The bounded-storage model in the presence of a quantum adversary

An extractor is a function Ε that is used to extract randomness. Given an imperfect random source Χ and a uniform seed Y, the output Ε(X,Y) is close to uniform. We study properties of such functions in the presence of prior quantum information about X, with a particular focus on cryptographic applications. We prove that certain extractors are suitable for key expansion in the bounded-storage model where the adversary has a limited amount of quantum memory. For extractors with one-bit output we show that the extracted bit is essentially equally secure as in the case where the adversary has classical resources. We prove the security of certain constructions that output multiple bits in the bounded-storage model. © 2008 IEEE.