Advertisement

On the Impossibility of Constructing Non-interactive Statistically-Secret Protocols from Any Trapdoor One-Way Function

  • Marc Fischlin
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2271)

Abstract

We show that non-interactive statistically-secret bit commitment cannot be constructed from arbitrary black-box one-to-one trapdoor functions and thus from general public-key cryptosystems. Reducing the problems of non-interactive crypto-computing, rerandomizable encryption, and non-interactive statistically-sender-private oblivious transfer and low-communication private information retrieval to such commitment schemes, it follows that these primitives are neither constructible from one-to-one trapdoor functions and public-key encryption in general. Furthermore, our separation sheds some light on statistical zero-knowledge proofs. There is an oracle relative to which one-to-one trapdoor functions and one-way permutations exist, while the class of promise problems with statistical zero-knowledge proofs collapses in P. This indicates that nontrivial problems with statistical zero-knowledge proofs require more than (trapdoor) one-wayness.

Keywords

Random Oracle Commitment Scheme Oblivious Transfer Oracle Query Private Information Retrieval 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    W. Aiello, J. HÅstad: Statistical Zero-Knowledge Languages can be Recognized in Two Rounds, Journal of Computer and System Science, Vol. 42, pp. 327–345, 1991.zbMATHCrossRefGoogle Scholar
  2. 2.
    W. Aiello, J. HÅstad: Relativized Perfect Zero-Knowledge is not BPP, Information and Computation, Vol. 93, pp. 223–240, 1991.CrossRefMathSciNetGoogle Scholar
  3. 3.
    W. Aiello, Y. Ishai, O. Reingold: Priced Oblivious Transfer: How to Sell Digital Goods, Eurocrypt 2001, Lecture Notes in Computer Science, Vol. 2045, Springer-Verlag, 2001.CrossRefGoogle Scholar
  4. 4.
    A. Beimel, Y. Ishai, E. Kushilevitz, T. Malkin: One-Way Functions are Essential for Single-Server Private Information Retrieval, Proceedings of the 31st Annual ACM Symposium on the Theory of Computing (STOC), pp. 89–98, 1999.Google Scholar
  5. 5.
    M. Bellare, S. Halevi, A. Sahai, S. Vadhan: Many-To-One Trapdoor Functions and Their Relation to Public-Key Cryptosystems, Crypto’ 98, Lecture Notes in Computer Science, Vol. 1462, Springer-Verlag, pp. 283–298, 1998.Google Scholar
  6. 6.
    M. Bellare, S. Micali: Non-Interactive Oblivious Transfer and Applications, Crypto’ 89, Lecture Notes in Computer Science, Vol. 435, Springer-Verlag,pp. 547–559, 1990.Google Scholar
  7. 7.
    M. Ben-or, O. Goldreich, S. Goldwasser, J. HÅstad, J. Killian, S. Micali, P. Rogaway: Everything Provable is Provable in Zero-Knowledge, Crypto’ 88, Lecture Notes in Computer Science, Vol. 403, Springer-Verlag, pp. 37–56, 1990.Google Scholar
  8. 8.
    B. Chor, O. Goldreich, E. Kushilevitz, M. Sudan: Private Information Retrieval, Journal of ACM, vol. 45, pp. 965–981, 1998.zbMATHCrossRefMathSciNetGoogle Scholar
  9. 9.
    C. CrÉpeau, F. LÉgarÉ, L. Savail: How to Convert a Flavor of Quantum Bit Commitment, Eurocrypt 2001, Lecture Notes in Computer Science, Vol. 2045, Springer-Verlag, 2001.CrossRefGoogle Scholar
  10. 10.
    I. Damg \( \dot {\rm A} \) rd, T. Pedersen, B. Pfitzmann: On the Existence of Statistically Hiding Bit Commitment Schemes and Fail-Stop Signatures, Crypto’ 93, Lecture Notes in Computer Science, Vol. 773, Springer-Verlag, pp. 250–255, 1993.Google Scholar
  11. 11.
    A. De Santis, G. Di Crescenzo, G. Persiano: Public-Key Cryptography and Zero-Knowledge Arguments, Information and Computation, Vol. 121, No. 1, pp. 23–40, 1995.zbMATHCrossRefMathSciNetGoogle Scholar
