On Pseudorandom Encodings

We initiate a systematic study of pseudorandom encodings: efficiently computable and decodable encoding functions that map messages from a given distribution to a randomlooking distribution. For instance, every distribution that can be perfectly compressed admits such a pseudorandom encoding. Pseudorandom encodings are motivated by a variety of cryptographic applications, including password-authenticated key exchange, “honey encryption” and steganography. The main question we ask is whether every efficiently samplable distribution admits a pseudorandom encoding. Under different cryptographic assumptions, we obtain positive and negative answers for different flavors of pseudorandom encodings and relate this question to problems in other areas of cryptography. In particular, by establishing a twoway relation between pseudorandom encoding schemes and efficient invertible sampling algorithms, we reveal a connection between adaptively secure multi-party computation and questions in the domain of steganography. ∗Supported by ERC Project PREP-CRYPTO 724307. †Supported by ERC Projects PREP-CRYPTO 724307 and CryptoCloud 339563. Work done in part while visiting UCLA and the Technion. ‡Supported by ERC Project NTSC (742754), NSF-BSF grant 2015782, BSF grant 2018393, and a grant from the Ministry of Science and Technology, Israel and Department of Science and Technology, Government of India. §Supported by the NSF SaTC award 1817143. ¶Supported in part by DARPA SAFEWARE and SIEVE awards, NTT Research, NSF Frontier Award 1413955, and NSF grant 1619348, BSF grant 2012378, a Xerox Faculty Research Award, a Google Faculty Research Award, an equipment grant from Intel, and an Okawa Foundation Research Grant. This material is based upon work supported by the Defense Advanced Research Projects Agency through the ARL under Contract W911NF-15C-0205. The views expressed are those of the authors and do not reflect the official policy or position of the Department of Defense, the National Science Foundation, NTT Research, or the U.S. Government.

[1]  Ran Canetti,et al.  Adaptively Secure Two-Party Computation from Indistinguishability Obfuscation , 2015, TCC.

[2]  Zvika Brakerski,et al.  Candidate iO from Homomorphic Encryption Schemes , 2020, Journal of Cryptology.

[3]  Amnon Ta-Shma,et al.  Loss-less condensers, unbalanced expanders, and extractors , 2001, STOC '01.

[4]  Oded Goldreich,et al.  A randomized protocol for signing contracts , 1985, CACM.

[5]  Silas Richelson,et al.  How to Subvert Backdoored Encryption: Security Against Adversaries that Decrypt All Ciphertexts , 2018, IACR Cryptol. ePrint Arch..

[6]  Sanjam Garg,et al.  Two-Round Adaptively Secure MPC from Indistinguishability Obfuscation , 2015, TCC.

[7]  Ivan Damgård,et al.  Improved Non-committing Encryption Schemes Based on a General Complexity Assumption , 2000, CRYPTO.

[8]  Ran Canetti,et al.  Optimal-Rate Non-Committing Encryption in a CRS Model , 2016, IACR Cryptol. ePrint Arch..

[9]  Mark Zhandry,et al.  The Magic of ELFs , 2016, Journal of Cryptology.

[10]  John Langford,et al.  Covert two-party computation , 2005, STOC '05.

[11]  Andrew Y. Lindell Adaptively Secure Two-Party Computation with Erasures , 2009, CT-RSA.

[12]  Abhi Shelat,et al.  Adaptively Secure MPC with Sublinear Communication Complexity , 2019, Journal of Cryptology.

[13]  Thomas Ristenpart,et al.  Honey Encryption: Security Beyond the Brute-Force Bound , 2014, IACR Cryptol. ePrint Arch..

[14]  Dana Dachman-Soled,et al.  Adaptively Secure, Universally Composable, Multiparty Computation in Constant Rounds , 2015, TCC.

[15]  R. Raz,et al.  How to delegate computations: the power of no-signaling proofs , 2014, Electron. Colloquium Comput. Complex..

[16]  Luca Trevisan,et al.  Compression of Samplable Sources , 2004, Proceedings. 19th IEEE Annual Conference on Computational Complexity, 2004..

[17]  Abhi Shelat,et al.  Fair-Zero Knowledge , 2005, TCC.

[18]  Brent Waters,et al.  How to use indistinguishability obfuscation: deniable encryption, and more , 2014, IACR Cryptol. ePrint Arch..

[19]  Rafail Ostrovsky,et al.  Deniable Encryption , 1997, IACR Cryptol. ePrint Arch..

[20]  Yuval Ishai,et al.  Founding Cryptography on Oblivious Transfer - Efficiently , 2008, CRYPTO.

[21]  Moni Naor,et al.  Adaptively secure multi-party computation , 1996, STOC '96.

[22]  Avi Wigderson,et al.  Computational Analogues of Entropy , 2003, RANDOM-APPROX.

[23]  Donald Beaver,et al.  Cryptographic Protocols Provably Secure Against Dynamic Adversaries , 1992, EUROCRYPT.

[24]  Yehuda Lindell,et al.  Universally composable two-party and multi-party secure computation , 2002, STOC '02.

