Computationally Private Randomizing Polynomials and Their Applications

Randomizing polynomials allow to represent a function f(x) by a low-degree randomized mapping f/spl circ/(x, r) whose output distribution on an input x is a randomized encoding of f(x). It is known that any function f in /spl oplus/L/poly (and in particular in NC/sup 1/) can be efficiently represented by degree-3 randomizing polynomials. Such a degree-3 representation gives rise to an NC/sub 4//sup 0/ representation, in which every bit of the output depends on only 4 bits of the input. In this paper, we study the relaxed notion of computationally private randomizing polynomials, where the output distribution of f/spl circ/(x, r) should only be computationally indistinguishable from a randomized encoding of f(x). We construct degree-3 randomizing polynomials of this type for every polynomial-time computable function, assuming the existence of a cryptographic pseudorandom generator (PRG) in /spl oplus/L/poly. (The latter assumption is implied by most standard intractability assumptions used in cryptography.) This result is obtained by combining a variant of Yao's garbled circuit technique with previous "information-theoretic" constructions of randomizing polynomials.

[1]  Omer Reingold,et al.  On the Power of the Randomized Iterate , 2006, SIAM J. Comput..

[2]  Moni Naor,et al.  Synthesizers and Their Application to the Parallel Construction of Pseudo-Random Functions , 1999, J. Comput. Syst. Sci..

[3]  Moni Naor,et al.  Privacy preserving auctions and mechanism design , 1999, EC '99.

[4]  Manuel Blum,et al.  How to generate cryptographically strong sequences of pseudo random bits , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[5]  Andrew Chi-Chih Yao,et al.  How to Generate and Exchange Secrets (Extended Abstract) , 1986, FOCS.

[6]  David Chaum,et al.  Multiparty Unconditionally Secure Protocols (Extended Abstract) , 1988, STOC.

[7]  Yuval Ishai,et al.  Efficient Multi-party Computation over Rings , 2003, EUROCRYPT.

[8]  Andrew Chi-Chih Yao,et al.  Theory and application of trapdoor functions , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[9]  Emanuele Viola On Parallel Pseudorandom Generators , 2004, Electron. Colloquium Comput. Complex..

[10]  Claude E. Shannon,et al.  Communication theory of secrecy systems , 1949, Bell Syst. Tech. J..

[11]  Yehuda Lindell,et al.  A Proof of Yao's Protocol for Secure Two-Party Computation , 2004, Electron. Colloquium Comput. Complex..

[12]  Yuval Ishai,et al.  Randomizing polynomials: A new representation with applications to round-efficient secure computation , 2000, Proceedings 41st Annual Symposium on Foundations of Computer Science.

[13]  Oded Goldreich Foundations of Cryptography: Index , 2001 .

[14]  Silvio Micali,et al.  The round complexity of secure protocols , 1990, STOC '90.

[15]  Joan Feigenbaum,et al.  Locally Random Reductions in Interactive Complexity Theory , 1990, Advances In Computational Complexity Theory.

[16]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[17]  Silvio Micali,et al.  The Round Complexity of Secure Protocols (Extended Abstract) , 1990, STOC 1990.

[18]  Moni Naor,et al.  Bit commitment using pseudorandomness , 1989, Journal of Cryptology.

[19]  Yuval Ishai,et al.  Perfect Constant-Round Secure Computation via Perfect Randomizing Polynomials , 2002, ICALP.

[20]  Oded Goldreich,et al.  Foundations of Cryptography: Basic Tools , 2000 .

[21]  Ran Canetti,et al.  Security and Composition of Multiparty Cryptographic Protocols , 2000, Journal of Cryptology.

[22]  Avi Wigderson NL/poly /spl sube/ /spl oplus/L/poly , 1994, Proceedings of IEEE 9th Annual Conference on Structure in Complexity Theory.

[23]  Leonid A. Levin,et al.  A Pseudorandom Generator from any One-way Function , 1999, SIAM J. Comput..

[24]  Moni Naor,et al.  Number-theoretic constructions of efficient pseudo-random functions , 2004, JACM.

[25]  Manuel Blum,et al.  Coin flipping by telephone a protocol for solving impossible problems , 1983, SIGA.

[26]  Noam Nisan,et al.  Constant depth circuits, Fourier transform, and learnability , 1993, JACM.

[27]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[28]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[29]  Oded Goldreich,et al.  Foundations of Cryptography: List of Figures , 2001 .

[30]  Emanuele Viola,et al.  On constructing parallel pseudorandom generators from one-way functions , 2005, 20th Annual IEEE Conference on Computational Complexity (CCC'05).

[31]  Yuval Ishai,et al.  Cryptography in NC0 , 2004, SIAM J. Comput..

[32]  Leonid A. Levin,et al.  A hard-core predicate for all one-way functions , 1989, STOC '89.

[33]  Luca Trevisan,et al.  Notions of Reducibility between Cryptographic Primitives , 2004, TCC.