Advertisement

More Efficient Lattice PRFs from Keyed Pseudorandom Synthesizers

  • Hart Montgomery
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11356)

Abstract

We develop new constructions of lattice-based PRFs using keyed pseudorandom synthesizers. We generalize all of the known ‘basic’ parallel lattice-based PRFs–those of [BPR12], [BLMR13], and [BP14]–to build highly parallel lattice-based PRFs with smaller modulus (and thus better reductions from worst-case lattice problems) while still maintaining computational efficiency asymptotically equal to the fastest known lattice-based PRFs at only the cost of larger key sizes.

In particular, we build several parallel (in \(NC^{2}\)) lattice-based PRFs with modulus independent of the number of PRF input bits based on both standard LWE and ring LWE. Our modulus for these PRFs is just \(O \left( m^{ f \left( m \right) } \right) \) for lattice dimension m and any function \(f \left( m \right) \in \omega \left( 1 \right) \). The only known parallel construction of a lattice-based PRF with such a small modulus is a construction from Banerjee’s thesis [Ban15], and some of our parallel PRFs with equivalently small modulus have smaller key sizes and are very slightly faster (when using FFT multiplication). These PRFs also asymptotically match the computational efficiency of the most efficient PRFs built from any LWE- or ring LWE-based assumptions known today, respectively, and concretely require less computation per output than any known parallel lattice-based PRFs (again when using FFT multiplication).

We additionally use our techniques to build other efficient PRFs with very low circuit complexity (but higher modulus) which improve known results on highly parallel lattice PRFs. For instance, for input length \(\lambda \), we show that there exists a ring LWE-based PRF in \(NC^{1}\) with modulus proportional to \(m^{\lambda ^{c}}\) for any \(c \in \left( 0, 1 \right) \). Constructions from lattices with this circuit depth were only previously known from larger moduli.

