On Hardness Amplification of One-Way Functions

  • Henry Lin
  • Luca Trevisan
  • Hoeteck Wee
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3378)

Abstract

We continue the study of the efficiency of black-box reductions in cryptography. We focus on the question of constructing strong one-way functions (respectively, permutations) from weak one-way functions (respectively, permutations). To make our impossibility results stronger, we focus on the weakest type of constructions: those that start from a weak one-way permutation and define a strong one-way function.

We show that for every “fully black-box” construction of a ε(n)-secure function based on a (1–δ(n))-secure permutation, if q(n) is the number of oracle queries used in the construction and ℓ(n) is the input length of the new function, then we have \(q \geq {\it \Omega}(\frac {1}{\delta}\cdot {\rm log}\frac {1}{\epsilon})\) and ℓ ≥ n + \({\it \Omega}\)(log 1/ε) – O(log q). This result is proved by showing that fully black-box reductions of strong to weak one-way functions imply the existence of “hitters” and then by applying known lower bounds for hitters. We also show a sort of reverse connection, and we revisit the construction of Goldreich et al. (FOCS 1990) in terms of this reverse connection.

Finally, we prove that any “weakly black-box” construction with parameters q(n) and ℓ(n) better than the above lower bounds implies the unconditional existence of strong one-way functions (and, therefore, the existence of a weakly black-box construction with q(n)=0). This result, like the one for fully black-box reductions, is proved by reasoning about the function defined by such a construction when using the identity permutation as an oracle.

References

  1. [GGK03]
    Gennaro, R., Gertner, Y., Katz, J.: Lower bounds on the efficiency of encryption and digital signature schemes. In: Proceedings of the 35th ACM Symposium on Theory of Computing, pp. 417–425 (2003)Google Scholar
  2. [GIL+90]
    Goldreich, O., Impagliazzo, R., Levin, L., Venkatesan, R., Zuckerman, D.: Security preserving amplification of hardness. In: Proceedings of the 31st IEEE Symposium on Foundations of Computer Science, pp. 318–326 (1990)Google Scholar
  3. [GKM+00]
    Gertner, Y., Kannan, S., Malkin, T., Reingold, O., Viswanathan, M.: The relationship between public key encryption and oblivious transfer. In: Proceedings of the 41st IEEE Symposium on Foundations of Computer Science, pp. 325–335 (2000)Google Scholar
  4. [GMR01]
    Gertner, Y., Malkin, T., Reingold, O.: On the impossibility of basing trapdoor functions on trapdoor predicates. In: Proceedings of the 42nd IEEE Symposium on Foundations of Computer Science, pp. 126–135 (2001)Google Scholar
  5. [Gol97]
    Goldreich, O.: A sample of samplers - a computational perspective on sampling. Technical Report TR97-020, Electronic Colloquium on Computational Complexity (1997)Google Scholar
  6. [Gol01]
    Goldreich, O.: The Foundations of Cryptography, vol. 1. Cambridge University Press, Cambridge (2001)CrossRefGoogle Scholar
  7. [GT00]
    Gennaro, R., Trevisan, L.: Lower bounds on the efficiency of generic cryptographic constructions. In: Proceedings of the 41st IEEE Symposium on Foundations of Computer Science, pp. 305–313 (2000)Google Scholar
  8. [HILL99]
    Håstad, J., Impagliazzo, R., Levin, L., Luby, M.: A pseudorandom generator from any one-way function. SIAM Journal on Computing 28(4), 1364–1396 (1999)MATHCrossRefMathSciNetGoogle Scholar
  9. [IL89]
    Impagliazzo, R., Luby, M.: One-way functions are essential for complexity based cryptography. In: Proceedings of the 30th IEEE Symposium on Foundations of Computer Science, pp. 230–235 (1989)Google Scholar
  10. [Imp96]
    Impagliazzo, R.: Very strong one-way functions and pseudo-random generators exist relative to a random oracle. Unpublished manuscript (1996)Google Scholar
  11. [IR89]
    Impagliazzo, R., Rudich, S.: Limits on the provable consequences of one-way permutations. In: Proceedings of the 21st ACM Symposium on Theory of Computing, pp. 44–61 (1989)Google Scholar
  12. [KSS00]
    Kahn, J., Saks, M., Smyth, C.: A dual version of Reimer’s inequality and a proof of rudich’s conjecture. In: Proceedings of the 15th IEEE Conference on Computational Complexity (2000)Google Scholar
  13. [KST99]
    Kim, J.H., Simon, D.R., Tetali, P.: Limits on the efficiency of one-way permutations-based hash functions. In: Proceedings of the 40th IEEE Symposium on Foundations of Computer Science, pp. 535–542 (1999)Google Scholar
  14. [Lub96]
    Luby, M.: Pseudorandomness and Cryptographic Applications. Princeton University Press, Princeton (1996)MATHGoogle Scholar
  15. [RTS97]
    Radhakrishnan, J., Ta-Shma, A.: Tight bounds for depth-two superconcentrators. In: Proceedings of the 38th IEEE Symposium on Foundations of Computer Science, pp. 585–594 (1997)Google Scholar
  16. [RTV04]
    Reingold, O., Trevisan, L., Vadhan, S.: Notions of reducibility between cryptographic primitives. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 1–20. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  17. [Rud88]
    Rudich, S.: Limits on the provable consequences of one-way functions. PhD thesis, University of California at Berkeley (1988)Google Scholar
  18. [Rud91]
    Rudich, S.: The use of interaction in public cryptosystems. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 242–251. Springer, Heidelberg (1992)Google Scholar
  19. [TS98]
    Ta-Shma, A.: Almost optimal dispersers. In: Proceedings of the 30th ACM Symposium on Theory of Computing (1998)Google Scholar
  20. [Yao82]
    Yao, A.C.: Theory and applications of trapdoor functions. In: Proceedings of the 23rd IEEE Symposium on Foundations of Computer Science, pp. 80–91 (1982)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Henry Lin
    • 1
  • Luca Trevisan
    • 1
  • Hoeteck Wee
    • 1
  1. 1.Computer Science DivisionUC Berkeley 

Personalised recommendations