  12. 12.
    G. Di Crescenzo, T. Okamoto, M. Yung: Keeping the SZK-Verifier Honest Unconditionally, Crypto’ 97, Lecture Notes in Computer Science, Vol. 1294, Springer-Verlag, pp. 31–45, 1997.Google Scholar
  13. 13.
    W. Diffie, M. Hellman: New Directions in Cryptography, IEEE Transaction on Information Theory, Vol. 22, pp. 644–654, 1976.zbMATHCrossRefMathSciNetGoogle Scholar
  14. 14.
    P. Dumais, D. Mayers, L. Salvail: Perfectly Concealing Quantum Bit Commitment from Any One-Way Permutation, Eurocrypt 2000, Lecture Notes in Computer Science, Vol. 1807, Springer-Verlag, pp. 300–315, 2000.CrossRefGoogle Scholar
  15. 15.
    S. Even, O. Goldreich, A. Lempel: A Randomized Protocol for Signing Contracts, Communication of the ACM, vol. 28, pp. 637–647, 1985.CrossRefMathSciNetGoogle Scholar
  16. 16.
    L. Fortnow: The Complexity of Perfect Zero-Knowledge, Proceedings of the 19th Annual ACM Symposium on the Theory of Computing (STOC), pp. 204–209, 1987.Google Scholar
  17. 17.
    R. Gennaro, L. Trevisan: Lower Bounds on the Efficiency of Generic Cryptographic Constructions, Proceedings of the 41st IEEE Symposium on Foundations of Computer Science (FOCS), 2000.Google Scholar
  18. 18.
    Y. Gertner, S. Kannan, T. Malkin, O. Reingold, M. Viswanathan: The Relationship Between Public Key Encryption and Oblivious Transfer, Proceedings of the 41st IEEE Symposium on Foundations of Computer Science (FOCS), 2000.Google Scholar
  19. 19.
    O. Goldreich, A. Sahai, S. Vadhan: Can Statistical Zero-Knowledge be made Non-Interactive? or On the Relationship of SZK and NISZK, Crypto’ 99, Lecture Notes in Computer Science, Springer-Verlag, 1999.Google Scholar
  20. 20.
    O. Goldreich, A. Sahai, S. Vadhan: Honest-Verifier Statistical Zero-Knowledge Equals General Statistical Zero-Knowledge, Proceedings of the 30th Annual ACM Symposium on Theory of Computing (STOC), ACM Press, pp. 399–408, 1998.Google Scholar
  21. 21.
    S. Goldwasser, O. Goldreich, S. Micali: How to Construct Random Functions, Journal of ACM, vol. 33, pp. 792–807, 1986.CrossRefMathSciNetGoogle Scholar
  22. 22.
    S. Goldwasser, S. Micali: Probabilistic Encryption, Journal of Computer and System Science, Vol. 28, pp. 270–299, 1984.zbMATHCrossRefMathSciNetGoogle Scholar
  23. 23.
    S. Halevi, S. Micali: Practical and Provably-Secure Commitment Schemes from Collision-Free Hashing, Crypto’ 96, Lecture Notes in Computer Science, Vol. 1109, Springer-Verlag, pp. 201–215, 1996.Google Scholar
  24. 24.
    J. HÅstad, R. Impagliazzo, L. Levin, M. Luby: A Pseudorandom Generator from any One-way Function, SIAM Journal on Computing, vol. 28(4), pp. 1364–1396, 1999.zbMATHCrossRefMathSciNetGoogle Scholar
  25. 25.
    R. Impagliazzo, M. Luby: One-Way Functions are Essential for Complexity Based Cryptography, Proceedings of the 30th IEEE Symposium on Foundations of Computer Science (FOCS), pp. 230–235, 1989.Google Scholar
  26. 26.
    R. Impagliazzo, S. Rudich: Limits on the Provable Consequences of One-Way Permutations, Proceedings of the 21st Annual ACM Symposium on the Theory of Computing (STOC), pp. 44–61, 1989.Google Scholar
  27. 27.
    R. Impagliazzo, M. Yung: Direct Minimum-Knowledge Computations, Crypto’ 87, Lecture Notes in Computer Science, Vol. 293, Springer-Verlag, pp. 40–51, 1987.Google Scholar
  28. 28.
    J. Kahn, M. Saks, C. Smyth: A Dual Version of Reimer’s Inequality and a Proof of Rudich’s Conjecture, Proceedings of 15th IEEE Conference on Computational Complexity, 2000.Google Scholar
