Maximal Correlation Secrecy

Abstract

This paper shows that the Hirschfeld–Gebelein–Renyi maximal correlation between the message and the ciphertext provides good secrecy guarantees for cryptosystems that use short keys. We first establish a bound on the eavesdropper’s advantage in guessing functions of the message in terms of maximal correlation and the Renyi entropy of the message. This result implies that the maximal correlation is stronger than the notion of entropic security introduced by Russell and Wang. We then show that a small maximal correlation $\rho $ can be achieved via a randomly generated cipher with key length $\approx 2\log (1/\rho )$ , independent of the message length, and by a stream cipher with key length $2\log (1/\rho )+\log n+2$ for a message of length $n$ . We establish a converse showing that these ciphers are close to optimal. This is in contrast with the entropic security for which there is a gap between the lower and upper bounds. Finally, we show that a small maximal correlation implies secrecy with respect to several mutual information-based criteria but is not necessarily implied by them. Hence, maximal correlation is a stronger and more practically relevant measure of secrecy than the mutual information.