research-article

Lossy trapdoor functions and their applications

Authors:

Brent WatersAuthors Info & Claims

STOC '08: Proceedings of the fortieth annual ACM symposium on Theory of computing

Pages 187 - 196

https://doi.org/10.1145/1374376.1374406

Published: 17 May 2008 Publication History

Abstract

We propose a new general primitive called lossy trapdoor functions (lossy TDFs), and realize it under a variety of different number theoretic assumptions, including hardness of the decisional Diffie-Hellman (DDH) problem and the worst-case hardness of lattice problems.

Using lossy TDFs, we develop a new approach for constructing several important cryptographic primitives, including (injective) trapdoor functions, collision-resistant hash functions, oblivious transfer, and chosen ciphertext-secure cryptosystems. All of the constructions are simple, efficient, and black-box.

These results resolve some long-standing open problems in cryptography. They give the first known injective trapdoor functions based on problems not directly related to integer factorization, and provide the first known CCA-secure cryptosystem based solely on the worst-case complexity of lattice problems.

References

[1]

Miklós Ajtai and Cynthia Dwork. A public-key cryptosystem with worst-case/average-case equivalence. In STOC, pages 284-293, 1997.

Digital Library

[2]

Mihir Bellare, Alexandra Boldyreva, K. Kurosawa, and Jessica Staddon. Multirecipient encryption schemes: How to save on bandwidth and computation without sacrificing security. IEEE Transactions on Information Theory, 53(11):3927-3943, 2007.

Digital Library

[3]

Mihir Bellare, Shai Halevi, Amit Sahai, and Salil P. Vadhan. Many-to-one trapdoor functions and their relation to public-key cryptosystems. In CRYPTO, pages 283-298, 1998.

Digital Library

[4]

Mihir Bellare and Phillip Rogaway. Random oracles are practical: A paradigm for designing efficient protocols. In ACM Conference on Computer and Communications Security, pages 62-73, 1993.

Digital Library

[5]

Avrim Blum, Adam Kalai, and Hal Wasserman. Noise-tolerant learning, the parity problem, and the statistical query model. J. ACM, 50(4):506-519, 2003.

Digital Library

[6]

Manuel Blum, Paul Feldman, and Silvio Micali. Non-interactive zero-knowledge and its applications (extended abstract). In STOC, 1988.

Digital Library

[7]

Dan Boneh. The decision Diffie-Hellman problem. In ANTS, pages 48-63, 1998.

Digital Library

[8]

Dan Boneh, Ran Canetti, Shai Halevi, and Jonathan Katz. Chosen-ciphertext security from identity-based encryption. SIAM J. Comput., 36(5):1301-1328, 2007.

Digital Library

[9]

Dan Boneh and Jonathan Katz. Improved efficiency for CCA-secure cryptosystems built using identity-based encryption. In CT-RSA, pages 87-103, 2005.

Digital Library

[10]

Xavier Boyen, Qixiang Mei, and Brent Waters. Direct chosen ciphertext security from identity-based techniques. In ACM Conference on Computer and Communications Security, pages 320-329, 2005.

Digital Library

[11]

Ran Canetti, Shai Halevi, and Jonathan Katz. Chosen-ciphertext security from identity-based encryption. In EUROCRYPT, pages 207-222, 2004.

[12]

Ronald Cramer and Victor Shoup. A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. In CRYPTO, pages 13-25, 1998.

Digital Library

[13]

Ronald Cramer and Victor Shoup. Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption. In EUROCRYPT, pages 45-64, 2002.

Digital Library

[14]

Whitfield Diffie and Martin E. Hellman. New directions in cryptography. IEEE Transactions on Information Theory, IT-22(6):644-654, 1976.

Digital Library

[15]

Yevgeniy Dodis, Leonid Reyzin, and Adam Smith. Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. In EUROCRYPT, pages 523-540, 2004.

[16]

Danny Dolev, Cynthia Dwork, and Moni Naor. Nonmalleable cryptography. SIAM J. Comput., 30(2):391-437, 2000. Preliminary version in STOC 1991.

Digital Library

[17]

Edith Elkind and Amit Sahai. A unified methodology for constructing public-key encryption schemes secure against adaptive chosen-ciphertext attack. Cryptology ePrint Archive, Report 2002/042, 2002. http://eprint.iacr.org/.

[18]

Shimon Even, Oded Goldreich, and Abraham Lempel. A randomized protocol for signing contracts. Commun. ACM, 28(6):637-647, 1985.

Digital Library

[19]

Eiichiro Fujisaki and Tatsuaki Okamoto. Secure integration of asymmetric and symmetric encryption schemes. In CRYPTO, pages 537-554, 1999.

Digital Library

[20]

Craig Gentry, Chris Peikert, and Vinod Vaikuntanathan. Trapdoors for hard lattices and new cryptographic constructions. In STOC, 2008. To appear. Full version available at http://eprint.iacr.org/2007/432.

