Maximal Correlation Secrecy

TL;DR

This paper demonstrates that maximal correlation between message and ciphertext offers strong secrecy guarantees for cryptosystems with short keys, surpassing entropic security, and provides bounds and constructions achieving optimal secrecy levels.

Contribution

It introduces maximal correlation as a robust secrecy measure, establishes bounds on key length for achieving small maximal correlation, and compares it favorably to entropic security.

Findings

Maximal correlation provides strong secrecy guarantees.

Small maximal correlation can be achieved with short keys.

Maximal correlation is stronger than mutual information-based secrecy measures.

Abstract

This paper shows that the Hirschfeld-Gebelein-R\'enyi maximal correlation between the message and the ciphertext provides good secrecy guarantees for cryptosystems that use short keys. We first establish a bound on the eavesdropper's advantage in guessing functions of the message in terms of maximal correlation and the R\'enyi entropy of the message. This result implies that maximal correlation is stronger than the notion of entropic security introduced by Russell and Wang. We then show that a small maximal correlation $\rho$ can be achieved via a randomly generated cipher with key length $\approx2\log(1/\rho)$, independent of the message length, and by a stream cipher with key length $2\log(1/\rho)+\log n+2$ for a message of length $n$. We establish a converse showing that these ciphers are close to optimal. This is in contrast to entropic security for which there is a gap between the lower and upper bounds. Finally, we show that a small maximal correlation implies secrecy with respect to several mutual information based criteria but is not necessarily implied by them. Hence, maximal correlation is a stronger and more practically relevant measure of secrecy than mutual information.