Journal of Cryptology

, Volume 27, Issue 1, pp 109–138 | Cite as

A New Interactive Hashing Theorem

  • Iftach Haitner
  • Omer Reingold


Interactive hashing, introduced by Naor, Ostrovsky, Venkatesan, and Yung (J. Cryptol. 11(2):87–108, 1998), plays an important role in many cryptographic protocols. In particular, interactive hashing is a major component in all known constructions of statistically hiding commitment schemes and of statistical zero-knowledge arguments based on general one-way permutations/functions. Interactive hashing with respect to a one-way function f is a two-party protocol that enables a sender who knows y=f(x) to transfer a random hash z=h(y) to a receiver such that the sender is committed to y: the sender cannot come up with x and x′ such that f(x)≠f(x′), but h(f(x))=h(f(x′))=z. Specifically, if f is a permutation and h is a two-to-one hash function, then the receiver does not learn which of the two preimages {y,y′}=h −1(z) is the one the sender can invert with respect to f. This paper reexamines the notion of interactive hashing, and proves the security of a variant of the Naor et al. protocol, which yields a more versatile interactive hashing theorem. When applying our new proof to (an equivalent variant of) the Naor et al. protocol, we get an alternative proof for this protocol that seems simpler and more intuitive than the original one, and achieves better parameters (in terms of how security preserving the reduction is).

Key words

Cryptography Interactive hashing Statistically hiding and computationally binding commitments Statistical zero-knowledge arguments 



We are grateful to Moni Naor and Ronen Shaltiel for helpful conversations. We are also grateful to Oded Goldreich and the anonymous referees for their many useful comments and suggestions.


  1. [1]
    G. Brassard, D. Chaum, C. Crépeau, Minimum disclosure proofs of knowledge. J. Comput. Syst. Sci. 37(2), 156–189 (1988) CrossRefzbMATHGoogle Scholar
  2. [2]
    L.J. Carter, M.N. Wegman, Universal classes of Hash functions. J. Comput. Syst. Sci. 18(2), 143–154 (1979) CrossRefzbMATHMathSciNetGoogle Scholar
  3. [3]
    O. Goldreich, Foundations of Cryptography: Basic Tools (Cambridge University Press, Cambridge, 2001) CrossRefGoogle Scholar
  4. [4]
    O. Goldreich, S. Goldwasser, N. Linial, Fault-tolerant computation in the full information model. SIAM J. Comput. 27, 447–457 (1998) MathSciNetGoogle Scholar
  5. [5]
    I. Haitner, O. Reingold, Statistically hiding commitment from any one-way function, in Proceedings of the 39th Annual ACM Symposium on Theory of Computing (STOC) (2007), pp. 1–10 Google Scholar
  6. [6]
    I. Haitner, O. Reingold, A new interactive hashing theorem, in Proceedings of the 18th Annual IEEE Conference on Computational Complexity (2007), pp. 319–332 Google Scholar
  7. [7]
    I. Haitner, J.J. Hoch, O. Reingold, G. Segev, Finding collisions in interactive protocols—a tight lower bound on the round complexity of statistically-hiding commitments, in Proceedings of the 48th Annual Symposium on Foundations of Computer Science (FOCS) (2007), pp. 669–679 CrossRefGoogle Scholar
  8. [8]
    I. Haitner, O. Horvitz, J. Katz, C. Koo, R. Morselli, R. Shaltiel, Reducing complexity assumptions for statistically hiding commitment. J. Cryptol. 22(3), 283–310 (2009) CrossRefzbMATHMathSciNetGoogle Scholar
  9. [9]
    I. Haitner, M. Nguyen, S.J. Ong, O. Reingold, S. Vadhan, Statistically hiding commitments and statistical zero-knowledge arguments from any one-way function. SIAM J. Comput. 39(3), 1153–1218 (2009). Preliminary versions in FOCS’06 and STOC’07 CrossRefzbMATHMathSciNetGoogle Scholar
  10. [10]
    I. Haitner, O. Reingold, S. Vadhan, H. Wee, Inaccessible entropy, in Proceedings of the 41st Annual ACM Symposium on Theory of Computing (STOC) (2009), pp. 611–620 CrossRefGoogle Scholar
  11. [11]
    I. Haitner, D. Harnik, O. Reingold, On the power of the randomized iterate. SIAM J. Comput. 40(6), 1486–1528 (2011). Preliminary version in Crypto’06 CrossRefzbMATHMathSciNetGoogle Scholar
  12. [12]
    J. Håstad, R. Impagliazzo, L.A. Levin, M. Luby, A pseudorandom generator from any one-way function. SIAM J. Comput. 28, 1364–1396 (1999). Preliminary versions in STOC’89 and STOC’90 CrossRefzbMATHMathSciNetGoogle Scholar
  13. [13]
    T. Koshiba, Y. Seri, Round-efficient one-way permutation based perfectly concealing bit commitment scheme. Technical Report TR06-093, ECCC (2006).
  14. [14]
    Y. Lindell, Parallel coin-tossing and constant-round secure two-party computation. J. Cryptol. 16(3), 143–184 (2003) CrossRefzbMATHMathSciNetGoogle Scholar
  15. [15]
    M. Naor, M. Yung, Universal one-way Hash functions and their cryptographic applications, in Proceedings of the 21st Annual ACM Symposium on Theory of Computing (STOC) (1989), pp. 33–43 Google Scholar
  16. [16]
    M. Naor, R. Ostrovsky, R. Venkatesan, M. Yung, Perfect zero-knowledge arguments for NP using any one-way permutation. J. Cryptol. 11(2), 87–108 (1998). Preliminary version in CRYPTO’92 CrossRefzbMATHMathSciNetGoogle Scholar
  17. [17]
    M. Nguyen, S.J. Ong, S. Vadhan, Statistical zero-knowledge arguments for NP from any one-way function, in Proceedings of the 47th Annual Symposium on Foundations of Computer Science (FOCS) (2006), pp. 3–14 Google Scholar
  18. [18]
    R. Ostrovsky, R. Venkatesan, M. Yung, Secure commitment against all powerful adversary, in 9th Annual Symposium on Theoretical Aspects of Computer Science (1992), pp. 439–448 Google Scholar
  19. [19]
    R. Ostrovsky, R. Venkatesan, M. Yung, Fair games against an all-powerful adversary. AMS DIMACS Ser. Discrete Math. Theor. Comput. Sci. 13, 155–169 (1993). Preliminary version in SEQUENCES’91 MathSciNetGoogle Scholar
  20. [20]
    R. Ostrovsky, R. Venkatesan, M. Yung, Interactive hashing simplifies zero-knowledge protocol design, in Advances in Cryptology—EUROCRYPT’93 (1993), pp. 267–273 Google Scholar
  21. [21]
    H. Wee, One-way permutations, interactive hashing and statistically hiding commitments, in Theory of Cryptography, Fourth Theory of Cryptography Conference, TCC 2007 (2007), pp. 419–433 Google Scholar

Copyright information

© International Association for Cryptologic Research 2013

Authors and Affiliations

  1. 1.School of Computer ScienceTel Aviv UniversityTel AvivIsrael
  2. 2.Microsoft Research, Silicon Valley CampusMountain ViewUSA
  3. 3.Weizmann Institute of ScienceRehovotIsrael

Personalised recommendations