Non-malleable reductions and applications

Divesh Aggarwal, Yevgeniy Dodis, Tomasz Kazana, Maciej Obremski

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Non-malleable codes, introduced by Dziembowski, Pietrzak and Wichs [DPW10], provide a useful message integrity guarantee in situations where traditional error-correction (and even error-detection) is impossible; for example, when the attacker can completely overwrite the encoded message. Informally, a code is non-malleable if the message contained in a modified codeword is either the original message, or a completely "unrelated value". Although such codes do not exist if the family of "tampering functions" F allowed to modify the original codeword is completely unrestricted, they are known to exist for many broad tampering families F. The family which received the most attention [DPW10, LL12, DKO13, ADL14, CG14a, CG14b] is the family of tampering functions in the so called (2-part) split-state model: here the message x is encoded into two shares L and R, and the attacker is allowed to arbitrarily tamper with each L and R individually. Despite this attention, the following problem remained open: Build efficient, information-theoretically secure non-malleable codes in the split-state model with constant encoding rate: |L| = |R| = O(|x|). In this work, we resolve this open problem. Our technique for getting our main result is of independent interest. We (a) develop a generalization of non-malleable codes, called non-malleable reductions; (b) show simple composition theorem for non-malleable reductions; (c) build a variety of such reductions connecting various (independently interesting) tampering families F to each other; (d) construct several new non-malleable codes in the split-state model by applying the composition theorem to a series of easy to understand reductions. Most importantly, we show several "independence amplification" reductions, showing how to reduce split-state tampering of very few parts to an easier question of split-state tampering with a much larger number of parts. In particular, our final, constant-rate, non-malleable code composes one of these reductions with the very recent, "9-split-state" code of Chattopadhyay and Zuckerman [CZ14].

Original languageEnglish (US)
Title of host publicationSTOC 2015 - Proceedings of the 2015 ACM Symposium on Theory of Computing
PublisherAssociation for Computing Machinery
Pages459-468
Number of pages10
Volume14-17-June-2015
ISBN (Print)9781450335362
DOIs
StatePublished - Jun 14 2015
Event47th Annual ACM Symposium on Theory of Computing, STOC 2015 - Portland, United States
Duration: Jun 14 2015Jun 17 2015

Other

Other47th Annual ACM Symposium on Theory of Computing, STOC 2015
CountryUnited States
CityPortland
Period6/14/156/17/15

Fingerprint

Error detection
Error correction
Chemical analysis
Amplification

ASJC Scopus subject areas

  • Software

Cite this

Aggarwal, D., Dodis, Y., Kazana, T., & Obremski, M. (2015). Non-malleable reductions and applications. In STOC 2015 - Proceedings of the 2015 ACM Symposium on Theory of Computing (Vol. 14-17-June-2015, pp. 459-468). Association for Computing Machinery. https://doi.org/10.1145/2746539.2746544

Non-malleable reductions and applications. / Aggarwal, Divesh; Dodis, Yevgeniy; Kazana, Tomasz; Obremski, Maciej.

STOC 2015 - Proceedings of the 2015 ACM Symposium on Theory of Computing. Vol. 14-17-June-2015 Association for Computing Machinery, 2015. p. 459-468.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Aggarwal, D, Dodis, Y, Kazana, T & Obremski, M 2015, Non-malleable reductions and applications. in STOC 2015 - Proceedings of the 2015 ACM Symposium on Theory of Computing. vol. 14-17-June-2015, Association for Computing Machinery, pp. 459-468, 47th Annual ACM Symposium on Theory of Computing, STOC 2015, Portland, United States, 6/14/15. https://doi.org/10.1145/2746539.2746544
Aggarwal D, Dodis Y, Kazana T, Obremski M. Non-malleable reductions and applications. In STOC 2015 - Proceedings of the 2015 ACM Symposium on Theory of Computing. Vol. 14-17-June-2015. Association for Computing Machinery. 2015. p. 459-468 https://doi.org/10.1145/2746539.2746544
Aggarwal, Divesh ; Dodis, Yevgeniy ; Kazana, Tomasz ; Obremski, Maciej. / Non-malleable reductions and applications. STOC 2015 - Proceedings of the 2015 ACM Symposium on Theory of Computing. Vol. 14-17-June-2015 Association for Computing Machinery, 2015. pp. 459-468
@inproceedings{edc4c2b5e7fa4ea3a675f477dfb97a21,
title = "Non-malleable reductions and applications",
abstract = "Non-malleable codes, introduced by Dziembowski, Pietrzak and Wichs [DPW10], provide a useful message integrity guarantee in situations where traditional error-correction (and even error-detection) is impossible; for example, when the attacker can completely overwrite the encoded message. Informally, a code is non-malleable if the message contained in a modified codeword is either the original message, or a completely {"}unrelated value{"}. Although such codes do not exist if the family of {"}tampering functions{"} F allowed to modify the original codeword is completely unrestricted, they are known to exist for many broad tampering families F. The family which received the most attention [DPW10, LL12, DKO13, ADL14, CG14a, CG14b] is the family of tampering functions in the so called (2-part) split-state model: here the message x is encoded into two shares L and R, and the attacker is allowed to arbitrarily tamper with each L and R individually. Despite this attention, the following problem remained open: Build efficient, information-theoretically secure non-malleable codes in the split-state model with constant encoding rate: |L| = |R| = O(|x|). In this work, we resolve this open problem. Our technique for getting our main result is of independent interest. We (a) develop a generalization of non-malleable codes, called non-malleable reductions; (b) show simple composition theorem for non-malleable reductions; (c) build a variety of such reductions connecting various (independently interesting) tampering families F to each other; (d) construct several new non-malleable codes in the split-state model by applying the composition theorem to a series of easy to understand reductions. Most importantly, we show several {"}independence amplification{"} reductions, showing how to reduce split-state tampering of very few parts to an easier question of split-state tampering with a much larger number of parts. In particular, our final, constant-rate, non-malleable code composes one of these reductions with the very recent, {"}9-split-state{"} code of Chattopadhyay and Zuckerman [CZ14].",
author = "Divesh Aggarwal and Yevgeniy Dodis and Tomasz Kazana and Maciej Obremski",
year = "2015",
month = "6",
day = "14",
doi = "10.1145/2746539.2746544",
language = "English (US)",
isbn = "9781450335362",
volume = "14-17-June-2015",
pages = "459--468",
booktitle = "STOC 2015 - Proceedings of the 2015 ACM Symposium on Theory of Computing",
publisher = "Association for Computing Machinery",

