### Abstract

Non-malleable codes, introduced by Dziembowski, Pietrzak and Wichs [DPW10], provide a useful message integrity guarantee in situations where traditional error-correction (and even error-detection) is impossible; for example, when the attacker can completely overwrite the encoded message. Informally, a code is non-malleable if the message contained in a modified codeword is either the original message, or a completely "unrelated value". Although such codes do not exist if the family of "tampering functions" F allowed to modify the original codeword is completely unrestricted, they are known to exist for many broad tampering families F. The family which received the most attention [DPW10, LL12, DKO13, ADL14, CG14a, CG14b] is the family of tampering functions in the so called (2-part) split-state model: here the message x is encoded into two shares L and R, and the attacker is allowed to arbitrarily tamper with each L and R individually. Despite this attention, the following problem remained open: Build efficient, information-theoretically secure non-malleable codes in the split-state model with constant encoding rate: |L| = |R| = O(|x|). In this work, we resolve this open problem. Our technique for getting our main result is of independent interest. We (a) develop a generalization of non-malleable codes, called non-malleable reductions; (b) show simple composition theorem for non-malleable reductions; (c) build a variety of such reductions connecting various (independently interesting) tampering families F to each other; (d) construct several new non-malleable codes in the split-state model by applying the composition theorem to a series of easy to understand reductions. Most importantly, we show several "independence amplification" reductions, showing how to reduce split-state tampering of very few parts to an easier question of split-state tampering with a much larger number of parts. In particular, our final, constant-rate, non-malleable code composes one of these reductions with the very recent, "9-split-state" code of Chattopadhyay and Zuckerman [CZ14].

Original language | English (US) |
---|---|

Title of host publication | STOC 2015 - Proceedings of the 2015 ACM Symposium on Theory of Computing |

Publisher | Association for Computing Machinery |

Pages | 459-468 |

Number of pages | 10 |

Volume | 14-17-June-2015 |

ISBN (Print) | 9781450335362 |

DOIs | |

State | Published - Jun 14 2015 |

Event | 47th Annual ACM Symposium on Theory of Computing, STOC 2015 - Portland, United States Duration: Jun 14 2015 → Jun 17 2015 |

### Other

Other | 47th Annual ACM Symposium on Theory of Computing, STOC 2015 |
---|---|

Country | United States |

City | Portland |

Period | 6/14/15 → 6/17/15 |

### Fingerprint

### ASJC Scopus subject areas

- Software

### Cite this

*STOC 2015 - Proceedings of the 2015 ACM Symposium on Theory of Computing*(Vol. 14-17-June-2015, pp. 459-468). Association for Computing Machinery. https://doi.org/10.1145/2746539.2746544

**Non-malleable reductions and applications.** / Aggarwal, Divesh; Dodis, Yevgeniy; Kazana, Tomasz; Obremski, Maciej.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

*STOC 2015 - Proceedings of the 2015 ACM Symposium on Theory of Computing.*vol. 14-17-June-2015, Association for Computing Machinery, pp. 459-468, 47th Annual ACM Symposium on Theory of Computing, STOC 2015, Portland, United States, 6/14/15. https://doi.org/10.1145/2746539.2746544

}

TY - GEN

T1 - Non-malleable reductions and applications

AU - Aggarwal, Divesh

AU - Dodis, Yevgeniy

AU - Kazana, Tomasz

AU - Obremski, Maciej

PY - 2015/6/14

Y1 - 2015/6/14

N2 - Non-malleable codes, introduced by Dziembowski, Pietrzak and Wichs [DPW10], provide a useful message integrity guarantee in situations where traditional error-correction (and even error-detection) is impossible; for example, when the attacker can completely overwrite the encoded message. Informally, a code is non-malleable if the message contained in a modified codeword is either the original message, or a completely "unrelated value". Although such codes do not exist if the family of "tampering functions" F allowed to modify the original codeword is completely unrestricted, they are known to exist for many broad tampering families F. The family which received the most attention [DPW10, LL12, DKO13, ADL14, CG14a, CG14b] is the family of tampering functions in the so called (2-part) split-state model: here the message x is encoded into two shares L and R, and the attacker is allowed to arbitrarily tamper with each L and R individually. Despite this attention, the following problem remained open: Build efficient, information-theoretically secure non-malleable codes in the split-state model with constant encoding rate: |L| = |R| = O(|x|). In this work, we resolve this open problem. Our technique for getting our main result is of independent interest. We (a) develop a generalization of non-malleable codes, called non-malleable reductions; (b) show simple composition theorem for non-malleable reductions; (c) build a variety of such reductions connecting various (independently interesting) tampering families F to each other; (d) construct several new non-malleable codes in the split-state model by applying the composition theorem to a series of easy to understand reductions. Most importantly, we show several "independence amplification" reductions, showing how to reduce split-state tampering of very few parts to an easier question of split-state tampering with a much larger number of parts. In particular, our final, constant-rate, non-malleable code composes one of these reductions with the very recent, "9-split-state" code of Chattopadhyay and Zuckerman [CZ14].

AB - Non-malleable codes, introduced by Dziembowski, Pietrzak and Wichs [DPW10], provide a useful message integrity guarantee in situations where traditional error-correction (and even error-detection) is impossible; for example, when the attacker can completely overwrite the encoded message. Informally, a code is non-malleable if the message contained in a modified codeword is either the original message, or a completely "unrelated value". Although such codes do not exist if the family of "tampering functions" F allowed to modify the original codeword is completely unrestricted, they are known to exist for many broad tampering families F. The family which received the most attention [DPW10, LL12, DKO13, ADL14, CG14a, CG14b] is the family of tampering functions in the so called (2-part) split-state model: here the message x is encoded into two shares L and R, and the attacker is allowed to arbitrarily tamper with each L and R individually. Despite this attention, the following problem remained open: Build efficient, information-theoretically secure non-malleable codes in the split-state model with constant encoding rate: |L| = |R| = O(|x|). In this work, we resolve this open problem. Our technique for getting our main result is of independent interest. We (a) develop a generalization of non-malleable codes, called non-malleable reductions; (b) show simple composition theorem for non-malleable reductions; (c) build a variety of such reductions connecting various (independently interesting) tampering families F to each other; (d) construct several new non-malleable codes in the split-state model by applying the composition theorem to a series of easy to understand reductions. Most importantly, we show several "independence amplification" reductions, showing how to reduce split-state tampering of very few parts to an easier question of split-state tampering with a much larger number of parts. In particular, our final, constant-rate, non-malleable code composes one of these reductions with the very recent, "9-split-state" code of Chattopadhyay and Zuckerman [CZ14].

UR - http://www.scopus.com/inward/record.url?scp=84954137352&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84954137352&partnerID=8YFLogxK

U2 - 10.1145/2746539.2746544

DO - 10.1145/2746539.2746544

M3 - Conference contribution

SN - 9781450335362

VL - 14-17-June-2015

SP - 459

EP - 468

BT - STOC 2015 - Proceedings of the 2015 ACM Symposium on Theory of Computing

PB - Association for Computing Machinery

ER -