On the Security Loss in Cryptographic Reductions

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5479)


Almost all the important cryptographic protocols we have today base their security on unproven assumptions, which all imply NP \(\ne\) P, and thus having unconditional proofs of their security seems far beyond our reach. One research effort then is to identify more basic primitives and prove the security of these protocols by reductions to the security of these primitives. However, in doing so, one often observes some security loss in the form that the security of the protocols is measured against weaker adversaries, e.g., adversaries with a smaller running time. Is such a security loss avoidable? We study two of the most basic cryptographic reductions: hardness amplification of one-way functions and constructing pseudorandom generators from one-way functions. We show that when they are done in a certain black-box way, such a security loss is in fact unavoidable.


Oblivious Transfer Hard Function Markov Inequality Circuit Size Oracle Query 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Chang, Y.-C., Hsiao, C.-Y., Lu, C.-J.: The impossibility of basing one-way permutations on central cryptographic primitives. J. Cryptology 19(1), 97–114 (2006)MathSciNetCrossRefzbMATHGoogle Scholar
  2. 2.
    Di Crescenzo, G., Malkin, T.G., Ostrovsky, R.: Single database private information retrieval implies oblivious transfer. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 122–138. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  3. 3.
    Gennaro, R., Gertner, Y., Katz, J., Trevisan, L.: Bounds on the efficiency of generic cryptographic constructions. SIAM J. Comput. 35(1), 217–246 (2005)MathSciNetCrossRefzbMATHGoogle Scholar
  4. 4.
    Gertner, Y., Malkin, T., Reingold, O.: On the impossibility of basing trapdoor functions on trapdoor predicates. In: Proc. IEEE FOCS 2001, pp. 126–135 (2001)Google Scholar
  5. 5.
    Gertner, Y., Kannan, S., Malkin, T., Reingold, O., Viswanathan, M.: The relationship between public key encryption and oblivious transfer. In: Proc. IEEE FOCS 2000, pp. 325–335 (2000)Google Scholar
  6. 6.
    Goldreich, O., Goldwasser, S., Micali, S.: How to construct random functions. J. ACM 33(4), 792–807 (1986)MathSciNetCrossRefzbMATHGoogle Scholar
  7. 7.
    Goldreich, O., Levin, L.: A hard-core predicate for all one-way functions. In: Proc. ACM STOC 1989, pp. 25–32 (1989)Google Scholar
  8. 8.
    Goldreich, O., Impagliazzo, R., Levin, L., Venkatesan, R., Zuckerman, D.: Security preserving amplification of hardness. In: Proc. IEEE FOCS 1990, pp. 318–326 (1990)Google Scholar
  9. 9.
    Goldreich, O., Micali, S., Wigderson, A.: Proofs that yield nothing but their validity and a methodology of cryptographic protocol design. In: Proc. IEEE FOCS 1986, pp. 174–187 (1986)Google Scholar
  10. 10.
    Håstad, J., Impagliazzo, R., Levin, L.A., Luby, M.: A pseudorandom generator from any one-way function. SIAM J. Comput. 28(4), 1364–1396 (1999)MathSciNetCrossRefzbMATHGoogle Scholar
  11. 11.
    Impagliazzo, R., Luby, M.: One-way functions are essential for complexity based cryptography. In: Proc. IEEE FOCS 1989, pp. 230–235 (1989)Google Scholar
  12. 12.
    Impagliazzo, R., Rudich, S.: Limits on the provable consequences of one-way permutations. In: Proc. ACM STOC 1989, pp. 44–61 (1989)Google Scholar
  13. 13.
    Kilian, J.: Founding cryptography on oblivious transfer. In: Proc. ACM STOC 1998, pp. 20–31 (1998)Google Scholar
  14. 14.
    Kushilevitz, E., Ostrovsky, R.: One-way trapdoor permutations are sufficient for non-trivial single-server private information retrieval. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 104–121. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  15. 15.
    Lin, H., Trevisan, L., Wee, H.M.: On hardness amplification of one-way functions. In: Kilian, J. (ed.) TCC 2005. LNCS, vol. 3378, pp. 34–49. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  16. 16.
    Lu, C.-J.: On the complexity of parallel hardness amplification for one-way functions. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 462–481. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  17. 17.
    Naor, M.: Bit commitment using pseudorandomness. J. Cryptology 4(2), 151–158 (1991)MathSciNetCrossRefzbMATHGoogle Scholar
  18. 18.
    Rompel, J.: One-way functions are necessary and sufficient for secure signatures. In: Proc. ACM STOC 1990, pp. 387–394 (1990)Google Scholar
  19. 19.
    Shaltiel, R., Viola, E.: Hardness amplification proofs require majority. In: Proc. ACM STOC 2008, pp. 589–598 (2008)Google Scholar
  20. 20.
    Viola, E.: On constructing parallel pseudorandom generators from one-way functions. In: Proc. IEEE CCC 2005, pp. 183–197 (2005)Google Scholar
  21. 21.
    Yao, A.C.-C.: Theory and applications of trapdoor functions. In: Proc. IEEE FOCS 1982, pp. 80–91 (1982)Google Scholar
  22. 22.
    Zimand, M.: Exposure-resilient extractors and the derandomization of probabilistic sublinear time. Computational Complexity 17(2), 220–253 (2008)MathSciNetCrossRefzbMATHGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  1. 1.Institute of Information ScienceAcademia SinicaTaipeiTaiwan

Personalised recommendations