[21]

Yael Gertner, Tal Malkin, and Steven Myers. Towards a separation of semantic and CCA security for public key encryption. In TCC, pages 434-455, 2007.

Digital Library

[22]

Yael Gertner, Tal Malkin, and Omer Reingold. On the impossibility of basing trapdoor functions on trapdoor predicates. In FOCS, pages 126-135, 2001.

Digital Library

[23]

Oded Goldreich and Leonid A. Levin. A hard-core predicate for all one-way functions. In STOC, pages 25-32, 1989.

Digital Library

[24]

Oded Goldreich, Silvio Micali, and Avi Wigderson. How to prove all NP-statements in zero-knowledge, and a methodology of cryptographic protocol design. In CRYPTO, pages 171-185, 1986.

Digital Library

[25]

Oded Goldreich, Silvio Micali, and Avi Wigderson. How to play any mental game or a completeness theorem for protocols with honest majority. In STOC, pages 218-229, 1987.

Digital Library

[26]

Iftach Haitner. Semi-honest to malicious oblivious transfer - the black-box way. In TCC, pages 412-426, 2008.

Digital Library

[27]

Russell Impagliazzo, Leonid A. Levin, and Michael Luby. Pseudo-random generation from one-way functions (extended abstracts). In STOC, pages 12-24, 1989.

Digital Library

[28]

Akinori Kawachi, Keisuke Tanaka, and Keita Xagawa. Multi-bit cryptosystems based on lattice problems. In PKC, pages 315-329, 2007.

Digital Library

[29]

Moni Naor and Omer Reingold. Synthesizers and their application to the parallel construction of pseudo-random functions. J. Comput. Syst. Sci., 58(2):336-375, 1999.

Digital Library

[30]

Moni Naor and Moti Yung. Public-key cryptosystems provably secure against chosen ciphertext attacks. In STOC, pages 427-437, 1990.

Digital Library

[31]

Pascal Paillier. Public-key cryptosystems based on composite degree residuosity classes. In EUROCRYPT, pages 223-238, 1999.

Digital Library

[32]

Chris Peikert. Limits on the hardness of lattice problems in l_p norms. In IEEE Conference on Computational Complexity, 2007. Full version in ECCC Report TR06-148.

[33]

Chris Peikert and Brent Waters. Lossy trapdoor functions and their applications. Cryptology ePrint Archive, Report 2007/279, 2007. Full version available at http://eprint.iacr.org/2007/279.

[34]

M. O. Rabin. Digitalized signatures and public-key functions as intractable as factorization. Technical report, Massachusetts Institute of Technology, Cambridge, MA, USA, 1979.

Digital Library

[35]

Charles Rackoff and Daniel R. Simon. Noninteractive zero-knowledge proof of knowledge and chosen ciphertext attack. In CRYPTO, pages 433-444, 1991.

Digital Library

[36]

Oded Regev. New lattice-based cryptographic constructions. J. ACM, 51(6):899-942, 2004.

Digital Library

[37]

Oded Regev. On lattices, learning with errors, random linear codes, and cryptography. In STOC, pages 84-93, 2005.

Digital Library

[38]

Ronald L. Rivest, Adi Shamir, and Leonard M. Adleman. A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM, 21(2):120-126, 1978.

Digital Library

[39]

Amit Sahai. Non-malleable non-interactive zero knowledge and adaptive chosen-ciphertext security. In FOCS, pages 543-553, 1999.

Digital Library

[40]

Adi Shamir. Identity-based cryptosystems and signature schemes. In CRYPTO, pages 47-53, 1984.

Digital Library

Cited By

Ishibashi RYoneyama K(2024)Big Data-based Authenticated Key Exchange Resilient to Ephemeral Key Leakage without Random OraclesJournal of Information Processing10.2197/ipsjjip.32.69032(690-709)Online publication date: 2024
https://doi.org/10.2197/ipsjjip.32.690
Alamati NPatranabis S(2024)Cryptographic Primitives with Hinting PropertyJournal of Cryptology10.1007/s00145-024-09502-937:3Online publication date: 23-Apr-2024
https://doi.org/10.1007/s00145-024-09502-9
Huang YWan JJiang ZZhou JFang JCao Z(2024)An Efficient Integer-Wise ReLU on TFHEInformation Security and Privacy10.1007/978-981-97-5025-2_9(161-179)Online publication date: 16-Jul-2024
https://doi.org/10.1007/978-981-97-5025-2_9
Show More Cited By

Index Terms

Lossy trapdoor functions and their applications
1. Security and privacy
  1. Cryptography
    1. Public key (asymmetric) techniques
      1. Public key encryption

