A New Interactive Hashing Theorem

Interactive hashing, introduced by Naor, Ostrovsky, Venkatesan, and Yung (J. Cryptol. 11(2):87–108, 1998), plays an important role in many cryptographic protocols. In particular, interactive hashing is a major component in all known constructions of statistically hiding commitment schemes and of statistical zero-knowledge arguments based on general one-way permutations/functions. Interactive hashing with respect to a one-way function f is a two-party protocol that enables a sender who knows y=f(x) to transfer a random hash z=h(y) to a receiver such that the sender is committed to y: the sender cannot come up with x and x′ such that f(x)≠f(x′), but h(f(x))=h(f(x′))=z. Specifically, if f is a permutation and h is a two-to-one hash function, then the receiver does not learn which of the two preimages {y,y′}=h−1(z) is the one the sender can invert with respect to f. This paper reexamines the notion of interactive hashing, and proves the security of a variant of the Naor et al. protocol, which yields a more versatile interactive hashing theorem. When applying our new proof to (an equivalent variant of) the Naor et al. protocol, we get an alternative proof for this protocol that seems simpler and more intuitive than the original one, and achieves better parameters (in terms of how security preserving the reduction is).

[1]  Omer Reingold,et al.  A New Interactive Hashing Theorem , 2007, Computational Complexity Conference.

[2]  B. E. Eckbo,et al.  Appendix , 1826, Epilepsy Research.

[3]  Oded Goldreich Foundations of Cryptography: Index , 2001 .

[4]  Omer Reingold,et al.  Finding Collisions in Interactive Protocols - A Tight Lower Bound on the Round Complexity of Statistically-Hiding Commitments , 2007, 48th Annual IEEE Symposium on Foundations of Computer Science (FOCS'07).

[5]  Salil P. Vadhan,et al.  Zero knowledge with efficient provers , 2006, STOC '06.

[6]  Claude Crépeau,et al.  Optimal Reductions Between Oblivious Transfers Using Interactive Hashing , 2006, EUROCRYPT.

[7]  Larry Carter,et al.  Universal Classes of Hash Functions , 1979, J. Comput. Syst. Sci..

[8]  David Chaum,et al.  Minimum Disclosure Proofs of Knowledge , 1988, J. Comput. Syst. Sci..

[9]  Joseph Naor,et al.  A Primal-Dual Randomized Algorithm for Weighted Paging , 2007, FOCS.

[10]  Yehuda Lindell Parallel Coin-Tossing and Constant-Round Secure Two-Party Computation , 2001, CRYPTO.

[11]  Rafail Ostrovsky,et al.  Interactive Hashing Simplifies Zero-Knowledge Protocol Design , 1994, EUROCRYPT.

[12]  Omer Reingold,et al.  Statistically Hiding Commitments and Statistical Zero-Knowledge Arguments from Any One-Way Function , 2009, SIAM J. Comput..

[13]  Rafail Ostrovsky,et al.  Secure Commitment Against A Powerful Adversary , 1992, STACS.

[14]  Omer Reingold,et al.  Statistically-hiding commitment from any one-way function , 2007, STOC '07.

[15]  NaorMoni,et al.  Perfect Zero-Knowledge Arguments for NP Using Any One-Way Permutation , 1998 .

[16]  Hoeteck Wee,et al.  One-Way Permutations, Interactive Hashing and Statistically Hiding Commitments , 2007, TCC.

[17]  Rafail Ostrovsky,et al.  Fair Games against an All-Powerful Adversary , 1990, Advances In Computational Complexity Theory.

[18]  Oded Goldreich,et al.  On basing one-way functions on NP-hardness , 2006, STOC '06.

[19]  Oded Goldreich,et al.  Foundations of Cryptography: Basic Tools , 2000 .

[20]  Jonathan Katz,et al.  Reducing Complexity Assumptions for Statistically-Hiding Commitment , 2009, Journal of Cryptology.

[21]  Amir Herzberg,et al.  Pubic Randomness in Cryptography , 1992, CRYPTO.

[22]  Oded Goldreich Randomized Methods in Computation-Lecture Notes , 2001 .

[23]  Leonid A. Levin,et al.  A Pseudorandom Generator from any One-way Function , 1999, SIAM J. Comput..

[24]  Nathan Linial,et al.  Fault-Tolerant Computation in the Full Information Model , 1998, SIAM J. Comput..

[25]  Omer Reingold,et al.  On the Power of the Randomized Iterate , 2006, SIAM J. Comput..

[26]  Omer Reingold,et al.  Inaccessible entropy , 2009, STOC '09.

[27]  Ronen Shaltiel,et al.  Constant-Round Oblivious Transfer in the Bounded Storage Model , 2004, Journal of Cryptology.

[28]  Rafail Ostrovsky,et al.  Perfect Zero-Knowledge Arguments for NP Using Any One-Way Permutation , 1998, Journal of Cryptology.

[29]  Moni Naor,et al.  Universal one-way hash functions and their cryptographic applications , 1989, STOC '89.

[30]  Oded Goldreich,et al.  Foundations of Cryptography: List of Figures , 2001 .

[31]  Yehuda Lindell,et al.  Parallel Coin-Tossing and Constant-Round Secure Two-Party Computation , 2001, Journal of Cryptology.

[32]  Takeshi Koshiba,et al.  Round-Efficient One-Way Permutation Based Perfectly Concealing Bit Commitment Scheme , 2006, Electron. Colloquium Comput. Complex..

[33]  Hugo Krawczyk,et al.  On the Existence of Pseudorandom Generators , 1993, SIAM J. Comput..

[34]  Claude Crépeau,et al.  Oblivious transfer with a memory-bounded receiver , 1998, Proceedings 39th Annual Symposium on Foundations of Computer Science (Cat. No.98CB36280).

[35]  Salil P. Vadhan,et al.  Statistical Zero-Knowledge Arguments for NP from Any One-Way Function , 2006, 2006 47th Annual IEEE Symposium on Foundations of Computer Science (FOCS'06).