Cryptology ePrint Archive: Report 2020/462

An Information-Theoretic Proof of the Streaming Switching Lemma for Symmetric Encryption

Ido Shahaf and Or Ordentlich and Gil Segev

Abstract: Motivated by a fundamental paradigm in cryptography, we consider a recent variant of the classic problem of bounding the distinguishing advantage between a random function and a random permutation. Specifically, we consider the problem of deciding whether a sequence of $q$ values was sampled uniformly with or without replacement from $[N]$, where the decision is made by a streaming algorithm restricted to using at most s bits of internal memory. In this work, the distinguishing advantage of such an algorithm is measured by the KL divergence between the distributions of its output as induced under the two cases. We show that for any $ s=\Omega( \log N) $ the distinguishing advantage is upper bounded by $ O(q\cdot s/N) $, and even by $ O(q\cdot s/N \log N) $ when $ q\le N^{1-\epsilon} $ for any constant $ \epsilon>0 $ where it is nearly tight with respect to the KL divergence.

Category / Keywords:

Original Publication (in the same form): 2020 IEEE International Symposium on Information Theory (ISIT)

Date: received 21 Apr 2020, last revised 24 Apr 2020

Contact author: ido shahaf at cs huji ac il

Available format(s): PDF | BibTeX Citation

Version: 20200424:112054 (All versions of this report)

Short URL: ia.cr/2020/462


[ Cryptology ePrint archive ]