Recommendations

Lossy Trapdoor Functions and Their Applications

We propose a general cryptographic primitive called lossy trapdoor functions (lossy TDFs), and we use it to develop new approaches for constructing several important cryptographic tools, including (injective) trapdoor functions, collision-resistant hash ...
CCA Security and Trapdoor Functions via Key-Dependent-Message Security
Advances in Cryptology – CRYPTO 2019
Abstract
We study the relationship among public-key encryption (PKE) satisfying indistinguishability against chosen plaintext attacks (IND-CPA security), that against chosen ciphertext attacks (IND-CCA security), and trapdoor functions (TDF). Specifically, ...
CCA Security and Trapdoor Functions via Key-Dependent-Message Security
Abstract
We study the relationship among public-key encryption (PKE) satisfying indistinguishability against chosen plaintext attacks (IND-CPA security), that against chosen ciphertext attacks (IND-CCA security), and trapdoor functions (TDF). Specifically, ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

STOC '08: Proceedings of the fortieth annual ACM symposium on Theory of computing

May 2008

712 pages

ISBN:9781605580470

DOI:10.1145/1374376

General Chair:
Richard Ladner
University of Washington
,
Program Chair:
Cynthia Dwork
Microsoft Research, Silicon Valley

Copyright © 2008 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 17 May 2008

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

STOC '08

Sponsor:

STOC '08: Symposium on Theory of Computing

May 17 - 20, 2008

British Columbia, Victoria, Canada

Acceptance Rates

STOC '08 Paper Acceptance Rate 80 of 325 submissions, 25%;

Overall Acceptance Rate 1,469 of 4,586 submissions, 32%

Upcoming Conference

STOC '25

Sponsor:
sigact

57th Annual ACM Symposium on Theory of Computing (STOC 2025)

June 23 - 27, 2025

Prague , Czech Republic

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

344
Total Citations
View Citations
1,061
Total Downloads

Downloads (Last 12 months)54
Downloads (Last 6 weeks)6

Reflects downloads up to 03 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Ishibashi RYoneyama K(2024)Big Data-based Authenticated Key Exchange Resilient to Ephemeral Key Leakage without Random OraclesJournal of Information Processing10.2197/ipsjjip.32.69032(690-709)Online publication date: 2024
https://doi.org/10.2197/ipsjjip.32.690
Alamati NPatranabis S(2024)Cryptographic Primitives with Hinting PropertyJournal of Cryptology10.1007/s00145-024-09502-937:3Online publication date: 23-Apr-2024
https://doi.org/10.1007/s00145-024-09502-9
Huang YWan JJiang ZZhou JFang JCao Z(2024)An Efficient Integer-Wise ReLU on TFHEInformation Security and Privacy10.1007/978-981-97-5025-2_9(161-179)Online publication date: 16-Jul-2024
https://doi.org/10.1007/978-981-97-5025-2_9
Bienstock ADodis YRösler PWichs D(2024)Interval Key-Encapsulation MechanismAdvances in Cryptology – ASIACRYPT 202410.1007/978-981-96-0888-1_12(361-393)Online publication date: 10-Dec-2024
https://dl.acm.org/doi/10.1007/978-981-96-0888-1_12
Waters BZhandry M(2024)Adaptive Security in SNARGs via iO and Lossy FunctionsAdvances in Cryptology – CRYPTO 202410.1007/978-3-031-68403-6_3(72-104)Online publication date: 16-Aug-2024
https://doi.org/10.1007/978-3-031-68403-6_3
Li BMicciancio DRaykova MSchultz-Wu M(2024)Hintless Single-Server Private Information RetrievalAdvances in Cryptology – CRYPTO 202410.1007/978-3-031-68400-5_6(183-217)Online publication date: 18-Aug-2024
https://dl.acm.org/doi/10.1007/978-3-031-68400-5_6
Dao QJain AJin Z(2024)Non-interactive Zero-Knowledge from LPN and MQAdvances in Cryptology – CRYPTO 202410.1007/978-3-031-68400-5_10(321-360)Online publication date: 16-Aug-2024
https://doi.org/10.1007/978-3-031-68400-5_10
Dao QJain A(2024)Lossy Cryptography from Code-Based AssumptionsAdvances in Cryptology – CRYPTO 202410.1007/978-3-031-68382-4_2(34-75)Online publication date: 16-Aug-2024
https://doi.org/10.1007/978-3-031-68382-4_2
Bae YCheon JHanrot GPark JStehlé D(2024)Plaintext-Ciphertext Matrix Multiplication and FHE Bootstrapping: Fast and FusedAdvances in Cryptology – CRYPTO 202410.1007/978-3-031-68382-4_12(387-421)Online publication date: 16-Aug-2024
https://doi.org/10.1007/978-3-031-68382-4_12
Abram DDoerner JIshai YNarayanan V(2024)Constant-Round Simulation-Secure Coin Tossing Extension with Guaranteed OutputAdvances in Cryptology – EUROCRYPT 202410.1007/978-3-031-58740-5_5(122-154)Online publication date: 26-May-2024
https://dl.acm.org/doi/10.1007/978-3-031-58740-5_5
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents