From Non-adaptive to Adaptive Pseudorandom Functions

  • Itay Berman
  • Iftach Haitner
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7194)


Unlike the standard notion of pseudorandom functions (PRF), a non-adaptive PRF is only required to be indistinguishable from random in the eyes of a non-adaptive distinguisher (i.e., one that prepares its oracle calls in advance). A recent line of research has studied the possibility of a direct construction of adaptive PRFs from non-adaptive ones, where direct means that the constructed adaptive PRF uses only few (ideally, constant number of) calls to the underlying non-adaptive PRF. Unfortunately, this study has only yielded negative results, showing that “natural” such constructions are unlikely to exist (e.g., Myers [EUROCRYPT ’04], Pietrzak [CRYPTO ’05, EUROCRYPT ’06])..

We give an affirmative answer to the above question, presenting a direct construction of adaptive PRFs from non-adaptive ones. Our construction is extremely simple, a composition of the non-adaptive PRF with an appropriate pairwise independent hash function.


Function Family Pseudorandom Generator Direct Construction Pseudorandom Function Oracle Access 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Bellare, M.: A note on negligible functions. Journal of Cryptology, 271–284 (2002)Google Scholar
  2. 2.
    Bellare, M., Goldwasser, S.: New Paradigms for Digital Signatures and Message Authentication Based on Non-interactive Zero Knowledge Proofs. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 194–211. Springer, Heidelberg (1990)Google Scholar
  3. 3.
    Blum, M., Evans, W.S., Gemmell, P., Kannan, S., Naor, M.: Checking the correctness of memories. Algorithmica 12(2/3), 225–244 (1994)MathSciNetCrossRefGoogle Scholar
  4. 4.
    Carter, L.J., Wegman, M.N.: Universal classes of hash functions. Journal of Computer and System Sciences, 143–154 (1979)Google Scholar
  5. 5.
    Cho, C., Lee, C.-K., Ostrovsky, R.: Equivalence of Uniform Key Agreement and Composition Insecurity. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 447–464. Springer, Heidelberg (2010)Google Scholar
  6. 6.
    Chor, B., Fiat, A., Naor, M., Pinkas, B.: Tracing traitors. IEEE Transactions on Information Theory 46(3), 893–910 (2000)CrossRefzbMATHGoogle Scholar
  7. 7.
    Goldreich, O.: Towards a Theory of Software Protection. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 426–439. Springer, Heidelberg (1987)Google Scholar
  8. 8.
    Goldreich, O.: Foundations of Cryptography: Basic Tools. Cambridge University Press (2001)Google Scholar
  9. 9.
    Goldreich, O.: Foundations of Cryptography. Basic Applications, vol. 2. Cambridge University Press (2004)Google Scholar
  10. 10.
    Goldreich, O., Goldwasser, S., Micali, S.: On the Cryptographic Applications of Random Functions. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 276–288. Springer, Heidelberg (1985)CrossRefGoogle Scholar
  11. 11.
    Goldreich, O., Goldwasser, S., Micali, S.: How to construct random functions. Journal of the ACM, 792–807 (1986)Google Scholar
  12. 12.
    Håstad, J., Impagliazzo, R., Levin, L.A., Luby, M.: A pseudorandom generator from any one-way function. SIAM Journal on Computing, 1364–1396 (1999)Google Scholar
  13. 13.
    Luby, M.: Pseudorandomness and cryptographic applications. Princeton computer science notes. Princeton University Press (1996) ISBN 978-0-691-02546-9Google Scholar
  14. 14.
    Luby, M., Rackoff, C.: How to construct pseudorandom permutations from pseudorandom functions. SIAM Journal on ComputingGoogle Scholar
  15. 15.
    Maurer, U.M., Pietrzak, K.: Composition of Random Systems: When Two Weak Make One Strong. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 410–427. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  16. 16.
    Myers, S.: Black-Box Composition Does Not Imply Adaptive Security. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 189–206. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  17. 17.
    Naor, M., Reingold, O.: Synthesizers and their application to the parallel construction of psuedo-random functions. In: Proceedings of the 36th Annual Symposium on Foundations of Computer Science (FOCS), pp. 170–181 (1995)Google Scholar
  18. 18.
    Ostrovsky, R.: An Efficient Software Protection Scheme. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 610–611. Springer, Heidelberg (1990)Google Scholar
  19. 19.
    Pietrzak, K.: Composition Does Not Imply Adaptive Security. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 55–65. Springer, Heidelberg (2005)Google Scholar
  20. 20.
    Pietrzak, K.: Composition Implies Adaptive Security in Minicrypt. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 328–338. Springer, Heidelberg (2006)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Itay Berman
    • 1
  • Iftach Haitner
    • 1
  1. 1.School of Computer ScienceTel Aviv UniversityIsrael

Personalised recommendations