Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Coding-Based Hybrid Post-Quantum Cryptosystem for Non-Uniform Information

Saar Tarnopolsky, Alejandro Cohen

TL;DR

NU-HUNCC addresses PQ-secure communication of non-uniform messages over a multipath network by integrating an almost-uniform source encoder, IS channel coding, and limited-length post-quantum encryption. It provides information-theoretic individual secrecy against IT-Eve and a strong computational security notion ISS-CCA1 against Crypto-Eve, with achievability results for both linear and non-linear IS codes and a converse against IT-Eve. The scheme achieves high data rates with seed-length negligible overhead and demonstrates favorable rates and complexity compared to prior PQ-secured schemes in finite-length regimes. This work offers a universal, practical framework for PQ-secure storage and communication of non-uniform data, adaptable to various networked systems and cryptosystems, while identifying avenues for further improvement in noisy settings and broader security definitions.

Abstract

We introduce for non-uniform messages a novel hybrid universal network coding cryptosystem (NU-HUNCC) in the finite blocklength regime that provides Post-Quantum (PQ) security at high communication rates. Recently, hybrid cryptosystems offered PQ security by premixing the data using secure linear coding schemes and encrypting only a small portion of it. The data is assumed to be uniformly distributed, an assumption that is often challenging to enforce. Standard fixed-length lossless source coding and compression schemes guarantee a uniform output in normalized divergence. Yet, this is not sufficient to guarantee security. We consider an efficient compression scheme uniform in non-normalized variational distance for the proposed hybrid cryptosystem, that by utilizing a uniform sub-linear shared seed, guarantees PQ security. Specifically, for the proposed PQ cryptosystem, first, we provide an end-to-end practical coding scheme, NU-HUNCC, for non-uniform messages. Second, we show that NU-HUNCC is information-theoretic individually secured (IS) against an eavesdropper with access to any subset of the links and provide a converse proof against such an eavesdropper. Third, we introduce a modified security definition, individual semantic security under a chosen ciphertext attack (ISS-CCA1), and show that against an all-observing eavesdropper, NU-HUNCC satisfies its conditions. Finally, we provide an analysis of NU-HUNCC's high data rate, low computational complexity, and the negligibility of the shared seed size.

Coding-Based Hybrid Post-Quantum Cryptosystem for Non-Uniform Information

TL;DR

NU-HUNCC addresses PQ-secure communication of non-uniform messages over a multipath network by integrating an almost-uniform source encoder, IS channel coding, and limited-length post-quantum encryption. It provides information-theoretic individual secrecy against IT-Eve and a strong computational security notion ISS-CCA1 against Crypto-Eve, with achievability results for both linear and non-linear IS codes and a converse against IT-Eve. The scheme achieves high data rates with seed-length negligible overhead and demonstrates favorable rates and complexity compared to prior PQ-secured schemes in finite-length regimes. This work offers a universal, practical framework for PQ-secure storage and communication of non-uniform data, adaptable to various networked systems and cryptosystems, while identifying avenues for further improvement in noisy settings and broader security definitions.

Abstract

We introduce for non-uniform messages a novel hybrid universal network coding cryptosystem (NU-HUNCC) in the finite blocklength regime that provides Post-Quantum (PQ) security at high communication rates. Recently, hybrid cryptosystems offered PQ security by premixing the data using secure linear coding schemes and encrypting only a small portion of it. The data is assumed to be uniformly distributed, an assumption that is often challenging to enforce. Standard fixed-length lossless source coding and compression schemes guarantee a uniform output in normalized divergence. Yet, this is not sufficient to guarantee security. We consider an efficient compression scheme uniform in non-normalized variational distance for the proposed hybrid cryptosystem, that by utilizing a uniform sub-linear shared seed, guarantees PQ security. Specifically, for the proposed PQ cryptosystem, first, we provide an end-to-end practical coding scheme, NU-HUNCC, for non-uniform messages. Second, we show that NU-HUNCC is information-theoretic individually secured (IS) against an eavesdropper with access to any subset of the links and provide a converse proof against such an eavesdropper. Third, we introduce a modified security definition, individual semantic security under a chosen ciphertext attack (ISS-CCA1), and show that against an all-observing eavesdropper, NU-HUNCC satisfies its conditions. Finally, we provide an analysis of NU-HUNCC's high data rate, low computational complexity, and the negligibility of the shared seed size.

