Paper 2021/110

Replacing Probability Distributions in Security Games via Hellinger Distance

Kenji Yasunaga

Abstract

Security of cryptographic primitives is usually proved by assuming ``ideal'' probability distributions. We need to replace them with approximated ``real'' distributions in the real-world systems without losing the security level. We demonstrate that the Hellinger distance is useful for this problem, while the statistical distance is mainly used in the cryptographic literature. First, we show that for preserving $\lambda$-bit security of a given security game, the closeness of $2^{-\lambda/2}$ to the ideal distribution is sufficient for the Hellinger distance, whereas $2^{-\lambda}$ is generally required for the statistical distance. The result can be applied to both search and decision primitives through the bit security framework of Micciancio and Walter (Eurocrypt 2018). We also show that the Hellinger distance gives a tighter evaluation of closeness than the max-log distance when the distance is small. Finally, we show that the leftover hash lemma can be strengthened to the Hellinger distance. Namely, a universal family of hash functions gives a strong randomness extractor with optimal entropy loss for the Hellinger distance. Based on the results, a $\lambda$-bit entropy loss in randomness extractors is sufficient for preserving $\lambda$-bit security. The current understanding based on the statistical distance is that a $2\lambda$-bit entropy loss is necessary.

Metadata
Available format(s)
PDF
Category
Foundations
Publication info
Published elsewhere. Minor revision. ITC 2021
Keywords
bit securityHellinger distanceleftover hash lemmarandomness extractor
Contact author(s)
yasunaga @ ist osaka-u ac jp
History
2021-07-19: revised
2021-02-01: received
See all versions
Short URL
https://ia.cr/2021/110
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2021/110,
      author = {Kenji Yasunaga},
      title = {Replacing Probability Distributions in Security Games via Hellinger Distance},
      howpublished = {Cryptology {ePrint} Archive, Paper 2021/110},
      year = {2021},
      url = {https://eprint.iacr.org/2021/110}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.