Fuzzy extractors derive strong keys from noisy sources. Their security is usually defined information-theoretically, with gaps between known negative results, existential constructions, and polynomial-time constructions. We ask whether using computational security can close these gaps. We show the following:

•

Negative result: Noise tolerance in fuzzy extractors is usually achieved using an information reconciliation component called a secure sketch. We show that secure sketches defined using pseudoentropy (Håstad et al., SIAM J. Comput. 1999) instead of information-theoretic security are still subject to upper bounds from coding theory.

•

Positive result: We show that our negative result can be avoided by constructing and analyzing a computational fuzzy extractor directly. We modify the code-offset construction (Juels and Wattenberg, CCS 1999) to use random linear codes. Security is based on the Learning with Errors problem and holds when the noisy source is uniform or symbol-fixing (that is, each dimension is either uniform or fixed).

模糊提取器从嘈杂的源中获取强密钥。通常，它们的安全性是从信息理论上定义的，在已知的负面结果，存在性构造和多项式时间构造之间存在差距。我们问使用计算安全性是否可以缩小这些差距。我们显示以下内容：

•

负面结果：模糊提取器中的噪声容忍度通常是使用称为安全草图的信息协调组件来实现的。我们表明，使用伪熵（Håstad等人，SIAM J. Comput。1999）而不是信息理论安全性定义的安全草图仍然受编码理论的约束。

•

积极的结果：我们证明，通过直接构建和分析计算模糊提取器可以避免我们的消极结果。我们修改了代码偏移量结构（Juels和Wattenberg，CCS 1999），以使用随机线性代码。安全性基于“错误学习”问题，并且在噪声源一致或符号固定（即每个维度一致或固定）时才成立。