Maintaining secrecy when information leakage is unavoidable

Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2004.

Bibliographic Details
Main Author: Smith, Adam (Adam Davidson), 1977-
Other Authors: Madhu Sudan.
Format: Thesis
Language:en_US
Published: Massachusetts Institute of Technology 2005
Subjects:
Online Access:http://hdl.handle.net/1721.1/28744
_version_ 1826215919483879424
author Smith, Adam (Adam Davidson), 1977-
author2 Madhu Sudan.
author_facet Madhu Sudan.
Smith, Adam (Adam Davidson), 1977-
author_sort Smith, Adam (Adam Davidson), 1977-
collection MIT
description Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2004.
first_indexed 2024-09-23T16:39:07Z
format Thesis
id mit-1721.1/28744
institution Massachusetts Institute of Technology
language en_US
last_indexed 2024-09-23T16:39:07Z
publishDate 2005
publisher Massachusetts Institute of Technology
record_format dspace
spelling mit-1721.1/287442019-04-11T09:05:13Z Maintaining secrecy when information leakage is unavoidable Smith, Adam (Adam Davidson), 1977- Madhu Sudan. Massachusetts Institute of Technology. Dept. of Electrical Engineering and Computer Science. Massachusetts Institute of Technology. Dept. of Electrical Engineering and Computer Science. Electrical Engineering and Computer Science. Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2004. Includes bibliographical references (p. 109-115). (cont.) We apply the framework to get new results, creating (a) encryption schemes with very short keys, and (b) hash functions that leak no information about their input, yet-paradoxically-allow testing if a candidate vector is close to the input. One of the technical contributions of this research is to provide new, cryptographic uses of mathematical tools from complexity theory known as randomness extractors. Sharing and maintaining long, random keys is one of the central problems in cryptography. This thesis provides about ensuring the security of a cryptographic key when partial information about it has been, or must be, leaked to an adversary. We consider two basic approaches: 1. Extracting a new, shorter, secret key from one that has been partially compromised. Specifically, we study the use of noisy data, such as biometrics and personal information, as cryptographic keys. Such data can vary drastically from one measurement to the next. We would like to store enough information to handle these variations, without having to rely on any secure storage-in particular, without storing the key itself in the clear. We solve the problem by casting it in terms of key extraction. We give a precise definition of what "security" should mean in this setting, and design practical, general solutions with rigorous analyses. Prior to this work, no solutions were known with satisfactory provable security guarantees. 2. Ensuring that whatever is revealed is not actually useful. This is most relevant when the key itself is sensitive-for example when it is based on a person's iris scan or Social Security Number. This second approach requires the user to have some control over exactly what information is revealed, but this is often the case: for example, if the user must reveal enough information to allow another user to correct errors in a corrupted key. How can the user ensure that whatever information the adversary learns is not useful to her? We answer by developing a theoretical framework for separating leaked information from useful information. Our definition strengthens the notion of entropic security, considered before in a few different contexts. by Adam Davison Smith. Ph.D. 2005-09-27T18:06:19Z 2005-09-27T18:06:19Z 2004 2004 Thesis http://hdl.handle.net/1721.1/28744 59669706 en_US M.I.T. theses are protected by copyright. They may be viewed from this source for any purpose, but reproduction or distribution in any format is prohibited without written permission. See provided URL for inquiries about permission. http://dspace.mit.edu/handle/1721.1/7582 121 p. 9107724 bytes 9122773 bytes application/pdf application/pdf application/pdf Massachusetts Institute of Technology
spellingShingle Electrical Engineering and Computer Science.
Smith, Adam (Adam Davidson), 1977-
Maintaining secrecy when information leakage is unavoidable
title Maintaining secrecy when information leakage is unavoidable
title_full Maintaining secrecy when information leakage is unavoidable
title_fullStr Maintaining secrecy when information leakage is unavoidable
title_full_unstemmed Maintaining secrecy when information leakage is unavoidable
title_short Maintaining secrecy when information leakage is unavoidable
title_sort maintaining secrecy when information leakage is unavoidable
topic Electrical Engineering and Computer Science.
url http://hdl.handle.net/1721.1/28744
work_keys_str_mv AT smithadamadamdavidson1977 maintainingsecrecywheninformationleakageisunavoidable