TY - GEN
T1 - Bounded indistinguishability and the complexity of recovering secrets
AU - Bogdanov, Andrej
AU - Ishai, Yuval
AU - Viola, Emanuele
AU - Williamson, Christopher
N1 - Publisher Copyright:
© International Association for Cryptologic Research 2016.
PY - 2016
Y1 - 2016
N2 - Motivated by cryptographic applications, we study the notion of bounded indistinguishability, a natural relaxation of the well studied notion of bounded independence. We say that two distributions μ and ν over Σnare k-wise indistinguishable if their projections to any k symbols are identical. We say that a function f:Σn→ {0, 1} is _-fooled by k-wise indistinguishability if f cannot distinguish with advantage _ between any two k-wise indistinguishable distributions μ and ν over Σn. We are interested in characterizing the class of functions that are fooled by k-wise indistinguishability. While the case of k-wise independence (corresponding to one of the distributions being uniform) is fairly well understood, the more general case remained unexplored. When Σ = {0, 1}, we observe that whether f is fooled is closely related to its approximate degree. For larger alphabets Σ, we obtain several positive and negative results. Our results imply the first efficient secret sharing schemes with a high secrecy threshold in which the secret can be reconstructed in AC0. More concretely, we show that for every 0 < σ < ρ ≤ 1 it is possible to share a secret among n parties so that any set of fewer than σn parties can learn nothing about the secret, any set of at least ρn parties can reconstruct the secret, and where both the sharing and the reconstruction are done by constant-depth circuits of size poly(n). We present additional cryptographic applications of our results to low-complexity secret sharing, visual secret sharing, leakage-resilient cryptography, and eliminating “selective failure” attacks.
AB - Motivated by cryptographic applications, we study the notion of bounded indistinguishability, a natural relaxation of the well studied notion of bounded independence. We say that two distributions μ and ν over Σnare k-wise indistinguishable if their projections to any k symbols are identical. We say that a function f:Σn→ {0, 1} is _-fooled by k-wise indistinguishability if f cannot distinguish with advantage _ between any two k-wise indistinguishable distributions μ and ν over Σn. We are interested in characterizing the class of functions that are fooled by k-wise indistinguishability. While the case of k-wise independence (corresponding to one of the distributions being uniform) is fairly well understood, the more general case remained unexplored. When Σ = {0, 1}, we observe that whether f is fooled is closely related to its approximate degree. For larger alphabets Σ, we obtain several positive and negative results. Our results imply the first efficient secret sharing schemes with a high secrecy threshold in which the secret can be reconstructed in AC0. More concretely, we show that for every 0 < σ < ρ ≤ 1 it is possible to share a secret among n parties so that any set of fewer than σn parties can learn nothing about the secret, any set of at least ρn parties can reconstruct the secret, and where both the sharing and the reconstruction are done by constant-depth circuits of size poly(n). We present additional cryptographic applications of our results to low-complexity secret sharing, visual secret sharing, leakage-resilient cryptography, and eliminating “selective failure” attacks.
UR - http://www.scopus.com/inward/record.url?scp=84979645239&partnerID=8YFLogxK
U2 - 10.1007/978-3-662-53015-3_21
DO - 10.1007/978-3-662-53015-3_21
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:84979645239
SN - 9783662530146
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 593
EP - 618
BT - Advances in Cryptology - 36th Annual International Cryptology Conference, CRYPTO 2016, Proceedings
A2 - Robshaw, Matthew
A2 - Katz, Jonathan
T2 - 36th Annual International Cryptology Conference, CRYPTO 2016
Y2 - 14 August 2016 through 18 August 2016
ER -