  29. 29.
    J. Kim, D. Simon, P. Tetali: Limits on the Efficiency of One-Way Permutation-Based Hash Functions, Proceedings of the 40th IEEE Symposium on Foundations of Computer Science (FOCS), 1999.Google Scholar
  30. 30.
    M. Naor: Bit Commitment Using Pseudo-Randomness, Journal of Cryptology, vol. 4, pp. 151–158, 1991.zbMATHCrossRefMathSciNetGoogle Scholar
  31. 31.
    M. Naor, R. Ostrovsky, R. Venkatesan, M. Yung: Perfect Zero-Knowledge Arguments for NP Using Any One-Way Permutation, Journal of Cryptology, vol. 11, pp. 87–108, 1998.zbMATHCrossRefMathSciNetGoogle Scholar
  32. 32.
    M. Naor, B. Pinkas: Efficient Oblivious Transfer Protocols, Twelfth Annual ACM-SIAM Symposium on Discrete Algorithms, 2001.Google Scholar
  33. 33.
    M. Naor, M. Yung: Universal One-Way Hash Functions and Their Cryptographic Applications, Proceedings of the 21st Annual ACM Symposium on the Theory of Computing (STOC), pp. 33–43, 1989.Google Scholar
  34. 34.
    R. Ostrovsky: One-Way Functions, Hard on Average Problems, and Statistical Zero-Knowledge Proofs, IEEE Conference on Structure in Complexity Theory, pp. 133–138, 1991.Google Scholar
  35. 35.
    R. Ostrovsky, R. Venkatesan, M. Yung: Fair Games Against an All-Powerful Adversary, AMS DIMACS Series in Discrete Mathematics and Theoretical Computer Science, Vol. 13, pp. 155–169, 1993.MathSciNetGoogle Scholar
  36. 36.
    R. Ostrovsky, A. Wigderson: One-Way Functions are Essential for Non-Trivial Zero-Knowledge, Proceedings of the Second Israel Symposium on Theory of Computing and Systems, 1993.Google Scholar
  37. 37.
    M. Rabin: How to Exchange Secrets by Oblivious Transfer, Technical Report TR-81, Harvard, 1981.Google Scholar
  38. 38.
    J. Rompel: One-Way Functions are Necessary and Sufficient for Secure Signatures, Proceedings of the 22nd Annual ACM Symposium on the Theory of Computing (STOC), pp. 387–394, 1990.Google Scholar
  39. 39.
    S. Rudich: The Use of Interaction in Public Cryptosystems, Crypto’ 91, Lecture Notes in Computer Science, Vol. 576, Springer-Verlag,pp. 242–251, 1992.Google Scholar
  40. 40.
    A. Sahai, S. Vadhan: A Complete Promise Problem for Statistical Zero-Knowledge, Proceedings of the 38th IEEE Symposium on Foundations of Computer Science (FOCS), pp. 448–457, 1997.Google Scholar
  41. 41.
    A. Sahai, S. Vadhan: Manipulating Statistical Difference, AMS DIMACS Series in Discrete Mathematics and Theoretical Computer Science, Vol. 43, pp. 251–270, 1999.MathSciNetGoogle Scholar
  42. 42.
    T. Sander, A. Young, M. Yung: Non-Interactive Crypto-Computing for NC1, Proceedings of the 40th IEEE Symposium on Foundations of Computer Science (FOCS), 1999.Google Scholar
  43. 43.
    A. Shamir: IP=PSPACE, Proceedings of the 31st IEEE Symposium on Foundations of Computer Science (FOCS), 1990.Google Scholar
  44. 44.
    D. Simon: On the Power of Quantum Computation, Proceedings of the 35th IEEE Symposium on Foundations of Computer Science (FOCS), pp. 124–134, 1994.Google Scholar
  45. 45.
    D. Simon: Finding Collisions on a One-Way Street: Can Secure Hash Functions be Based on General Assumptions?, Eurocrypt’ 98, Lecture Notes in Computer Science, Vol. 1403, Springer-Verlag, pp. 334–345, 1998.CrossRefGoogle Scholar
  46. 46.
    S. Vadhan: A Study of Statistical Zero-Knowledge Proofs, Ph.D. thesis, MIT, vailable at http://theory.lcs.mit.edu/~salil/, September 1999.

Copyright information

© Springer-Verlag Berlin Heidelberg 2002

Authors and Affiliations

  • Marc Fischlin
    • 1
  1. 1.Johann Wolfgang Goethe-UniversityFrankfurt am MainGermany

Personalised recommendations