Advances in Cryptology - EUROCRYPT 2009

Volume 5479 of the series Lecture Notes in Computer Science pp 72-87

On the Security Loss in Cryptographic Reductions

  • Chi-Jen LuAffiliated withInstitute of Information Science, Academia Sinica


Almost all the important cryptographic protocols we have today base their security on unproven assumptions, which all imply NP \(\ne\) P, and thus having unconditional proofs of their security seems far beyond our reach. One research effort then is to identify more basic primitives and prove the security of these protocols by reductions to the security of these primitives. However, in doing so, one often observes some security loss in the form that the security of the protocols is measured against weaker adversaries, e.g., adversaries with a smaller running time. Is such a security loss avoidable? We study two of the most basic cryptographic reductions: hardness amplification of one-way functions and constructing pseudorandom generators from one-way functions. We show that when they are done in a certain black-box way, such a security loss is in fact unavoidable.