Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
This similarity is not coincidental as both concepts were raised in the context of secure multiparty computation. Indeed, an information theoretic variant of Yao’s garbled circuit technique was already used in [93] to construct low-degree randomized encoding for NC 1 functions.
- 2.
- 3.
This condition is redundant in the case of signatures and commitments, whose existence follows from the existence of a PRG. We will later describe a stronger result for such primitives.
- 4.
By symmetric encryption we refer to (probabilistic) stateless encryption for multiple messages, where the parties do not maintain any state information other than the key. If parties are allowed to maintain synchronized states, symmetric encryption can be easily reduced in NC 0 to a PRG.
- 5.
Applying the construction to circuits with a bounded fan-out, even linear length would suffice.
- 6.
Security proofs for variants of this construction were given implicitly in [107, 128, 134] in the context of secure computation. However, they cannot be directly used in our context for different reasons. In particular, the analysis of [107] relies on a special form of symmetric encryption and does not achieve perfect correctness, while that of [128, 134] relies on a linear-stretch PRG.
- 7.
In fact, each application of the encryption scheme will use some additional random bits. To simplify notation, we keep these random inputs implicit.
- 8.
Specifically, the encryption is always invoked on messages whose length is bounded by \(\ell(n)\stackrel {\mathrm {def}}{{=}}O(|C_{n}|\cdot k)\), hence we can use ℓ(n)-one-time symmetric encryption.
- 9.
In some cases, we will need to rely on perfect correctness, which we get “for free” in our main construction. See Table 4.2.
- 10.
Similarly, assuming a linear-stretch PRG in NC 1, we can obtain, for every NC function, a (non-adaptive single-oracle) IHS in which the user is in NC 0 and the oracle is in NC.
- 11.
Assuming that factoring is intractable (or, more generally, that there exists a OWF in SREN) it is provably impossible to obtain an NC 0 reduction from PRFs to sublinear stretch PRGs or OWFs. See Sect. 4.8.
- 12.
For concreteness, we refer here only to the case of symmetric encryption, the case of other primitives which are NC 0-reducible to a PRF (such as identification schemes and MACs) is analogous.
- 13.
- 14.
Actually, for the composition theorem to go through, Definition 5.3 should be augmented by providing players and adversaries with auxiliary inputs. We ignore this technicality here, and note that the results in this section apply (with essentially the same proofs) to the augmented model as well.
- 15.
To handle randomized functionalities we use the non-interactive secure reduction mentioned above. Now, we can (m−1)-securely reduce f to a single-output functionality by letting each party mask its output f i with a private randomness. That is, f′((x 1,r 1)…,(x m ,r m ))=((f 1(x 1)⊕r 1)∘⋯∘(f 1(x m )⊕r m )). As both reductions are non-interactive the resulting reduction is also non-interactive. Moreover, the circuit size of f′ is linear in the size of the circuit that computes the original function.
References
Applebaum, B., Ishai, Y., Kushilevitz, E.: How to garble arithmetic circuits. In: Proc. of 52nd FOCS, pp. 120–129 (2011)
Beaver, D., Micali, S., Rogaway, P.: The round complexity of secure protocols (extended abstract). In: Proc. of 22nd STOC, pp. 503–513 (1990)
Bellare, M., Yung, M.: Certifying permutations: noninteractive zero-knowledge based on any trapdoor permutation. J. Cryptol. 9(3), 149–166 (1996). Preliminary version in Proc. of CRYPTO ’92
Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation. In: Proc. of 20th STOC, pp. 1–10 (1988)
Blum, M.: Coin flipping by telephone: a protocol for solving impossible problems. SIGACT News 15(1), 23–27 (1983)
Canetti, R.: Security and composition of multiparty cryptographic protocols. J. Cryptol. 13(1), 143–202 (2000)
Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. In: Proc. of 42nd FOCS, pp. 136–145 (2001)
