Trapdoor Hash Functions and Their Applications

We introduce a new primitive, called trapdoor hash functions (TDH), which are hash functions \(\mathsf {H}: \{0,1\}^n \rightarrow \{0,1\}^\lambda \) with additional trapdoor function-like properties. Specifically, given an index \(i\in [n]\), TDHs allow for sampling an encoding key \(\mathsf {ek}\) (that hides i) along with a corresponding trapdoor. Furthermore, given \(\mathsf {H}(x)\), a hint value \(\mathsf {E}(\mathsf {ek},x)\), and the trapdoor corresponding to \(\mathsf {ek}\), the \(i^{th}\) bit of x can be efficiently recovered. In this setting, one of our main questions is: How small can the hint value \(\mathsf {E}(\mathsf {ek},x)\) be? We obtain constructions where the hint is only one bit long based on DDH, QR, DCR, or LWE.

[1]  Yuval Ishai,et al.  Breaking the Circuit Size Barrier for Secure Computation Under DDH , 2016, CRYPTO.

[2]  Robert G. Gallager,et al.  Low-density parity-check codes , 1962, IRE Trans. Inf. Theory.

[3]  Abhishek Banerjee,et al.  Pseudorandom Functions and Lattices , 2012, EUROCRYPT.

[4]  Silvio Micali,et al.  Computationally Private Information Retrieval with Polylogarithmic Communication , 1999, EUROCRYPT.

[5]  Helger Lipmaa,et al.  An Oblivious Transfer Protocol with Log-Squared Communication , 2005, ISC.

[6]  Yuval Ishai,et al.  Extending Oblivious Transfers Efficiently , 2003, CRYPTO.

[7]  David Cash,et al.  Pseudorandom Functions and Permutations Provably Secure against Related-Key Attacks , 2010, CRYPTO.

[8]  Joe Kilian,et al.  A note on efficient zero-knowledge proofs and arguments (extended abstract) , 1992, STOC '92.

[9]  Allison Bishop,et al.  Indistinguishability Obfuscation for Turing Machines with Unbounded Memory , 2015, IACR Cryptol. ePrint Arch..

[10]  Yuval Ishai,et al.  Using Fully Homomorphic Hybrid Encryption to Minimize Non-interative Zero-Knowledge Proofs , 2015, Journal of Cryptology.

[11]  Nico Döttling,et al.  New Constructions of Identity-Based and Key-Dependent Message Secure Encryption Schemes , 2018, Public Key Cryptography.

[12]  Craig Gentry,et al.  Separating succinct non-interactive arguments from all falsifiable assumptions , 2011, STOC '11.

[13]  Ryo Nishimaki,et al.  Constrained PRFs for \mathrmNC^1 in Traditional Groups , 2018, CRYPTO.

[14]  Yan-Cheng Chang,et al.  Single Database Private Information Retrieval with Logarithmic Communication , 2004, ACISP.

[15]  Silvio Micali,et al.  Probabilistic encryption & how to play mental poker keeping secret all partial information , 1982, STOC '82.

[16]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[17]  Moni Naor,et al.  Oblivious transfer and polynomial evaluation , 1999, STOC '99.

[18]  D. Spielman,et al.  Expander codes , 1996 .

[19]  Yuhong Yang,et al.  Information Theory, Inference, and Learning Algorithms , 2005 .

[20]  Severin Winkler,et al.  On the Efficiency of Classical and Quantum Oblivious Transfer Reductions , 2010, IACR Cryptol. ePrint Arch..

[21]  Yuval Ishai,et al.  Secure Arithmetic Computation with No Honest Majority , 2008, IACR Cryptol. ePrint Arch..

[22]  Ivan Damgård,et al.  A Generalisation, a Simplification and Some Applications of Paillier's Probabilistic Public-Key System , 2001, Public Key Cryptography.

[23]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[24]  Zvika Brakerski,et al.  Circular and Leakage Resilient Public-Key Encryption Under Subgroup Indistinguishability (or: Quadratic Residuosity Strikes Back) , 2010, IACR Cryptol. ePrint Arch..

[25]  NaorMoni,et al.  Number-theoretic constructions of efficient pseudo-random functions , 2004 .

[26]  Yuval Ishai,et al.  Secure Arithmetic Computation with Constant Computational Overhead , 2017, CRYPTO.

[27]  Ryo Nishimaki,et al.  Constrained PRFs for NC1 in Traditional Groups , 2018, IACR Cryptol. ePrint Arch..

[28]  Hemanta K. Maji,et al.  Secure Computation with Constant Communication Overhead using Multiplication Embeddings , 2018, IACR Cryptol. ePrint Arch..

[29]  Aggelos Kiayias,et al.  Multi-query Computationally-Private Information Retrieval with Constant Communication Rate , 2010, Public Key Cryptography.

[30]  Rafail Ostrovsky,et al.  Cryptography with constant computational overhead , 2008, STOC.

[31]  Moni Naor,et al.  Efficient oblivious transfer protocols , 2001, SODA '01.

[32]  Vinod Vaikuntanathan,et al.  Anonymous IBE, Leakage Resilience and Circular Security from New Assumptions , 2018, IACR Cryptol. ePrint Arch..

[33]  Rosario Gennaro,et al.  Homomorphic Secret Sharing from Paillier Encryption , 2017, ProvSec.

[34]  Rafail Ostrovsky,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, SIAM J. Comput..

[35]  Nico Döttling,et al.  Laconic Oblivious Transfer and Its Applications , 2017, CRYPTO.

