ETH Zürich » Computer Science » Theory » Cryptography

Publications: Abstract

Secret Key Agreement Over a Non-authenticated Channel — {Part II}: The Simulatability Condition

Ueli Maurer and Stefan Wolf

This is the second part of a three-part paper on secret-key agreement secure against active adversaries. In the first part, we showed that when two parties, willing to generate a secret key, but connected only by a completely insecure communication channel, have access to independent repetitions of some random experiment, then the possibility of secret-key agreement depends on a certain property, called simulatability}, of the probability distribution modeling the parties' initial knowledge. More generally, the simulatability condition is important in the context of identification and authentication among parties sharing some correlated but not necessarily identical partially secret keys. Unfortunately, this condition is a priori not very useful since it is not clear how to decide efficiently whether it is satisfied or not for a given distribution $P_{XYZ}$. We introduce a new formalism, based on a mechanical model for representing the involved quantities, that allows for dealing with discrete joint distributions of random variables and their manipulations by noisy channels. We show that this representation leads to a simple and efficient characterization of the possibility of secret-key agreement secure against active adversaries.