Presentation on theme: "A Rate-Optimizing Compiler for Non- malleable Codes against Bit-wise Tampering and Permutations Shashank Agrawal (UIUC), Divya Gupta (UCLA), Hemanta K."— Presentation transcript:
A Rate-Optimizing Compiler for Non- malleable Codes against Bit-wise Tampering and Permutations Shashank Agrawal (UIUC), Divya Gupta (UCLA), Hemanta K. Maji (UCLA), Manoj Prabhakaran (UIUC), Omkant Pandey (UCLA)
Non-malleable codes Introduced by Dziembowski et al. [DPW’10]. A fundamental object at the intersection of coding theory and cryptography. Message contained in a tampered codeword is either original or unrelated.
Tampering models Bit-wise, Split-state.... tamper Known “a priori” which parts of the tampered codeword are affected by which parts of the original codeword affect
Bit-wise tampering + Permutation... Any part of the tampered codeword can be affected by any part of the original codeword
Our result Non-malleable Code against bit-wise tampering + permutation Rate-0Rate-1 Compiler New technique for boot-strapping non-malleability by introducing errors
Highlights Two components: Rate-0 non-malleable code (NMC0). Rate-1 error-correcting secret sharing scheme (ECSS). Black-box use of NMC0 and ECSS. Explicit rate-1 code: NMC0 from [AGMPP’14]. ECSS from Reed-Solomon Codes. Bit-wise tampering: Simpler alternative to [CG’14b].
Rest of the talk Formally define non-malleable codes. Discuss compiler at a high level.
Security m... m* encode tamper decode tamper Sim z z could be ‘same’
Rate-1 Code Two components: Rate-0 non-malleable code (NMC0). Rate-1 error-correcting secret sharing scheme (ECSS). [M, L, T, D] - ECSS scheme: L is message-length, M is the codeword-length. T-privacy. D-error-correction. Rate-1: M = L (1 + o(1)). T, D sub-linear in M. Instantiated using Reed-Solomon Codes.
... c1 = ECSS (m)c2 = NMC0(tag)...
Why it works?
Summary Compiler for optimizing rate. Introducing errors: a new technique. Optimize rate in other attack models.