Expander-Based Cryptography Meets Natural Proofs
Abstract
We introduce new forms of attack on expander-based cryptography, and in particular on Goldreich’s pseudorandom generator and one-way function. Our attacks exploit low circuit complexity of the underlying expander’s neighbor function and/or of the local predicate. Our two key conceptual contributions are:We prove two types of technical results. First, in the regime of quasipolynomial stretch (in which the output length of the PRG and the running time of the distinguisher are quasipolynomial in the seed length) we unconditionally break Goldreich’s PRG, when instantiated with a specific expander whose existence we prove, and for a class of predicates that match the parameters of the currently-best “hard” candidates. Secondly, conditioned on the existence of expanders whose neighbor functions have extremely low circuit complexity, we present attacks on Goldreich’s PRG in the regime of polynomial stretch. As one corollary, conditioned on the existence of the foregoing expanders, we show that either the parameters of natural properties for several constant-depth circuit classes cannot be improved, even mildly; or Goldreich’s PRG is insecure in the regime of a large polynomial stretch for some expander graphs, regardless of the predicate used.
1.
We put forward the possibility that the choice of expander matters in expander-based cryptography. In particular, using expanders whose neighbor function has low circuit complexity might compromise the security of Goldreich’s PRG and OWF in certain settings.
2.
We show that the security of Goldreich’s PRG and OWF over arbitrary expanders is closely related to two other long-standing problems: The existence of unbalanced lossless expanders with low-complexity neighbor function, and limitations on circuit lower bounds (i.e., natural proofs). In particular, our results further motivate the investigation of affine/local unbalanced lossless expanders and of average-case lower bounds against DNF-XOR circuits.
References
[1]
Miklós Ajtai (1990). Approximate Counting with Uniform Constant-Depth Circuits. In Advances in computational complexity theory, 1–20
[2]
Adi Akavia, Andrej Bogdanov, Siyao Guo, Akshay Kamath & Alon Rosen (2014). Candidate weak pseudorandom functions in . In Proc. Annual Innovations in Theoretical Computer Science Conference (ITCS), 251-260.
[3]
Alekhnovich Michael More on average case vs approximation complexity Computational Complexity 2011 20 4 755-786
[4]
Amano Kazuyuki Tight bounds on the average sensitivity of -CNF Theory of Computing 2011 7 45-48
[5]
Applebaum Benny Cryptography in Constant Parallel Time 2014 Information Security and Cryptography Springer
[6]
Applebaum Benny Cryptographic Hardness of Random Local Functions Computational Complexity 2016 25 3 667-722
[7]
Benny Applebaum, Boaz Barak & Avi Wigderson (2010). Public-key cryptography from different assumptions. In Proc. 42nd Annual ACM Symposium on Theory of Computing (STOC), 171–180
[8]
Applebaum Benny, Bogdanov Andrej, and Rosen Alon A dichotomy for local small-bias generators Journal of Cryptology 2016 29 3 577-596
[9]
Benny Applebaum, Yuval Ishai & Eyal Kushilevitz (2006). Cryptography in . siam Journal of Computing 36(4), 845–888
[10]
Benny Applebaum & Shachar Lovett (2018). Algebraic attacks against random local functions and their countermeasures. SIAM Journal of Computing47, 52–79
[11]
Benny Applebaum & Pavel Raykov (2016). Fast pseudorandom functions based on expander graphs. In Theory of cryptography. Part I, volume 9985 of Lecture Notes in Comput. Sci., 27–56. Springer, Berlin
[12]
Andrej Bogdanov & Youming Qiao On the security of Goldreich's one-way function Computational Complexity 2012 21 1 83-127
[13]
Andrej Bogdanov & Alon Rosen Input locality and hardness amplification Journal of Cryptology 2013 26 1 144-171
[14]
Boppana Ravi B The Average Sensitivity of Bounded-Depth Circuits Information Processing Letters 1997 63 257-261
[15]
Michael Capalbo, Omer Reingold, Salil Vadhan & Avi Wigderson (2002). Randomness Conductors and Constant-degree Lossless Expanders. In Proc. 34th Annual ACM Symposium on Theory of Computing (STOC), 659–668
[16]
Claude Carlet (2010). Boolean functions for cryptography and error-correcting codes. In Boolean models and methods in mathematics, computer science, and engineering, 257–397. Cambridge Univerity Press
[17]
Marco L. Carmosino, Russell Impagliazzo, Valentine Kabanets & Antonina Kolokolova (2016). Learning algorithms from natural proofs. In Proc. 31st Annual IEEE Conference on Computational Complexity (CCC), 10 (24)
[18]
Mahdi Cheraghchi (2005). Applications of Derandomization Theory in Coding. Ph.D. thesis, École Polytechnique Fédérale de Lausanne
[19]
Gil Cohen & Igor Shinkar (2016). The complexity of DNF of parities. In Proc. 7th Annual Innovations in Theoretical Computer Science Conference (ITCS), 47–58
[20]
James Cook, Omid Etesami, Rachel Miller & Luca Trevisan (2014). On the one-way function candidate proposed by Goldreich. ACM Transactions of Computation Theory6(3), Art. 14, 35
[21]
Vitaly Feldman, Will Perkins & Santosh Vempala (2015). On the Complexity of Random Satisfiability Problems with Planted Solutions. In Proc. 47th Annual ACM Symposium on Theory of Computing (STOC), 77–86
