Generically Speeding-Up Repeated Squaring is Equivalent to Factoring: Sharp Thresholds for All Generic-Ring Delay Functions

Despite the fundamental importance of delay functions, repeated squaring in RSA groups (Rivest, Shamir and Wagner ’96) is the only candidate offering both a useful structure and a realistic level of practicality. Somewhat unsatisfyingly, its sequentiality is provided directly by assumption (i.e., the function is assumed to be a delay function).

[1]  Arjen K. Lenstra,et al.  A random zoo: sloth, unicorn, and trx , 2015, IACR Cryptol. ePrint Arch..

[2]  Jiayu Xu,et al.  On the Security of Time-Locked Puzzles and Timed Commitments , 2020, IACR Cryptol. ePrint Arch..

[3]  Moni Naor,et al.  Pricing via Processing or Combatting Junk Mail , 1992, CRYPTO.

[4]  Barak Shani A note on isogeny-based hybrid verifiable delay functions , 2019, IACR Cryptol. ePrint Arch..

[5]  Benjamin Wesolowski,et al.  Efficient Verifiable Delay Functions , 2019, Journal of Cryptology.

[6]  Gregor Leander,et al.  On the Equivalence of RSA and Factoring Regarding Generic Ring Algorithms , 2006, ASIACRYPT.

[7]  Ueli Maurer,et al.  Lower Bounds on Generic Algorithms in Groups , 1998, EUROCRYPT.

[8]  Salil P. Vadhan,et al.  Time-Lock Puzzles in the Random Oracle Model , 2011, CRYPTO.

[9]  Jeremy Clark,et al.  On Bitcoin as a public randomness source , 2015, IACR Cryptol. ePrint Arch..

[10]  Richard J. Lipton,et al.  Algorithms for Black-Box Fields and their Application to Cryptography (Extended Abstract) , 1996, CRYPTO.

[11]  Krzysztof Pietrzak,et al.  Simple Proofs of Sequential Work , 2018, IACR Cryptol. ePrint Arch..

[12]  Tibor Jager,et al.  The Semi-Generic Group Model and Applications to Pairing-Based Cryptography , 2010, ASIACRYPT.

[13]  Tibor Jager,et al.  On the Equivalence of Generic Group Models , 2008, ProvSec.

[14]  Nico Döttling,et al.  Tight Verifiable Delay Functions , 2020, IACR Cryptol. ePrint Arch..

[15]  Cécile Pierrot,et al.  Malleability of the blockchain’s entropy , 2016, Cryptography and Communications.

[16]  Craig Gentry,et al.  Separating succinct non-interactive arguments from all falsifiable assumptions , 2011, IACR Cryptol. ePrint Arch..

[17]  Eike Kiltz,et al.  The Algebraic Group Model and its Applications , 2018, IACR Cryptol. ePrint Arch..

[18]  David J. Wu,et al.  A Note on the (Im)possibility of Verifiable Delay Functions in the Random Oracle Model , 2019, IACR Cryptol. ePrint Arch..

[19]  Silvio Micali,et al.  CS proofs , 1994, Proceedings 35th Annual Symposium on Foundations of Computer Science.

[20]  Ivan Damgård,et al.  Generic Lower Bounds for Root Extraction and Signature Schemes in General Groups , 2002, EUROCRYPT.

[21]  Gil Segev,et al.  Generic-Group Delay Functions Require Hidden-Order Groups , 2020, IACR Cryptol. ePrint Arch..

[22]  Joe Kilian,et al.  A note on efficient zero-knowledge proofs and arguments (extended abstract) , 1992, STOC '92.

[23]  Krzysztof Pietrzak,et al.  Simple Verifiable Delay Functions , 2018, IACR Cryptol. ePrint Arch..

[24]  Ivan Damgård,et al.  Linear zero-knowledge—a note on efficient zero-knowledge proofs and arguments , 1997, STOC '97.

[25]  Antoine Joux,et al.  When e-th Roots Become Easier Than Factoring , 2007, ASIACRYPT.

[26]  Luca De Feo,et al.  Verifiable Delay Functions from Supersingular Isogenies and Pairings , 2019, IACR Cryptol. ePrint Arch..

[27]  Johannes A. Buchmann,et al.  A key-exchange system based on imaginary quadratic fields , 1988, Journal of Cryptology.

[28]  Nir Bitansky,et al.  Time-Lock Puzzles from Randomized Encodings , 2016, IACR Cryptol. ePrint Arch..

[29]  V. Nechaev Complexity of a determinate algorithm for the discrete logarithm , 1994 .

[30]  Dan Boneh,et al.  Breaking RSA May Not Be Equivalent to Factoring , 1998, EUROCRYPT.

[31]  Dan Boneh,et al.  Verifiable Delay Functions , 2018, IACR Cryptol. ePrint Arch..

[32]  Ueli Maurer,et al.  Breaking RSA Generically Is Equivalent to Factoring , 2009, IEEE Transactions on Information Theory.

[33]  Daniel R. L. Brown,et al.  Breaking RSA May Be As Difficult As Factoring , 2014, Journal of Cryptology.

[34]  Ronald L. Rivest,et al.  Time-lock Puzzles and Timed-release Crypto , 1996 .

[35]  Ueli Maurer,et al.  Abstract Models of Computation in Cryptography , 2005, IMACC.

[36]  Salil P. Vadhan,et al.  Publicly verifiable proofs of sequential work , 2013, ITCS '13.

[37]  Ilan Komargodski,et al.  Continuous Verifiable Delay Functions , 2020, IACR Cryptol. ePrint Arch..

[38]  Victor Shoup,et al.  Lower Bounds for Discrete Logarithms and Related Problems , 1997, EUROCRYPT.

[39]  Dan Boneh,et al.  A Survey of Two Verifiable Delay Functions , 2018, IACR Cryptol. ePrint Arch..

[40]  Tibor Jager,et al.  On the Analysis of Cryptographic Assumptions in the Generic Ring Model , 2009, Journal of Cryptology.