How to fool an unbounded adversary with a short key

Abstract

We consider the symmetric encryption problem which manifests when two parties must securely transmit a message m with a short shared secret key. As we permit arbitrarily powerful adversaries, any encryption scheme must leak information about m – the mutualinformation between m and its ciphertext cannot be zero. Despite this, we present a family of encryption schemes which guarantee that for any message space in {0, 1}n with minimum entropy n − ℓand for any Boolean function h: {0, 1}n → {0, 1}, no adversary can predict h(m) from the ciphertext of m with more than 1/nω(1) advantage; this is achieved with keys of length ℓ+ω(log n). In general, keys of lengthℓ+s yield a bound of 2−Θ(s) on the advantage. These encryption schemes rely on no unproven assumptions and can be implemented efficiently.