[22]
Goldreich Oded Candidate One-Way Functions Based on Expander Graphs Electronic Colloquium on Computational Complexity: ECCC 2000 7 90
[23]
Goldreich Oded Computational Complexity: A Conceptual Perspective 2008 New York, NY, USA Cambridge University Press
[24]
Goldreich Oded Candidate one-way functions based on expander graphs Studies in complexity and cryptography 2011 Heidelberg Springer 76-87
[25]
Goldreich Oded, Goldwasser Shafi, and Micali Silvio How to construct random functions Journal of the ACM 1986 33 4 792-807
[26]
Venkatesan Guruswami, Christopher Umans & Salil Vadhan (2009). Unbalanced expanders and randomness extractors from Parvaresh-Vardy codes. Journal of the ACM56(4), Art. 20, 34
[27]
Hajnal András, Maass Wolfgang, Pudlák Pavel, Szegedy Márió, and Turán György Threshold circuits of bounded depth Journal of Computer and System Sciences 1993 46 2 129-154
[28]
Håstad Johan Computational Limitations of Small-depth Circuits 1987 MIT Press
[29]
Håstad Johan On the correlation of parity and small-depth circuits SIAM Journal of Computing 2014 43 5 1699-1708
[30]
Stasys Jukna (2012). Boolean function complexity, volume 27 of Algorithms and Combinatorics. Springer, Heidelberg. Advances and frontiers
[31]
Swastik Kopparty & Srikanth Srinivasan (2012). Certifying polynomials for circuits, with applications. In Proc. 32nd Annual Conference on Foundations of Software Technology and Theoretical Computer Science fsttcs, 36–47
[32]
Linial Nathan, Mansour Yishay, and Nisan Noam Constant depth circuits, Fourier transform, and learnability Journal of the Association for Computing Machinery 1993 40 3 607-620
[33]
Mossel Elchanan, Shpilka Amir, and Trevisan Luca On -biased generators in Random Structures & Algorithms 2006 29 1 56-81
[34]
Nisan Noam Pseudorandom bits for constant depth circuits Combinatorica 1991 11 1 63-70
[35]
Noam Nisan & Avi Wigderson (1994). Hardness vs. randomness. Journal of Computer and System Sciences49(2), 149–167
[36]
Ryan O'Donnell & Rocco A. Servedio (2008). Extremal properties of polynomial threshold functions. 74(3), 298–312
[37]
Ryan O'Donnell & David Witmer (2014). Goldreich's PRG: evidence for near-optimal polynomial stretch. In 29th, 1–12
[38]
Igor Carboni Oliveira, Rahul Santhanam & Roei Tell (2018). Expander-Based Cryptography Meets Natural Proofs. In Proc. In 10th Annual Innovations in Theoretical Computer Science Conference itcs, 18:1–18:14
[39]
Razborov Alexander A Lower bounds on the size of constant-depth networks over a complete basis with logical addition Mathematical Notes of the Academy of Science of the USSR 1987 41 4 333-338
[40]
Alexander A. Razborov & Steven Rudich (1997). Natural proofs. Journal of Computer and System Sciences 55(1, part 1), 24–35
[41]
Roman Smolensky (1987). Algebraic Methods in the Theory of Lower Bounds for Boolean Circuit Complexity. In Proc. 19th Annual ACM Symposium on Theory of Computing stoc, 77–82
[42]
Ta-Shma Amnon, Umans Christopher, and Zuckerman David Lossless condensers, unbalanced expanders, and extractors Combinatorica 2007 27 2 213-240
[43]
Avishay Tal (2017). Tight Bounds on the Fourier Spectrum of AC0. In Proc. 32nd Annual IEEE Conference on Computational Complexity (CCC), 15:1–15:31
[44]
Trevisan Luca Extractors and Pseudorandom Generators Journal of the acm 2001 48 4 860-879
[45]
Salil P. Vadhan (2012). Pseudorandomness. Foundations and Trends in Theoretical Computer Science. Now Publishers
[46]
Viola Emanuele On Approximate Majority and Probabilistic Time Computational Complexity 2009 18 3 337-375
[47]
Emanuele Viola & Avi Wigderson (2017). Local Expanders. Computational Complexity
[48]
Avi Wigderson (2018). Mathematics and Computation (book draft). Accessed at https://www.math.ias.edu/avi/book, August 26, 2018.
Index Terms
- Expander-Based Cryptography Meets Natural Proofs
Index terms have been assigned to the content through auto-classification.
Recommendations
On linear-size pseudorandom generators and hardcore functions
We consider the question of constructing pseudorandom generators that simultaneously have linear circuit complexity (in the output length), exponential security (in the seed length), and a large stretch (linear or polynomial in the seed length). We ...
Linear-size log-depth negation-limited inverter for k-tonic binary sequences
In negation-limited complexity, one considers circuits with a limited number of NOT gates, being motivated by the gap in our understanding of monotone versus general circuit complexity. In this context, the study of inverters, i.e., circuits with inputs ...
Strong Average-Case Circuit Lower Bounds from Nontrivial Derandomization
In a recent breakthrough, [C. Murray and R. R. Williams, STOC 2018, ACM, New York, 2018, pp. 890--901] proved that ${NQP} = {NTIME}[n^{{polylog}(n)}]$ cannot be computed by polynomial-size ${ACC}^0$ circuits (constant-depth circuits consisting of ${AND}$/...
Comments
Information & Contributors
Information
Published In
© The Author(s), under exclusive licence to Springer Nature Switzerland AG 2022.
Publisher
Birkhauser Verlag
Switzerland
Publication History
Published: 01 June 2022
Received: 13 April 2021
Author Tags
Author Tags
Qualifiers
- Research-article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 03 Jan 2025