Randomness Extraction in finite fields Fpn

Many technics for randomness extraction over finite fields was proposed by various authors such as Fouque et al. and Carneti et al.. At eurocrypt’09, these previous works was improved by Chevalier et al., over a finite field Fp, where p is a prime. But their papers don’t study the case where the field is not prime such as binary fields. In this paper, we present a deterministic extractor for a multiplicative subgroup of Fpn , where p is a prime. In particular, we show that the k-first F2-coefficients of a random element in a subgroup of F2n are indistinguishable from a random bit-string of the same length. Hence, under the Decisional DiffieHellman assumption over binary fields, one can deterministically derive a uniformly random bit-string from a Diffie-Hellman key exchange in the standard model. Over Fp, Chevalier et al. use the ”Polya-Vinogradov inequality” to bound incomplete character sums but over Fpn we use ”Winterhof inequality” to bound incomplete character sums. Our proposition is a good deterministic extractor even if the length of its output is less than those one can have with the leftover hash lemma and universal hash functions. Our extractor can be used in any cryptographic protocol or encryption schemes.