Paper 2015/599

The Chain Rule for HILL Pseudoentropy, Revisited

Krzysztof Pietrzak and Maciej Skorski

Abstract

Computationalnotionsofentropy(a.k.a.pseudoentropy)have found many applications, including leakage-resilient cryptography, deter- ministic encryption or memory delegation. The most important tools to argue about pseudoentropy are chain rules, which quantify by how much (in terms of quantity and quality) the pseudoentropy of a given random variable X decreases when conditioned on some other variable Z (think for example of X as a secret key and Z as information leaked by a side-channel). In this paper we give a very simple and modular proof of the chain rule for HILL pseudoentropy, improving best known parameters. Our version allows for increasing the acceptable length of leakage in ap- plications up to a constant factor compared to the best previous bounds. As a contribution of independent interest, we provide a comprehensive study of all known versions of the chain rule, comparing their worst-case strength and limitations.

Metadata
Available format(s)
PDF
Category
Foundations
Publication info
Published elsewhere. Minor revision. Latincrypt 2015
Keywords
pseudoentropy
Contact author(s)
maciej skorski @ gmail com
History
2015-06-21: received
Short URL
https://ia.cr/2015/599
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/599,
      author = {Krzysztof Pietrzak and Maciej Skorski},
      title = {The Chain Rule for HILL Pseudoentropy, Revisited},
      howpublished = {Cryptology ePrint Archive, Paper 2015/599},
      year = {2015},
      note = {\url{https://eprint.iacr.org/2015/599}},
      url = {https://eprint.iacr.org/2015/599}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.