Keywords

Lattices Pseudorandom functions Learning with errors Pseudorandom synthesizers 

References

  1. [AA16]
    Alperin-Sheriff, J., Apon, D.: Dimension-preserving reductions from LWE to LWR. IACR Cryptology ePrint Archive, 2016:589 (2016)Google Scholar
  2. [AKPW13]
    Alwen, J., Krenn, S., Pietrzak, K., Wichs, D.: Learning with rounding, revisited. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 57–74. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-40041-4_4CrossRefGoogle Scholar
  3. [Ban15]
    Banerjee, A.: New constructions of cryptographic pseudorandom functions. Ph.D. thesis (2015). https://smartech.gatech.edu/bitstream/handle/1853/53916/BANERJEE-DISSERTATION-2015.pdf?sequence=1&isAllowed=y
  4. [BCK96]
    Bellare, M., Canetti, R., Krawczyk, H.: Pseudorandom functions revisited: the cascade construction and its concrete security. In 37th Annual Symposium on Foundations of Computer Science, Burlington, Vermont, pp. 514–523. IEEE Computer Society Press (1996)Google Scholar
  5. [BFKL94]
    Blum, A., Furst, M., Kearns, M., Lipton, R.J.: Cryptographic primitives based on hard learning problems. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 278–291. Springer, Heidelberg (1994).  https://doi.org/10.1007/3-540-48329-2_24CrossRefGoogle Scholar
  6. [BFP+15]
    Banerjee, A., Fuchsbauer, G., Peikert, C., Pietrzak, K., Stevens, S.: Key-homomorphic constrained pseudorandom functions. In: Dodis, Y., Nielsen, J.B. (eds.) TCC 2015. LNCS, vol. 9015, pp. 31–60. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-46497-7_2CrossRefGoogle Scholar
  7. [BGM+16]
    Bogdanov, A., Guo, S., Masny, D., Richelson, S., Rosen, A.: On the hardness of learning with rounding over small modulus. In: Kushilevitz, E., Malkin, T. (eds.) TCC 2016. LNCS, vol. 9562, pp. 209–224. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-49096-9_9CrossRefzbMATHGoogle Scholar
  8. [BKM17]
    Boneh, D., Kim, S., Montgomery, H.: Private puncturable PRFs from standard lattice assumptions. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10210, pp. 415–445. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-56620-7_15CrossRefGoogle Scholar
  9. [BLL+15]
    Bai, S., Langlois, A., Lepoint, T., Stehlé, D., Steinfeld, R.: Improved security proofs in lattice-based cryptography: using the Rényi divergence rather than the statistical distance. In: Iwata, T., Cheon, J.H. (eds.) ASIACRYPT 2015. LNCS, vol. 9452, pp. 3–24. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-48797-6_1CrossRefzbMATHGoogle Scholar
  10. [BLMR13]
    Boneh, D., Lewi, K., Montgomery, H., Raghunathan, A.: Key homomorphic PRFs and their applications. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 410–428. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-40041-4_23CrossRefGoogle Scholar
  11. [BMR10]
    Boneh, D., Montgomery, H.W., Raghunathan, A.: Algebraic pseudorandom functions with improved efficiency from the augmented cascade. In: Al-Shaer, E., Keromytis, A.D., Shmatikov, V. (eds.) ACM CCS 10: 17th Conference on Computer and Communications Security, pp. 131–140. ACM Press, New York (2010)Google Scholar
  12. [BP14]
    Banerjee, A., Peikert, C.: New and improved key-homomorphic pseudorandom functions. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8616, pp. 353–370. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-44371-2_20CrossRefGoogle Scholar
  13. [BPR12]
    Banerjee, A., Peikert, C., Rosen, A.: Pseudorandom functions and lattices. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 719–737. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-29011-4_42CrossRefGoogle Scholar
  14. [BR17]
    Bogdanov, A., Rosen, A.: Pseudorandom functions: three decades later. Tutorials on the Foundations of Cryptography. ISC, pp. 79–158. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-57048-8_3CrossRefGoogle Scholar
  15. [BTVW17]
    Brakerski, Z., Tsabary, R., Vaikuntanathan, V., Wee, H.: Private constrained PRFs (and more) from LWE. In: Kalai, Y., Reyzin, L. (eds.) TCC 2017. LNCS, vol. 10677, pp. 264–302. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-70500-2_10CrossRefGoogle Scholar
  16. [BV15]
    Brakerski, Z., Vaikuntanathan, V.: Constrained key-homomorphic PRFs from standard lattice assumptions - Or: how to secretly embed a circuit in your PRF. In: Dodis, Y., Nielsen, J.B. (eds.) TCC 2015. LNCS, vol. 9015, pp. 1–30. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-46497-7_1CrossRefGoogle Scholar
  17. [BW13]
    Boneh, D., Waters, B.: Constrained pseudorandom functions and their applications. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013. LNCS, vol. 8270, pp. 280–300. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-42045-0_15CrossRefGoogle Scholar
  18. [CC17]
    Canetti, R., Chen, Y.: Constraint-hiding constrained PRFs for NC\(^1\) from LWE. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10210, pp. 446–476. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-56620-7_16CrossRefGoogle Scholar
  19. [DKW16]
    Deshpande, A., Koppula, V., Waters, B.: Constrained pseudorandom functions for unconstrained inputs. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9666, pp. 124–153. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-49896-5_5CrossRefGoogle Scholar
  20. [DS15]
    Döttling, N., Schröder, D.: Efficient pseudorandom functions via on-the-fly adaptation. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9215, pp. 329–350. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-47989-6_16CrossRefGoogle Scholar
  21. [Fat06]
    Fateman, R.J.: When is FFT multiplication of arbitrary-precision polynomials practical? University of California, Berkeley (2006)Google Scholar
  22. [GGM84]
    Goldreich, O., Goldwasser, S., Micali, S.: How to construct random functions (extended abstract). In: 25th Annual Symposium on Foundations of Computer Science, Singer Island, Florida, 24–26 October 1984, pp. 464–479. IEEE Computer Society Press (1984)Google Scholar
  23. [JKP18]
    Jager, T., Kurek, R., Pan, J.: Simple and more efficient PRFs with tight security from LWE and matrix-DDH. Cryptology ePrint Archive, Report 2018/826 (2018). https://eprint.iacr.org/2018/826Google Scholar
  24. [KSN+04]
    Knuth, D.E., Saitou, H., Nagao, T., Matui, S., Matui, T., Yamauchi, H.: of Book: The Art of Computer Programming.-Volume 2, Seminumerical Algorithms (Japanese Edition), vol. 2. ASCII (2004)Google Scholar
  25. [KW17]
    Kim, S., Wu, D.J.: Watermarking cryptographic functionalities from standard lattice assumptions. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10401, pp. 503–536. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-63688-7_17CrossRefGoogle Scholar
  26. [LMR14]
    Lewi, K., Montgomery, H., Raghunathan, A.: Improved constructions of PRFs secure against related-key attacks. In: Boureanu, I., Owesarski, P., Vaudenay, S. (eds.) ACNS 2014. LNCS, vol. 8479, pp. 44–61. Springer, Cham (2014).  https://doi.org/10.1007/978-3-319-07536-5_4CrossRefGoogle Scholar
  27. [MG12]
    Micciancio, D., Goldwasser, S.: Complexity of Lattice Problems: A Cryptographic Perspective, vol. 671. Springer, New York (2012).  https://doi.org/10.1007/978-1-4615-0897-7CrossRefzbMATHGoogle Scholar
  28. [Mon18]
    Montgomery, H.: A nonstandard variant of learning with rounding with polynomial modulus and unbounded samples. Cryptology ePrint Archive, Report 2018/100 (2018). https://eprint.iacr.org/2018/100
  29. [NR95]
    Naor, M., Reingold, O.: Synthesizers and their application to the parallel construction of pseudo-random functions. In: 36th Annual Symposium on Foundations of Computer Science, Milwaukee, Wisconsin, 23–25 October 1995, pp. 170–181. IEEE Computer Society Press (1995)Google Scholar
  30. [NR97]
    Naor, M., Reingold, O.: Number-theoretic constructions of efficient pseudo-random functions. In: 38th Annual Symposium on Foundations of Computer Science, Miami Beach, Florida, 19–22 October 1997, pp. 458–467. IEEE Computer Society Press (1997)Google Scholar
  31. [PS17]
    Peikert, C., Shiehian, S.: Privately constraining and programming PRFs, the LWE way. Cryptology ePrint Archive, Report 2017/1094 (2017). https://eprint.iacr.org/2017/1094
  32. [Reg05]
    Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In: Gabow, H.N., Fagin, R. (eds.) 37th Annual ACM Symposium on Theory of Computing, pp. 84–93. ACM Press, New York (2005)Google Scholar
  33. [Rei]
    Reingold, O.: Pseudorandom synthesizers, functions, and permutationsGoogle Scholar
  34. [RW04]
    Rudich, S., Wigderson, A.: Computational Complexity Theory, vol. 10. American Mathematical Soc., Providence (2004)zbMATHGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  1. 1.Fujitsu Laboratories of AmericaSunnyvaleUSA

Personalised recommendations