Multi-User Guesswork and Brute Force Security

Multi-User Guesswork and Brute Force Security

The guesswork problem was originally motivated by a desire to quantify computational security for single user systems. Leveraging recent results from its analysis, we extend the remit and utility of the framework to the quantification of the computational security of multi-user systems. In particula...

Full description

Bibliographic Details
Main Authors: Christiansen, Mark M. (Author), Duffy, Ken R. (Author), Medard, Muriel (Contributor), Calmon, Flavio du Pin (Contributor)
Other Authors: Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science (Contributor)
Format: Article
Language:English
Published: Institute of Electrical and Electronics Engineers (IEEE), 2018-02-05T19:18:40Z.
Subjects:
Article
Online Access:Get fulltext
LEADER 02598 am a22002173u 4500
001 113425
042 |a dc 
100 1 0 |a Christiansen, Mark M.  |e author 
100 1 0 |a Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science  |e contributor 
100 1 0 |a Medard, Muriel  |e contributor 
100 1 0 |a Calmon, Flavio du Pin  |e contributor 
700 1 0 |a Duffy, Ken R.  |e author 
700 1 0 |a Medard, Muriel  |e author 
700 1 0 |a Calmon, Flavio du Pin  |e author 
245 0 0 |a Multi-User Guesswork and Brute Force Security 
260 |b Institute of Electrical and Electronics Engineers (IEEE),   |c 2018-02-05T19:18:40Z. 
856 |z Get fulltext  |u http://hdl.handle.net/1721.1/113425 
520 |a The guesswork problem was originally motivated by a desire to quantify computational security for single user systems. Leveraging recent results from its analysis, we extend the remit and utility of the framework to the quantification of the computational security of multi-user systems. In particular, assume that V users independently select strings stochastically from a finite, but potentially large, list. An inquisitor who does not know which strings have been selected wishes to identify U of them. The inquisitor knows the selection probabilities of each user and is equipped with a method that enables the testing of each (user, string) pair, one at a time, for whether that string had been selected by that user. Here, we establish that, unless U=V, there is no general strategy that minimizes the distribution of the number of guesses, but in the asymptote as the strings become long we prove the following: by construction, there is an asymptotically optimal class of strategies; the number of guesses required in an asymptotically optimal strategy satisfies a large deviation principle with a rate function, which is not necessarily convex, that can be determined from the rate functions of optimally guessing individual users' strings; if all users' selection statistics are identical, the exponential growth rate of the average guesswork as the string-length increases is determined by the specific Rényi entropy of the string-source with parameter (V-U+1)/(V-U+2), generalizing the known V=U=1 case; and that the Shannon entropy of the source is a lower bound on the average guesswork growth rate for all U and V, thus providing a bound on computational security for multi-user systems. Examples are presented to illustrate these results and their ramifications for systems design. 
546 |a en_US 
655 7 |a Article 
773 |t IEEE Transactions on Information Theory 

Similar Items