Universal One-Way Hash Functions via Inaccessible Entropy

  • Iftach Haitner
  • Thomas Holenstein
  • Omer Reingold
  • Salil Vadhan
  • Hoeteck Wee
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6110)


This paper revisits the construction of Universal One-Way Hash Functions (UOWHFs) from any one-way function due to Rompel (STOC 1990). We give a simpler construction of UOWHFs, which also obtains better efficiency and security. The construction exploits a strong connection to the recently introduced notion of inaccessible entropy (Haitner et al. STOC 2009). With this perspective, we observe that a small tweak of any one-way function f is already a weak form of a UOWHF: Consider F(x,i) that outputs the i-bit long prefix of f(x). If F were a UOWHF then given a random x and i it would be hard to come up with x′ ≠ x such that F(x,i) = F(x′,i). While this may not be the case, we show (rather easily) that it is hard to sample x′ with almost full entropy among all the possible such values of x′. The rest of our construction simply amplifies and exploits this basic property.

With this and other recent works, we have that the constructions of three fundamental cryptographic primitives (Pseudorandom Generators, Statistically Hiding Commitments and UOWHFs) out of one-way functions are to a large extent unified. In particular, all three constructions rely on and manipulate computational notions of entropy in similar ways. Pseudorandom Generators rely on the well-established notion of pseudoentropy, whereas Statistically Hiding Commitments and UOWHFs rely on the newer notion of inaccessible entropy.


computational complexity cryptography hashing target collision-resistance one-way functions 


  1. 1.
    Canetti, R., Rivest, R.L., Sudan, M., Trevisan, L., Vadhan, S.P., Wee, H.: Amplifying collision resistance: A complexity-theoretic treatment. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 264–283. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  2. 2.
    Cover, T.M., Thomas, J.A.: Elements of information theory, 2nd edn. Wiley-Interscience, New York (2006)MATHGoogle Scholar
  3. 3.
    Cramer, R., Shoup, V.: Design and analysis of practical public-key encryption schemes secure against adaptive chosen ciphertext attack. SIAM Journal on Computing 33(1), 167–226 (2003) (electronic)MATHCrossRefMathSciNetGoogle Scholar
  4. 4.
    Haitner, I., Nguyen, M., Ong, S.J., Reingold, O., Vadhan, S.: Statistically hiding commitments and statistical zero-knowledge arguments from any one-way function. SIAM Journal on Computing 39(3), 1153–1218 (2009)CrossRefMathSciNetGoogle Scholar
  5. 5.
    Haitner, I., Reingold, O., Vadhan, S., Wee, H.: Inaccessible entropy. In: Proceedings of the 41st Annual ACM Symposium on Theory of Computing (STOC). ACM Press, New York (2009)Google Scholar
  6. 6.
    Haitner, I., Reingold, O., Vadhan, S.: Efficiency improvements in constructions of pseudorandom generators. In: Proceedings of the 42th Annual ACM Symposium on Theory of Computing (STOC). ACM Press, New York (2010)Google Scholar
  7. 7.
    Håstad, J., Impagliazzo, R., Levin, L.A., Luby, M.: A pseudorandom generator from any one-way function. SIAM Journal on Computing 28(4), 1364–1396 (1999); Preliminary versions in STOC 1989 and STOC 1990MATHCrossRefMathSciNetGoogle Scholar
  8. 8.
    Impagliazzo, R., Luby, M.: One-way functions are essential for complexity based cryptography. In: Proceedings of the 30th Annual Symposium on Foundations of Computer Science (FOCS), pp. 230–235 (1989)Google Scholar
  9. 9.
    Katz, J., Koo, C.: On constructing universal one-way hash functions from arbitrary one-way functions. Technical Report 2005/328, Cryptology ePrint Archive (2005)Google Scholar
  10. 10.
    Naor, M., Yung, M.: Universal one-way hash functions and their cryptographic applications. In: Proceedings of the 21st Annual ACM Symposium on Theory of Computing (STOC), pp. 33–43. ACM Press, New York (1989)Google Scholar
  11. 11.
    Rompel, J.: One-way functions are necessary and sufficient for secure signatures. In: Proceedings of the 22nd Annual ACM Symposium on Theory of Computing (STOC), pp. 387–394 (1990)Google Scholar
  12. 12.
    Rompel, J.: Techniques for computing with low-independence randomness. PhD thesis, Massachusetts Institute of Technology (1990), http://dspace.mit.edu/handle/1721.1/7582
  13. 13.
    Shoup, V.: A composition theorem for universal one-way hash functions. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 445–452. Springer, Heidelberg (2000)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Iftach Haitner
    • 1
  • Thomas Holenstein
    • 2
  • Omer Reingold
    • 3
  • Salil Vadhan
    • 4
  • Hoeteck Wee
    • 5
  1. 1.Microsoft ResearchNew England
  2. 2.Department of Computer ScienceETH Zurich 
  3. 3.Silicon Valley and Weizmann Institute of ScienceMicrosoft Research 
  4. 4.School of Engineering & Applied Sci. and Center for Research on Computation & SocietyHarvard University 
  5. 5.Queens College, CUNY 

Personalised recommendations