## Key Agreement from Weak Bit Agreement

### Thomas Holenstein

Assume that Alice and Bob, given an authentic channel, have a protocol where they end up with a bit S_A and S_B, respectively, such that with probability (1+eps)/2 these bits are equal. Further assume that conditioned on the event S_A = S_B no polynomial time bounded algorithm can predict the bit better than with probability 1-delta/2. Is it possible to obtain key agreement from such a primitive? We show that for constant delta and eps the answer is yes if and only if delta > (1-eps)/(1+eps), both for uniform and non-uniform adversaries.

The main computational technique used in this paper is a strengthening of Impagliazzo's hard-core lemma to the uniform case and to a set size parameter which is tight (i.e., twice the original size). This may be of independent interest.

## BibTeX Citation

@inproceedings{Holens05, author = {Thomas Holenstein}, title = {Key Agreement from Weak Bit Agreement}, editor = {Ronald Fagin}, booktitle = {Proc.~37th ACM Symposium on Theory of Computing --- STOC 2005}, pages = 664--673, year = 2005, month = 5, }