Chaum, D., Crépeau, C., Damgård, I.: Multiparty unconditionally secure protocols (extended abstract). In: Proc. of 20th STOC, pp. 11–19 (1988)
Cramer, R., Fehr, S., Ishai, Y., Kushilevitz, E.: Efficient multi-party computation over rings. In: Advances in Cryptology: Proc. of EUROCRYPT ’03, pp. 596–613 (2003)
Damgård, I., Ishai, Y.: Scalable secure multiparty computation. In: Advances in Cryptology: Proc. of CRYPTO ’06, pp. 501–520 (2006)
Feige, U., Lapidot, D., Shamir, A.: Multiple noninteractive zero knowledge proofs under general assumptions. SIAM J. Comput. 29(1), 1–28 (2000). Preliminary version in Proc. of 31st FOCS, 1990
Goldreich, O.: Foundations of Cryptography: Basic Tools. Cambridge University Press, Cambridge (2001)
Goldreich, O.: Foundations of Cryptography: Basic Applications. Cambridge University Press, Cambridge (2004)
Goldreich, O., Goldwasser, S., Micali, S.: How to construct random functions. J. ACM 33, 792–807 (1986)
Goldreich, O., Kahan, A.: How to construct constant-round zero-knowledge proof systems for NP. J. Cryptol. 9(2), 167–189 (1996)
Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game (extended abstract). In: Proc. of 19th STOC, pp. 218–229 (1987)
Goldwasser, S., Micali, S.: Probabilistic encryption. J. Comput. Syst. Sci. 28(2), 270–299 (1984). Preliminary version in Proc. of STOC ’82
Haitner, I., Reingold, O., Vadhan, S.P.: Efficiency improvements in constructing pseudorandom generators from one-way functions. In: Proc. of 42nd STOC, pp. 437–446 (2010)
Impagliazzo, R., Luby, M.: One-way functions are essential for complexity based cryptography. In: Proc. of 30th FOCS, pp. 230–235 (1989)
Ishai, Y., Kushilevitz, E.: Randomizing polynomials: a new representation with applications to round-efficient secure computation. In: Proc. of 41st FOCS, pp. 294–304 (2000)
Ishai, Y., Kushilevitz, E.: Perfect constant-round secure computation via perfect randomizing polynomials. In: Proc. of 29th ICALP, pp. 244–256 (2002)
Lindell, Y., Pinkas, B.: A proof of Yao’s protocol for secure two-party computation. Electron. Colloq. Comput. Complex. 11, 063 (2004)
Linial, N., Mansour, Y., Nisan, N.: Constant depth circuits, Fourier transform, and learnability. J. ACM 40(3), 607–620 (1993). Preliminary version in Proc. of 30th FOCS, 1989
Naor, M.: Bit commitment using pseudorandomness. J. Cryptol. 4, 151–158 (1991)
Naor, M., Pinkas, B., Sumner, R.: Privacy preserving auctions and mechanism design. In: Proc. of 1st ACM Conference on Electronic Commerce, pp. 129–139 (1999)
Naor, M., Reingold, O.: Synthesizers and their application to the parallel construction of pseudo-random functions. J. Comput. Syst. Sci. Int. 58(2), 336–375 (1999)
Naor, M., Reingold, O.: Number-theoretic constructions of efficient pseudo-random functions. J. ACM 51(2), 231–262 (2004). Preliminary version in Proc. of 38th FOCS, 1997
Reingold, O., Trevisan, L., Vadhan, S.: Notions of reducibility between cryptographic primitives. In: Proc. of 1st TCC ’04. LNCS, vol. 2951, pp. 1–20 (2004)
Rogaway, P.: The round complexity of secure protocols. PhD thesis, MIT (1991)
Shannon, C.E.: Communication theory of secrecy systems. Bell Syst. Tech. J. 28(4), 656–715 (1949)
Tate, S.R., Xu, K.: On garbled circuits and constant round secure function evaluation. CoPS Lab Technical Report 2003-02, University of North Texas (2003)
Viola, E.: On constructing parallel pseudorandom generators from one-way functions. In: Proc. of 20th Conference on Computational Complexity (CCC), pp. 183–197 (2005)
Yao, A.C.: How to generate and exchange secrets. In: Proc. of 27th FOCS, pp. 162–167 (1986)
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Applebaum, B. (2014). Computationally Private Randomizing Polynomials and Their Applications. In: Cryptography in Constant Parallel Time. Information Security and Cryptography. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-17367-7_5
Download citation
DOI: https://doi.org/10.1007/978-3-642-17367-7_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-17366-0
Online ISBN: 978-3-642-17367-7
eBook Packages: Computer ScienceComputer Science (R0)