Non-Malleable Extractors, Two-Source Extractors and Privacy Amplification

Xin Li

Paper 2012/188

Non-Malleable Extractors, Two-Source Extractors and Privacy Amplification

Xin Li

Abstract

Dodis and Wichs introduced the notion of a non-malleable extractor to study the problem of privacy amplification with an active adversary. A non-malleable extractor is a much stronger version of a strong extractor. Given a weakly-random string $x$ and a uniformly random seed $y$ as the inputs, the non-malleable extractor $n m E x t$ has the property that $n m E x t (x, y)$ appears uniform even given $y$ as well as $n m E x t (x, A (y))$ , for an arbitrary function $A$ with $A (y) \neq y$ . Dodis and Wichs showed that such an object can be used to give optimal privacy amplification protocols with an active adversary. Previously, there are only two known constructions of non-malleable extractors \cite{DLWZ11, CRS11}. Both constructions only work for -sources with . Interestingly, both constructions are also two-source extractors. In this paper, we present a strong connection between non-malleable extractors and two-source extractors. The first part of the connection shows that non-malleable extractors can be used to construct two-source extractors. If the non-malleable extractor works for small min-entropy and has a short seed length with respect to the error, then the resulted two-source extractor beats the best known construction of two-source extractors. This partially explains why previous constructions of non-malleable extractors only work for sources with entropy rate , and why explicit non-malleable extractors for small min-entropy may be hard to get. The second part of the connection shows that certain two-source extractors can be used to construct non-malleable extractors. Using this connection, we obtain the first construction of non-malleable extractors for . Specifically, we give an unconditional construction for min-entropy for some constant , and a conditional (semi-explicit) construction that can potentially achieve for any constant . We also generalize non-malleable extractors to the case where there are more than one adversarial seeds, and show a similar connection between the generalized non-malleable extractors and two-source extractors. Finally, despite the lack of explicit non-malleable extractors for arbitrarily linear entropy, we give the first 2-round privacy amplification protocol with asymptotically optimal entropy loss and communication complexity for sources with for any constant . This dramatically improves previous results and answers an open problem in \cite{DLWZ11}.

Metadata

Available format(s): PDF PS
Category: Cryptographic protocols
Publication info: Published elsewhere. Unknown where it was published
Keywords: non-malleable extractor privacy amplification weak secret
Contact author(s): lixin98 @ gmail com
History: 2012-04-11: received
Short URL: https://ia.cr/2012/188
License: CC BY

BibTeX

@misc{cryptoeprint:2012/188,
      author = {Xin Li},
      title = {Non-Malleable Extractors, Two-Source Extractors and Privacy Amplification},
      howpublished = {Cryptology {ePrint} Archive, Paper 2012/188},
      year = {2012},
      url = {https://eprint.iacr.org/2012/188}
}