Advertisement

Black-Box Reductions and Separations in Cryptography

  • Marc Fischlin
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7374)

Abstract

Cryptographic constructions of one primitive or protocol from another one usually come with a reductionist security proof, in the sense that the reduction turns any adversary breaking the derived scheme into a successful adversary against the underlying scheme. Very often the reduction is black-box in the sense that it only looks at the input/output behavior of the adversary and of the underlying primitive. Here we survey the power and the limitations of such black-box reductions, and take a closer look at the recent method of meta-reductions.

Keywords

Signature Scheme Random Oracle Pseudorandom Generator Oblivious Transfer Blind Signature Scheme 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Akavia, A., Goldreich, O., Goldwasser, S., Moshkovitz, D.: On basing one-way functions on NP-hardness. In: Kleinberg, J.M. (ed.) 38th ACM STOC, May 21-23, pp. 701–710. ACM Press, Seattle (2006)Google Scholar
  2. 2.
    Barak, B.: How to go beyond the black-box simulation barrier. In: 42nd FOCS, October 14-17, pp. 106–115. IEEE Computer Society Press, Las Vegas (2001)Google Scholar
  3. 3.
    Bogdanov, A., Trevisan, L.: On worst-case to average-case reductions for np problems. SIAM J. Comput. 36(4), 1119–1159 (2006)MathSciNetzbMATHCrossRefGoogle Scholar
  4. 4.
    Boldyreva, A., Cash, D., Fischlin, M., Warinschi, B.: Foundations of Non-malleable Hash and One-Way Functions. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 524–541. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  5. 5.
    Boneh, D., Venkatesan, R.: Breaking RSA May Not Be Equivalent to Factoring. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 59–71. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  6. 6.
    Brakerski, Z., Katz, J., Segev, G., Yerukhimovich, A.: Limits on the Power of Zero-Knowledge Proofs in Cryptographic Constructions. In: Ishai, Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 559–578. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  7. 7.
    Brown, D.R.L.: Breaking rsa may be as difficult as factoring. IACR Cryptology ePrint Archive (2005), http://eprint.iacr.org/2005/380
  8. 8.
    Coron, J.-S.: Security Proof for Partial-Domain Hash Signature Schemes. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 613–626. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  9. 9.
    Dodis, Y., Haitner, I., Tentes, A.: On the Instantiability of Hash-and-Sign RSA Signatures. In: Cramer, R. (ed.) TCC 2012. LNCS, vol. 7194, pp. 112–132. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  10. 10.
    Dodis, Y., Oliveira, R., Pietrzak, K.: On the Generic Insecurity of the Full Domain Hash. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 449–466. Springer, Heidelberg (2005)Google Scholar
  11. 11.
    Dwork, C., Naor, M., Sahai, A.: Concurrent zero-knowledge. J. ACM 51(6), 851–898 (2004)MathSciNetzbMATHCrossRefGoogle Scholar
  12. 12.
    Feige, U., Shamir, A.: Witness indistinguishable and witness hiding protocols. In: STOC, pp. 416–426. ACM (1990)Google Scholar
  13. 13.
    Fiore, D., Schröder, D.: Uniqueness Is a Different Story: Impossibility of Verifiable Random Functions from Trapdoor Permutations. In: Cramer, R. (ed.) TCC 2012. LNCS, vol. 7194, pp. 636–653. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  14. 14.
    Fischlin, M.: On the Impossibility of Constructing Non-interactive Statistically-Secret Protocols from Any Trapdoor One-Way Function. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, pp. 79–95. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  15. 15.
    Fischlin, M., Lehmann, A., Ristenpart, T., Shrimpton, T., Stam, M., Tessaro, S.: Random Oracles with(out) Programmability. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 303–320. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  16. 16.
    Fischlin, M., Schröder, D.: On the Impossibility of Three-Move Blind Signature Schemes. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 197–215. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  17. 17.
    Fortnow, L., Santhanam, R.: Infeasibility of instance compression and succinct PCPs for NP. In: Ladner, R.E., Dwork, C. (eds.) 40th ACM STOC, May 17-20, pp. 133–142. ACM Press, Victoria (2008)Google Scholar
  18. 18.
