Manytoone trapdoor functions and their relation to publickey cryptosystems
 Mihir Bellare,
 Shai Halevi,
 Amit Sahai,
 Salil Vadhan
 … show all 4 hide
Abstract
The heart of the task of building public key cryptosystems is viewed as that of“making trapdoors;” in fact, public key cryptosystems and trapdoor functions are often discussed as synonymous. How accurate is this view? In this paper we endeavor to get a better understanding of the nature of“trapdoorness” and its relation to public key cryptosystems, by broadening the scope of the investigation: we look at general trapdoor functions; that is, functions that are not necessarily injective (ie., onetoone). Our first result is somewhat surprising: we show that noninjective trapdoor functions (with superpolynomial preimage size) can be constructed from any oneway function (and hence it is unlikely that they suffice for public key encryption). On the other hand, we show that trapdoor functions with polynomial preimage size are sufficient for public key encryption. Together, these two results indicate that the preimage size is a fundamental parameter of trapdoor functions. We then turn our attention to the converse, asking what kinds of trapdoor functions can be constructed from public key cryptosystems. We take a first step by showing that in the randomoracle model one can construct injective trapdoor functions from any public key cryptosystem.
 M. Ajtai and C. Dwork. A publickey cryptoSystem with worstcase/averagecase equivalence. Proceedings of the 29th Annual Symposium on the Theory of Computing, ACM, 1997.
 Adleman, Manders and Miller. On taking roots in finite fields. Proceedings of the 18th Symposium on Foundations of Computer Science, IEEE, 1977.
 M. Bellare, S. Halevi, A. Sahai, and S. Vadhan. Manytoone trapdoor functions and their relation to publickey cryptosystems. Pull version of this paper, available via http://wwwcse.ucsd.edu/users/mihir.
 M. Bellare and P. Rogaway. Random oracles are practical: a paradigm for designing efficient protocols. Proceedings of the First Annual Conference on Computer and Communications Security, ACM, 1993.
 E. Berlekamp. Factoring polynomials over large finite fields. Mathematics of Computation, Vol. 24, 1970, pp. 713–735. CrossRef
 M. Blum and S. Micali. How to generate cryptographically strong sequences of pseudorandom bits, SIAM Journal on Computing, Vol. 13, No. 4, 850–864, November 1984. CrossRef
 R. Canetti. Towards realizing random oracles: Hash functions that hide all partial information. Advances in Cryptology — Crypto 97 Proceedings, Lecture Notes in Computer Science Vol. 1294, B. Kaliski ed., SpringerVerlag, 1997.
 R. Canetti, O. Goldreich and S. Halevi. The random oracle model, revisited. Proceedings of the 30th Annual Symposium on the Theory of Computing, ACM, 1998.
 W. Diffie and M. Hellman. New directions in cryptography. IEEE Trans. Info. Theory, Vol. IT22, No. 6, November 1976, pp. 644–654. CrossRef
 D. Dolev, C. Dwork, and M. Naor. NonMalleable Cryptography. Proceedings of the 23rd Annual Symposium on the Theory of Computing, ACM, 1991.
 T. El Gamal. A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans. Inform. Theory, Vol. 31, 1985, pp. 469–472. CrossRef
 O. Goldreich and L. Levin. A hard predicate for all oneway functions. Proceedings of the 21st Annual Symposium on the Theory of Computing, ACM, 1989.
 S. Goldwasser and S. Micali. Probabilistic Encryption. Journal of Computer and System Sciences, Vol. 28, April 1984, pp. 270–299. CrossRef
 O. Goldreich, N. Nisan, and A. Wigderson. On Yao's XOR Lemma. Electronic Colloquium on Computational Complexity, TR95050. March 1995. http://www.eccc.unitrier.de/eccc/
 J. Håstad, R. Impagliazzo, L. Levin and M. Luby. Construction of a pseudorandom generator from any oneway function. Manuscript. Earlier versions in STOC 89 and STOC 90.
 R. Impagliazzo and M. Luby. Oneway Functions are Essential for ComplexityBased Cryptography. Proceedings of the 30th Symposium on Foundations of Computer Science, IEEE, 1989.
 R. Impagliazzo and S. Rudich. Limits on the provable consequences of oneway permutations. Proceedings of the 21st Annual Symposium on the Theory of Computing, ACM, 1989.
 M. Naor and M. Yung. PublicKey Cryptosystems Provably Secure against Chosen Ciphertext Attacks. Proceedings of the 22nd Annual Symposium on the Theory of Computing, ACM, 1990.
 M. Rabin. Digitalized Signatures and Public Key Functions as Intractable as Factoring. MIT/LCS/TR212, 1979.
 A. Yao. Theory and applications of trapdoor functions. Proceedings of the 23rd Symposium on Foundations of Computer Science, IEEE, 1982.
 Title
 Manytoone trapdoor functions and their relation to publickey cryptosystems
 Book Title
 Advances in Cryptology — CRYPTO '98
 Book Subtitle
 18th Annual International Cryptology Conference Santa Barbara, California, USA August 23–27, 1998 Proceedings
 Pages
 pp 283298
 Copyright
 1998
 DOI
 10.1007/BFb0055735
 Print ISBN
 9783540648925
 Online ISBN
 9783540684626
 Series Title
 Lecture Notes in Computer Science
 Series Volume
 1462
 Series ISSN
 03029743
 Publisher
 Springer Berlin Heidelberg
 Copyright Holder
 SpringerVerlag
 Additional Links
 Topics
 Industry Sectors
 eBook Packages
 Editors
 Authors

 Mihir Bellare ^{(1)}
 Shai Halevi ^{(2)}
 Amit Sahai ^{(3)}
 Salil Vadhan ^{(3)}
 Author Affiliations

 1. Dept. of Computer Science & Engineering, University of California at San Diego, 9500 Gilman Drive, 92093, La Jolla, CA, USA
 2. T. J. Watson Research Center, IBM, P.O. Box 704, 10598, Yorktown Heights, NY, USA
 3. MIT Laboratory for Computer Science, 545 Technology Square, 02139, Cambridge, MA, USA
Continue reading...
To view the rest of this content please follow the download PDF link above.