}

TY - GEN

T1 - Non-malleable reductions and applications

AU - Aggarwal, Divesh

AU - Dodis, Yevgeniy

AU - Kazana, Tomasz

AU - Obremski, Maciej

PY - 2015/6/14

Y1 - 2015/6/14

N2 - Non-malleable codes, introduced by Dziembowski, Pietrzak and Wichs [DPW10], provide a useful message integrity guarantee in situations where traditional error-correction (and even error-detection) is impossible; for example, when the attacker can completely overwrite the encoded message. Informally, a code is non-malleable if the message contained in a modified codeword is either the original message, or a completely "unrelated value". Although such codes do not exist if the family of "tampering functions" F allowed to modify the original codeword is completely unrestricted, they are known to exist for many broad tampering families F. The family which received the most attention [DPW10, LL12, DKO13, ADL14, CG14a, CG14b] is the family of tampering functions in the so called (2-part) split-state model: here the message x is encoded into two shares L and R, and the attacker is allowed to arbitrarily tamper with each L and R individually. Despite this attention, the following problem remained open: Build efficient, information-theoretically secure non-malleable codes in the split-state model with constant encoding rate: |L| = |R| = O(|x|). In this work, we resolve this open problem. Our technique for getting our main result is of independent interest. We (a) develop a generalization of non-malleable codes, called non-malleable reductions; (b) show simple composition theorem for non-malleable reductions; (c) build a variety of such reductions connecting various (independently interesting) tampering families F to each other; (d) construct several new non-malleable codes in the split-state model by applying the composition theorem to a series of easy to understand reductions. Most importantly, we show several "independence amplification" reductions, showing how to reduce split-state tampering of very few parts to an easier question of split-state tampering with a much larger number of parts. In particular, our final, constant-rate, non-malleable code composes one of these reductions with the very recent, "9-split-state" code of Chattopadhyay and Zuckerman [CZ14].

AB - Non-malleable codes, introduced by Dziembowski, Pietrzak and Wichs [DPW10], provide a useful message integrity guarantee in situations where traditional error-correction (and even error-detection) is impossible; for example, when the attacker can completely overwrite the encoded message. Informally, a code is non-malleable if the message contained in a modified codeword is either the original message, or a completely "unrelated value". Although such codes do not exist if the family of "tampering functions" F allowed to modify the original codeword is completely unrestricted, they are known to exist for many broad tampering families F. The family which received the most attention [DPW10, LL12, DKO13, ADL14, CG14a, CG14b] is the family of tampering functions in the so called (2-part) split-state model: here the message x is encoded into two shares L and R, and the attacker is allowed to arbitrarily tamper with each L and R individually. Despite this attention, the following problem remained open: Build efficient, information-theoretically secure non-malleable codes in the split-state model with constant encoding rate: |L| = |R| = O(|x|). In this work, we resolve this open problem. Our technique for getting our main result is of independent interest. We (a) develop a generalization of non-malleable codes, called non-malleable reductions; (b) show simple composition theorem for non-malleable reductions; (c) build a variety of such reductions connecting various (independently interesting) tampering families F to each other; (d) construct several new non-malleable codes in the split-state model by applying the composition theorem to a series of easy to understand reductions. Most importantly, we show several "independence amplification" reductions, showing how to reduce split-state tampering of very few parts to an easier question of split-state tampering with a much larger number of parts. In particular, our final, constant-rate, non-malleable code composes one of these reductions with the very recent, "9-split-state" code of Chattopadhyay and Zuckerman [CZ14].

UR - http://www.scopus.com/inward/record.url?scp=84954137352&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84954137352&partnerID=8YFLogxK

U2 - 10.1145/2746539.2746544

DO - 10.1145/2746539.2746544

M3 - Conference contribution

SN - 9781450335362

VL - 14-17-June-2015

SP - 459

EP - 468

BT - STOC 2015 - Proceedings of the 2015 ACM Symposium on Theory of Computing

PB - Association for Computing Machinery

ER -