[25]  Nicholas Hopper,et al.  On Steganographic Chosen Covertext Security , 2005, ICALP.

[26]  Dan Boneh,et al.  Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..

[27]  Leonid Reyzin,et al.  Some Notions of Entropy for Cryptography ∗ , 2011 .

[28]  Hoeteck Wee On pseudoentropy versus compressibility , 2004, Proceedings. 19th IEEE Annual Conference on Computational Complexity, 2004..

[29]  Andrew V. Goldberg,et al.  Compression and ranking , 1985, STOC '85.

[30]  Andrew Chi-Chih Yao,et al.  Theory and Applications of Trapdoor Functions (Extended Abstract) , 1982, FOCS.

[31]  Rafail Ostrovsky,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, SIAM J. Comput..

[32]  Sang Joon Kim,et al.  A Mathematical Theory of Communication , 2006 .

[33]  Ming Li,et al.  An Introduction to Kolmogorov Complexity and Its Applications , 2019, Texts in Computer Science.

[34]  Thomas Ristenpart,et al.  Honey Encryption Beyond Message Recovery Security , 2016, EUROCRYPT.

[35]  Sampath Kannan,et al.  The relationship between public key encryption and oblivious transfer , 2000, Proceedings 41st Annual Symposium on Foundations of Computer Science.

[36]  Brent Waters,et al.  How to Generate and Use Universal Samplers , 2016, ASIACRYPT.

[37]  Andrew Chi-Chih Yao,et al.  How to generate and exchange secrets , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[38]  Colin Boyd,et al.  Elliptic Curve Based Password Authenticated Key Exchange Protocols , 2001, ACISP.

[39]  Yevgeniy Dodis,et al.  Randomness Condensers for Efficiently Samplable, Seed-Dependent Sources , 2012, TCC.

[40]  Steven M. Bellovin,et al.  Encrypted key exchange: password-based protocols secure against dictionary attacks , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[41]  Amit Sahai,et al.  On the (im)possibility of obfuscating programs , 2001, JACM.

[42]  Luca Trevisan,et al.  Extracting randomness from samplable distributions , 2000, Proceedings 41st Annual Symposium on Foundations of Computer Science.

[43]  Nesir Rasool Mahmood,et al.  Public Key Steganography , 2014 .

[44]  Brent Waters,et al.  Candidate Indistinguishability Obfuscation and Functional Encryption for all Circuits , 2013, 2013 IEEE 54th Annual Symposium on Foundations of Computer Science.

[45]  Ran Canetti,et al.  Security and Composition of Multiparty Cryptographic Protocols , 2000, Journal of Cryptology.

[46]  Hoeteck Wee,et al.  Candidate Obfuscation via Oblivious LWE Sampling , 2020, IACR Cryptol. ePrint Arch..

[47]  Leonid A. Levin,et al.  A Pseudorandom Generator from any One-way Function , 1999, SIAM J. Comput..

[48]  Ran Canetti,et al.  Universally Composable Security with Global Setup , 2007, TCC.

[49]  Rafail Ostrovsky,et al.  Covert Multi-Party Computation , 2007, 48th Annual IEEE Symposium on Foundations of Computer Science (FOCS'07).

[50]  Russell Impagliazzo,et al.  A personal view of average-case complexity , 1995, Proceedings of Structure in Complexity Theory. Tenth Annual IEEE Conference.

[51]  Victor Shoup,et al.  Sequences of games: a tool for taming complexity in security proofs , 2004, IACR Cryptol. ePrint Arch..

[52]  Leonid A. Levin,et al.  Fair Computation of General Functions in Presence of Immoral Majority , 1990, CRYPTO.

[53]  Chi-Jen Lu,et al.  Conditional Computational Entropy, or Toward Separating Pseudoentropy from Compressibility , 2007, EUROCRYPT.

[54]  Ran Canetti,et al.  Better Two-Round Adaptive Multi-party Computation , 2017, Public Key Cryptography.

[55]  Ran Raz,et al.  On recycling the randomness of states in space bounded computation , 1999, STOC '99.

[56]  Rudolf Ahlswede,et al.  Founding Cryptography on Oblivious Transfer , 2016 .

[57]  Tal Malkin,et al.  Improved Non-committing Encryption with Applications to Adaptively Secure Protocols , 2009, ASIACRYPT.

[58]  Leonid Reyzin,et al.  Some Notions of Entropy for Cryptography - (Invited Talk) , 2011, ICITS.

[59]  Jan van Leeuwen,et al.  Handbook Of Theoretical Computer Science, Vol. A , 1990 .

[60]  Nir Bitansky,et al.  On the existence of extractable one-way functions , 2014, SIAM J. Comput..

[61]  Amit Sahai,et al.  Adaptively Secure Multi-Party Computation with Dishonest Majority , 2012, CRYPTO.

[62]  Rafael Pass,et al.  Simulation in Quasi-Polynomial Time, and Its Application to Protocol Composition , 2003, EUROCRYPT.

[63]  Maciej Liskiewicz,et al.  On the Gold Standard for Security of Universal Steganography , 2018, IACR Cryptol. ePrint Arch..

[64]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.