    Gentry, C., Wichs, D.: Separating succinct non-interactive arguments from all falsifiable assumptions. In: Fortnow, L., Vadhan, S.P. (eds.) 43rd ACM STOC, June 6-8, pp. 99–108. ACM Press, San Jose (2011)Google Scholar
  19. 19.
    Gertner, Y., Kannan, S., Malkin, T., Reingold, O., Viswanathan, M.: The relationship between public key encryption and oblivious transfer. In: 41st FOCS, November 12-14, pp. 325–335. IEEE Computer Society Press, Redondo Beach (2000)Google Scholar
  20. 20.
    Goldreich, O., Goldwasser, S., Micali, S.: How to construct random functions. Journal of the ACM 33, 792–807 (1986)MathSciNetCrossRefGoogle Scholar
  21. 21.
    Harnik, D., Naor, M.: On the compressibility of NP instances and cryptographic applications. In: 47th FOCS, October 21-24, pp. 719–728. IEEE Computer Society Press, Berkeley (2006)Google Scholar
  22. 22.
    Håstad, J., Impagliazzo, R., Levin, L.A., Luby, M.: A pseudorandom generator from any one-way function. SIAM Journal on Computing 28(4), 1364–1396 (1999)MathSciNetzbMATHCrossRefGoogle Scholar
  23. 23.
    Hofheinz, D.: Possibility and impossibility results for selective decommitments. Journal of Cryptology 24(3), 470–516 (2011)MathSciNetCrossRefGoogle Scholar
  24. 24.
    Hsiao, C.-Y., Reyzin, L.: Finding Collisions on a Public Road, or Do Secure Hash Functions Need Secret Coins? In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 92–105. Springer, Heidelberg (2004)Google Scholar
  25. 25.
    Impagliazzo, R.: A personal view of average-case complexity. In: Structure in Complexity Theory Conference, pp. 134–147 (1995)Google Scholar
  26. 26.
    Impagliazzo, R., Luby, M.: One-way functions are essential for complexity-based cryptography. In: 30th FOCS, October 30-November 1, pp. 230–235. IEEE Computer Society Press, Research Triangle Park (1989)Google Scholar
  27. 27.
    Impagliazzo, R., Rudich, S.: Limits on the provable consequences of one-way permutations. In: 21st ACM STOC, May 15-17, pp. 44–61. ACM Press, Seattle (1989)Google Scholar
  28. 28.
    Luby, M., Rackoff, C.: How to construct pseudorandom permutations from pseudorandom functions. SIAM Journal on Computing 17(2) (1988)Google Scholar
  29. 29.
    Naor, M.: On Cryptographic Assumptions and Challenges. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 96–109. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  30. 30.
    Naor, M., Yung, M.: Universal one-way hash functions and their cryptographic applications. In: 21st ACM STOC, May 15-17, pp. 33–43. ACM Press, Seattle (1989)Google Scholar
  31. 31.
    Paillier, P., Vergnaud, D.: Discrete-Log-Based Signatures May Not Be Equivalent to Discrete Log. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 1–20. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  32. 32.
    Pass, R.: Limits of provable security from standard assumptions. In: Fortnow, L., Vadhan, S.P. (eds.) 43rd ACM STOC, June 6-8, pp. 109–118. ACM Press, San Jose (2011)Google Scholar
  33. 33.
    Reingold, O., Trevisan, L., Vadhan, S.P.: Notions of Reducibility between Cryptographic Primitives. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 1–20. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  34. 34.
    Rompel, J.: One-way functions are necessary and sufficient for secure signatures. In: 22nd ACM STOC, May 14-16, pp. 387–394. ACM Press, Baltimore (1990)Google Scholar
  35. 35.
    Rudich, S.: The Use of Interaction in Public Cryptosystems (Extended Abstract). In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 242–251. Springer, Heidelberg (1992)Google Scholar
  36. 36.
    Schnorr, C.P.: Efficient signature generation by smart cards. Journal of Cryptology 4(3), 161–174 (1991)MathSciNetzbMATHCrossRefGoogle Scholar
  37. 37.
    Seurin, Y.: On the Exact Security of Schnorr-Type Signatures in the Random Oracle Model. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 554–571. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  38. 38.
    Shannon, C.E.: Communication theory of secrecy systems. Bell Systems Technical Journal 28(4), 656–715 (1949)MathSciNetzbMATHGoogle Scholar
  39. 39.
    Simon, D.R.: Findings Collisions on a One-Way Street: Can Secure Hash Functions Be Based on General Assumptions? In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 334–345. Springer, Heidelberg (1998)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Marc Fischlin
    • 1
  1. 1.Darmstadt University of TechnologyGermany

Personalised recommendations