Paper Structure

This paper contains 33 sections, 8 theorems, 69 equations, 8 figures, 1 table.

Table of Contents

  1. Introduction
  2. Main Contributions
  3. System Model
  4. Security Definitions
  5. Security against IT-Eve
  6. Security against Crypto-Eve
  7. Background
  8. Source Code
  9. Channel Code
  10. Linear IS channel code
  11. Non-Linear IS channel Code
  12. Computationally secure cryptosystem
  13. Non-Uniform Hybrid Universal Network Coding Cryptosystem (NU-HUNCC)
  14. NU-HUNCC - scheme description
  15. Non-Linear IS Channel Code
  16. ...and 18 more sections

Key Result

Theorem 1

Assume a noiseless multipath communication $(\ell,w)$. NU-HUNCC with a linear IS code reliably delivers with high probability $\ell$ non-uniform messages from a DMS $(\mathcal{V},p_V)$ to the legitimate receiver, s.t. $\mathbb{P}(\underline{\hat{V}}_{\mathcal{L}}(\underline{Y}_{\mathcal{L}}) \neq \u

Figures (8)

  • Figure 1: Secured storage solution of three files $\{V_i\}_{i=1}^{3}$ on three servers against all observing Crypto-Eve and IT-Eve which has access to two servers. (a) optimal compression of the source and encryption using the original McEliecce cryptosystem with a $[1024,524]$-Goppa codes mceliece1978publicberlekamp1973goppa against Crypto-Eve, (b) optimal compression of the source and encoding using Network Coding Wiretap Type II el2007wiretap against IT-Eve, (c) Proposed NU-IS using an almost uniform compression scheme with a uniform seed of negligible size along with an IS channel cohen2023absolute code against IT-Eve and (d) Proposed NU-HUNCC using an almost uniform compression scheme with a uniform seed of negligible size along with an IS channel code cohen2023absolute and encryption using the original McEliecce cryptosystem with a $[1024,524]$-Goppa codes mceliece1978publicberlekamp1973goppa against both IT and Crypto-Eve's.
  • Figure 2: NU-HUNCC cryptosystem with $\ell$ noiseless communication links and two types of Eve's: IT-Eve with access to $w < \ell$ links, and Crypto-Eve with access to all the links. The lossless almost uniform compression is done by the polar codes-based encoder from NegligbleCost. $c$ of the links are encrypted by a PQ public-key SS-CCA1 cryptosystem. The mixing of the messages is done by either the linear or non-linear IS network code scheme from SMSMcohen2022partial. The uniform seed is encrypted as well and shared by a separate link. In practice, the encrypted seed is concatenated to the $c$ encrypted messages.
  • Figure 3: Non Uniform Hybrid Network Coding Cryptosystem (NU-HUNCC)
  • Figure 4: Numerical simulation of the seed size for a source $(\mathcal{V},p_V)$ with entropy $H(V) = 0.9$. For messages with a size greater than $2^{18}$ bits, the seed size already decreases to about $2.2\%$ of the compressed message size.
  • Figure 5: Numerical simulation of the communication rate as a function of the message size for eight communication links ($\ell=8$), one encrypted link ($c=1$) and source entropy of $0.9$ ($H(V) = 0.9$). NU-IS and NU-HUNCC both achieve better rates than NC WTC Type II and NUM, respectively.
  • ...and 3 more figures

Theorems & Definitions (16)

  • Definition 1
  • Definition 2
  • Definition 3
  • Definition 4
  • Remark 1
  • Theorem 1
  • Theorem 2
  • Remark 2
  • Theorem 3
  • Theorem 4
  • ...and 6 more