Professional Documents
Culture Documents
The Effect of Public String On Extracted String in A Fuzzy Extractor
The Effect of Public String On Extracted String in A Fuzzy Extractor
Abstract: A fuzzy extractor is designed to extract a uniformly the alphabet of a random variable is denoted by the
distributed string from a noisy input in an error-tolerant corresponding script letter, the cardinality of a set is
manner. It has two outputs for a noisy input, a uniformly denoted by . The expected value of a real-valued random
distributed string and a public string. This paper gives the effect
variable is denoted by . The uniform distribution
of public string on the entropy loss in a fuzzy extractor, and
obtains the relationship between the entropy loss and public over is denoted by .
string, and the relationship between the size of extracted string A useful bound for any real-valued variable , any
and public string. , and any ( is the set of real numbers) is
.
Keywords: Cryptography, Secure sketch, Fuzzy extractor,
Min-entropy, Entropy loss Take , we have
(1)
1. Introduction The Rényi entropy of order of a random variable with
distribution and alphabet is defined as
To securely derive cryptographic keys from a noisy input
,
such as biometric data, a fuzzy extractor is designed to
extract a uniformly distributed string from this noisy input for and .
in an error-tolerant manner [1, 2, 5, 6, 7]. A fuzzy extractor The min-entropy of is
has two outputs for a noisy input, a uniformly distributed .
string which is used as cryptographic key, and a public The conditional min-entropy of given is
string which is used to encode the information needed for .
extraction of the uniformly distributed string. The difference We have .
between the min-entropy of the input and the conditional The statistical distance between two probability
min-entropy of the input given extracted string is defined as distributions with the same alphabet is defined
the entropy loss of a fuzzy extractor. as
This paper gives the effect of public string on the entropy .
loss in a fuzzy extractor, and obtains the relationship Lemma 1 [1]: Let be two random variables, if
between the entropy loss and public string, and the has possible values, then for any random variable ,
relationship between the size of extracted string and public
string.
A metric space is a set with a distance function
A similar problem in unconditionally-secure secret-key
, satisfying if
agreement protocol was considered in [3, 4, 8], which dealt
and only if , and symmetry
with the effect of side-information, obtained by the opponent
and the triangle inequality
through an initial reconciliation step, on the size of the
.
secret-key that can be distilled safely by subsequent privacy
Definition 1. An -secure sketch is a pair of
amplification.
randomized procedures, “sketch” ( ) and “recover” ( ),
2. Preliminaries with the following properties:
(i) The sketching procedure on input returns
We repeat some fundamental definitions and conclusions in a bit string . The recovery procedure takes
this section. Random variables are denoted by capital letter,
an element and a bit string .
10 (IJCNS) International Journal of Computer and Network Security,
Vol. 2, No. 10, 2010
(ii) Correctness: Because is an arbitrary constant, we take it big
If , then . enough such that is approximately 1, take limit
(iii) Security: For any distribution over , with , and obtain
if , then . ,
Definition 2. An -fuzzy extractor is a pair with probability approximately 1.
of randomized procedures, “generate” ( ) and Let , if is distributed uniformly, then
“reproduce” ( ), with the following properties: , ,
(i) The generation procedure on input .
outputs an extracted string and a helper string Therefore, the lemma1 is a special case of Theorem1.
.The reproduction procedure takes an Lemma2. Let be a constant, then
element and a bit string as inputs.
(ii) Correctness: If and with probability at least .
, then . Proof. From
(iii) Security: For any distribution over , if ,
and , then we have , ,
. .
From (1), it follows
3. The Effect of Public String on Extracted
String and the Size of Extracted String So
In the following two theorems, we give the relationship ,
between the entropy loss and the public string in a fuzzy with probability at least .
extractor. Because the inequality holds for each , we have
Theorem 1. In an -fuzzy extractor, let
be a random variable with alphabet , be a deterministic ,
function of , and with alphabet . Then with with probability at least .
probability approximately 1, we have Theorem2. Let be the same as theorem1,
.
be an arbitrary constant. Then for
Proof. We first consider the entropy loss of the Rényi
entropy of order . Since is a deterministic
function of , and , it follows that
with probability at least .
Proof. From
or
.
Let be an arbitrary constant,
.
From (1), we have
By chebychef inequality, we have
,
or and