Abstract
In one of the pioneering papers on public-key cryptography, Ralph Merkle suggested a heuristic protocol for exchanging a secret key over an insecure channel by using an idealized private-key encryption scheme. Merkle’s protocol is presumed to remain secure as long as the gap between the running time of the adversary and that of the honest parties is at most quadratic (rather than super-polynomial). In this work, we initiate an effort to base similar forms of public-key cryptography on well-founded assumptions.
We suggest a variant of Merkle’s protocol whose security can be based on the one-wayness of the underlying primitive. Specifically, using a one-way function of exponential strength, we obtain a key agreement protocol resisting adversaries whose running time is nearly quadratic in the running time of the honest parties. This protocol gives the adversary a small (but non-negligible) advantage in guessing the key. We show that the security of the protocol can be amplified by using a one-way function with a strong form of a hard-core predicate, whose existence follows from a conjectured “dream version” of Yao’s XOR lemma. On the other hand, we show that this type of hard-core predicate cannot be based on (even exponentially strong) one-wayness by using a black-box construction.
In establishing the above results, we reveal interesting connections between the problem under consideration and problems from other domains. In particular, we suggest a paradigm for converting (unconditionally) secure protocols in Maurer’s bounded storage model into (computationally) secure protocols in the random oracle model, translating storage advantage into computational advantage. Our main protocol can be viewed as an instance of this paradigm. Finally, we observe that a quantum adversary can completely break the security of our protocol (as well as Merkle’s heuristic protocol) by using the quadratic speedup of Grover’s quantum search algorithm. This raises a speculation that there might be a closer relation between (classical) public-key cryptography and quantum computing than is commonly believed.
Chapter PDF
Similar content being viewed by others
Keywords
References
Boneh, D., Naor, M.: Timed Commitments. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 236–254. Springer, Heidelberg (2000)
Cachin, C., Maurer, U.: Unconditional Security Against Memory-Bounded Adversaries. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 292–306. Springer, Heidelberg (1997)
Ding, Y., Harnik, D., Shaltiel, R., Rosen, A.: Constant-Round Oblivious Transfer in the Bounded Storage Model. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, Springer, Heidelberg (2004)
Dubrov, B., Ishai, Y.: On the randomness complexity of efficient sampling. In: Proceedings of STOC 2006, pp. 711–720 (2006)
Fiat, A., Naor, M.: Rigorous Time/Space Trade-offs for Inverting Functions. SIAM J. Comput. 29(3), 790–803 (1999)
Gertner, Y., Kannan, S., Malkin, T., Reingold, O., Viswanathan, M.: The Relationship between Public Key Encryption and Oblivious Transfer. In: Proc. of the 41st Annual Symposium on Foundations of Computer Science (FOCS) (2000)
Goldreich, O.: Foundations of Cryptography Basic Tools. Cambridge University Press, Cambridge (2001)
Goldreich, O., Levin, L.: A Hard-Core Predicate for all One-Way Functions. In: STOC 1989, pp. 25–32 (1989)
Goldreich, O., Nisan, N., Wigderson, A.: On Yao’s XOR lemma. Technical Report TR95-50, Electronic Colloquium on Computational Complexity (1995)
Grover, L.: A Fast Quantum Mechanical Algorithm for Database Search. In: Proceedings of the 28th Annual ACM Symposium on the Theory of Computing, May 1996, p. 212 (1996)
Haitner, I., Harnik, D., Reingold, O.: Efficient Pseudorandom Generators from Exponentially Hard One-Way Functions. In: Bugliesi, M., Preneel, B., Sassone, V., Wegener, I. (eds.) ICALP 2006. LNCS, vol. 4052, pp. 228–239. Springer, Heidelberg (2006)
Hellman, M.E.: A Cryptanalytic Time-Memory Trade-Off. IEEE Transactions on Information Theory IT-26(4), 401–406 (1980)
Holenstein, T.: Key Agreement from Weak Bit Agreement. In: Proceedings of STOC 2005, pp. 664–673 (2005)
Holenstein, T.: Pseudorandom Generators from One-Way Functions: A Simple Construction for Any Hardness. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 443–461. Springer, Heidelberg (2006)
Impagliazzo, R., Luby, M.: One-Way Functions are Essential for Complexity-Based Cryptography. In: 30th IEEE Symposium on Foundations of Computer Science (FOCS), pp. 230–235. IEEE, Los Alamitos (1989)
Impagliazzo, R., Rudich, S.: Limits on the Provable Consequences of One-way Permutations. In: Proceedings of the ACM Symposium on Theory of Computing, pp. 44–61 (1989)
Levin, L.A.: One-Way Functions and Pseudorandom Generators. Combinatorica 7(4), 357–363 (1987) Earlier version in STOC 1985
Maurer, U.: Conditionally-Perfect Secrecy and a Provably Secure Randomized Cipher. Journal of Cryptology 5(1), 53–66 (1992)
Merkle, R.: Secure communications over insecure channels. CACM, 294–299 (April 1978)
Reingold, O., Trevisan, L., Vadhan, S.: Notions of Reducibility between Cryptgraphic Primitives. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 1–20. Springer, Heidelberg (2004)
Rudich, S.: Limits on the Provable Consequences of One-way Functions. Ph.D. thesis
Shor, P.W.: Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantom Computer. SIAM J. Comp. 26(5), 1484–1509 (1997)
Wee, H.: On obfuscating point functions. In: STOC 2005, pp. 523–532 (2005)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Biham, E., Goren, Y.J., Ishai, Y. (2008). Basing Weak Public-Key Cryptography on Strong One-Way Functions. In: Canetti, R. (eds) Theory of Cryptography. TCC 2008. Lecture Notes in Computer Science, vol 4948. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-78524-8_4
Download citation
DOI: https://doi.org/10.1007/978-3-540-78524-8_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-78523-1
Online ISBN: 978-3-540-78524-8
eBook Packages: Computer ScienceComputer Science (R0)