We will focus on methods for key derivation and key agreement from partially secret and/or noisy data. This setting is particularly relevant when the starting secret is a physical reading -- for example, electrical characteristics of a microchip, observations of quantum bits, or biometrics of a person.
When the data is not noisy, the problem is known as "privacy amplification." For passive adversaries, it is easily solved by randomness extractors. Security against active adversaries requires additional techniques, such as information-theoretic message authentication codes and robust extractors, which we will cover in detail. Dealing, additionally, with noisy starting data, is known as "information reconciliation." It requires error-correcting techniques and so-called "secure sketches" and "fuzzy extractors," which we will also cover in detail.
We will cover (some of the) contents of the following papers:
- Ueli M. Maurer and Stefan Wolf. Privacy Amplification Secure Against Active Adversaries. CRYPTO 1997. [Link]
- Renato Renner and Stefan Wolf. Unconditional Authenticity and Privacy from an Arbitrarily Weak Secret. Crypto 2003. [Link]
- Yevgeniy Dodis, Rafail Ostrovsky, Leonid Reyzin, Adam D. Smith: Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data. Eurocrypt 2004/SIAM J. Computing 2008. [Link]
- Xavier Boyen, Yevgeniy Dodis, Jonathan Katz, Rafail Ostrovsky, and Adam Smith. Secure Remote Authentication Using Biometrics. Eurocrypt 2005 [Link]
- Yevgeniy Dodis, Bhavana Kanukurthi, Jonathan Katz, Leonid Reyzin, and Adam Smith. Robust Fuzzy Extractors and Authenticated Key Agreement from Close Secrets. Crypto 2006, SCN 2008, and IEEE Transactions on Information Theory 2012. [Link]
- Bhavana Kanukurthi and Leonid Reyzin. Key Agreement from Close Secrets over Unsecured Channels. Eurocrypt 2009. [Link]