[36]  Yuval Ishai,et al.  Priced Oblivious Transfer: How to Sell Digital Goods , 2001, EUROCRYPT.

[37]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[38]  Silvio Micali,et al.  How to play any mental game, or a completeness theorem for protocols with honest majority , 2019, Providing Sound Foundations for Cryptography.

[39]  Brent Waters,et al.  Candidate Indistinguishability Obfuscation and Functional Encryption for all Circuits , 2013, 2013 IEEE 54th Annual Symposium on Foundations of Computer Science.

[40]  Ron Rothblum,et al.  Spooky Encryption and Its Applications , 2016, CRYPTO.

[41]  Hoeteck Wee,et al.  Laconic Function Evaluation and Applications , 2018, 2018 IEEE 59th Annual Symposium on Foundations of Computer Science (FOCS).

[42]  Julien P. Stern A new and efficient all-or-nothing disclosure of secrets protocol , 1998 .

[43]  Anantha Chandrakasan,et al.  Gazelle: A Low Latency Framework for Secure Neural Network Inference , 2018, IACR Cryptol. ePrint Arch..

[44]  Brent Waters,et al.  New Realizations of Somewhere Statistically Binding Hashing and Positional Accumulators , 2015, ASIACRYPT.

[45]  Craig Gentry,et al.  Compressible FHE with Applications to PIR , 2019, IACR Cryptol. ePrint Arch..

[46]  Anat Paskin-Cherniavsky,et al.  Evaluating Branching Programs on Encrypted Data , 2007, TCC.

[47]  Rafail Ostrovsky,et al.  Replication is not needed: single database, computationally-private information retrieval , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[48]  Itai Dinur,et al.  An Optimal Distributed Discrete Log Protocol with Applications to Homomorphic Secret Sharing , 2018, Journal of Cryptology.

[49]  Yael Tauman Kalai,et al.  Smooth Projective Hashing and Two-Message Oblivious Transfer , 2005, Journal of Cryptology.

[50]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[51]  Daniel Wichs,et al.  On the Communication Complexity of Secure Function Evaluation with Long Output , 2015, IACR Cryptol. ePrint Arch..

[52]  Julien P. Stern A New Efficient All-Or-Nothing Disclosure of Secrets Protocol , 1998, ASIACRYPT.

[53]  David Mandell Freeman,et al.  Converting Pairing-Based Cryptosystems from Composite-Order Groups to Prime-Order Groups , 2010, EUROCRYPT.

[54]  Donald Beaver,et al.  Precomputing Oblivious Transfer , 1995, CRYPTO.

[55]  Yuval Ishai,et al.  Group-Based Secure Computation: Optimizing Rounds, Communication, and Computation , 2017, EUROCRYPT.

[56]  Avi Wigderson,et al.  Randomness conductors and constant-degree lossless expanders , 2002, Proceedings 17th IEEE Annual Conference on Computational Complexity.

[57]  Oded Regev,et al.  On lattices, learning with errors, random linear codes, and cryptography , 2005, STOC '05.

[58]  Rafail Ostrovsky,et al.  A Survey of Single-Database Private Information Retrieval: Techniques and Applications , 2007, Public Key Cryptography.

[59]  Moses D. Liskov,et al.  On Related-Secret Pseudorandomness , 2010, TCC.

[60]  Yuval Ishai,et al.  Two-Message Witness Indistinguishability and Secure Computation in the Plain Model from New Assumptions , 2017, ASIACRYPT.

[61]  Chris Peikert,et al.  Pseudorandomness of ring-LWE for any ring and modulus , 2017, STOC.

[62]  Brent Waters,et al.  Lossy trapdoor functions and their applications , 2008, SIAM J. Comput..

[63]  Anat Paskin-Cherniavsky,et al.  On the Power of Correlated Randomness in Secure Computation , 2013, TCC.

[64]  Chris Peikert,et al.  Public-key cryptosystems from the worst-case shortest vector problem: extended abstract , 2009, STOC '09.

[65]  Enkatesan G Uruswami Unbalanced expanders and randomness extractors from Parvaresh-Vardy codes , 2008 .

[66]  Eyal Kushilevitz,et al.  Private information retrieval , 1995, Proceedings of IEEE 36th Annual Foundations of Computer Science.

[67]  Sanjam Garg,et al.  Trapdoor Functions from the Computational Diffie-Hellman Assumption , 2018, IACR Cryptol. ePrint Arch..

[68]  Andrew Chi-Chih Yao,et al.  How to Generate and Exchange Secrets (Extended Abstract) , 1986, FOCS.

[69]  Nico Döttling,et al.  Identity-Based Encryption from the Diffie-Hellman Assumption , 2017, CRYPTO.

[70]  Tal Malkin,et al.  On the impossibility of basing trapdoor functions on trapdoor predicates , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[71]  Sanjam Garg,et al.  New Techniques for Efficient Trapdoor Functions and Applications , 2019, IACR Cryptol. ePrint Arch..

[72]  Damien Stehlé,et al.  Classical hardness of learning with errors , 2013, STOC '13.

[73]  Adam O'Neill,et al.  Correlated-Input Secure Hash Functions , 2011, TCC.

[74]  Rafail Ostrovsky,et al.  Extended-DDH and Lossy Trapdoor Functions , 2012, Public Key Cryptography.

[75]  Zvika Brakerski,et al.  Two-Message Statistical Sender-Private OT from LWE , 2018, IACR Cryptol. ePrint Arch..

[76]  Moni Naor,et al.  Communication preserving protocols for secure function evaluation , 2001, STOC '01.