Cryptology ePrint Archive: Report 2014/156

Non-Malleable Extractors with Shorter Seeds and Their Applications

Yanqing Yao and Zhoujun Li

Abstract: Motivated by the problem of how to communicate over a public channel with an active adversary, Dodis and Wichs (STOC’09) introduced the notion of a non-malleable extractor. A non-malleable extractor nmExt : {0, 1}^n ×{0, 1}^d \rightarrow {0, 1}^m takes two inputs, a weakly random W and a uniformly random seed S, and outputs a string which is nearly uniform, given S as well as nmExt(W,A(S)), for an arbitrary function A with A(S) = S.

In this paper, by developing the combination and permutation techniques, we improve the error estimation of the extractor of Raz (STOC’05), which plays an extremely important role in the constraints of the non-malleable extractor parameters including seed length. Then we present improved explicit construction of non-malleable extractors. Though our construction is the same as that given by Cohen, Raz and Segev (CCC’12), the parameters are improved. More precisely, we construct an explicit (1016, 1/2)-non-malleable extractor nmExt : {0, 1}^n ×{0, 1}^d \rightarrow {0, 1} with n = 210 and seed length d = 19, while Cohen et al. showed that the seed length is no less than 46/63 +66. Therefore, our method beats the condition “2.01 · log n \leq d \leq n” proposed by Cohen et al., since d is just 1.9 · log n in our construction. We also improve the parameters of the general explicit construction given by Cohen et al. Finally, we give their applications to privacy amplification.

Category / Keywords: extractors; non-malleable extractors; seed length; privacy amplification protocol

Date: received 28 Feb 2014, last revised 22 Sep 2015

Contact author: yaoyanqing1984 at buaa edu cn

Available format(s): PDF | BibTeX Citation

Version: 20150922:085230 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]