon's perfect secrecy; some of them can be done based on composable security. Then, a natural question about this is: what is the gap between the formalizations? To answer the question, we investigate relationships between several formalizations of information-theoretic security for symmetric-key encryption and key agreement protocols. Specifically, for symmetric-key encryption protocols which may have decryption-errors, we deal with the following formalizations of security: formalizations extended (or relaxed) from Shannon's perfect secrecy by using mutual information and statistical distance; information-theoretic analogue of indistinguishability by Goldwasser and Micali; and the ones of composable security by Maurer et al. and Canetti. Then, we explicitly show that those formalizations are essentially equivalent under both one-time and multiple-use models. Under the both models, we also derive lower bounds on the adversary's (or distinguisher's) advantage and secret-key size required under all of the above formalizations. Although some of them may be already known, we can explicitly derive them all at once through our relationships between the formalizations. In addition, we briefly observe impossibility results which easily follow from the lower bounds. The similar results are also shown for key agreement protocols which may have agreement-errors.

Category / Keywords: foundations / composable security, information-theoretic security, key agreement, symmetric-key encryption, unconditional security

Date: received 8 Jul 2012, last revised 4 Sep 2012

Contact author: shikata at ynu ac jp

Available format(s): PDF | BibTeX Citation

Version: 20120904:215152 (All versions of this report)

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]