Correlated Product Security From Any One-Way Function and the New Notion of Decisional Correlated Product Security

It is well-known that the k-wise product of one-way functions remains one-way, but may no longer be when the k inputs are correlated. At TCC 2009, Rosen and Segev introduced a new notion known as Correlated Product secure functions. These functions have the property that a k-wise product of them remains one-way even under correlated inputs. Rosen and Segev gave a construction of injective trapdoor functions which were correlated product secure from the existence of Lossy Trapdoor Functions (introduced by Peikert and Waters in STOC 2008). The rst main result of this work shows the surprising fact that a family of correlated product secure functions can be constructed from any one-way function. Because correlated product secure functions are trivially one-way, this shows an equivalence between the existence of these two cryptographic primitives. In the second main result of this work, we consider a natural decisional variant of correlated product security. Roughly, a family of functions are Decisional Correlated Product (DCP) secure if f1(x1);:::;fk(x1) is indistinguishable from f1(x1);:::;fk(xk) when x1;:::;xk are chosen uniformly at random. We argue that the notion of Decisional Correlated Product security is a very natural one. To this end, we show a parallel from the Discrete Log Problem and Decision Die-Hellman Problem to Correlated Product security and its decisional variant. This intuition gives very simple constructions of PRGs and IND-CPA encryption from DCP secure functions. Furthermore, we strengthen our rst result by showing that the existence of DCP secure one-way functions is also equivalent to the

[1]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[2]  Henri Gilbert,et al.  Advances in Cryptology - EUROCRYPT 2010, 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Monaco / French Riviera, May 30 - June 3, 2010. Proceedings , 2010, EUROCRYPT.

[3]  A. J. Menezes,et al.  Advances in Cryptology - CRYPTO 2007, 27th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 19-23, 2007, Proceedings , 2007, CRYPTO.

[4]  Russell Impagliazzo,et al.  How to recycle random bits , 1989, 30th Annual Symposium on Foundations of Computer Science.

[5]  Leonid A. Levin,et al.  Pseudo-random Generation from one-way functions (Extended Abstracts) , 1989, STOC 1989.

[6]  Zvika Brakerski,et al.  Better Security for Deterministic Public-Key Encryption: The Auxiliary-Input Setting , 2011, Journal of Cryptology.

[7]  Chris Peikert,et al.  Public-key cryptosystems from the worst-case shortest vector problem: extended abstract , 2009, STOC '09.

[8]  Serge Fehr,et al.  On Notions of Security for Deterministic Encryption, and Efficient Constructions without Random Oracles , 2008, CRYPTO.

[9]  David Cash,et al.  Cryptographic Agility and Its Relation to Circular Encryption , 2010, EUROCRYPT.

[10]  Aggelos Kiayias,et al.  Multi-query Computationally-Private Information Retrieval with Constant Communication Rate , 2010, Public Key Cryptography.

[11]  Moni Naor,et al.  Synthesizers and Their Application to the Parallel Construction of Pseudo-Random Functions , 1999, J. Comput. Syst. Sci..

[12]  Yuval Ishai,et al.  Extending Oblivious Transfers Efficiently , 2003, CRYPTO.

[13]  Martijn Stam Beyond Uniformity: Better Security/Efficiency Tradeoffs for Compression Functions , 2008, CRYPTO.

[14]  Adam O'Neill,et al.  Deterministic Encryption: Definitional Equivalences and Constructions without Random Oracles , 2008, CRYPTO.

[15]  Mihir Bellare,et al.  Deterministic and Efficiently Searchable Encryption , 2007, CRYPTO.

[16]  Michael Luby,et al.  A study of password security , 1987, Journal of Cryptology.

[17]  Oded Goldreich,et al.  More Constructions of Lossy and Correlation-Secure Trapdoor Functions , 2011, Journal of Cryptology.

[18]  Adam O'Neill,et al.  Correlated-Input Secure Hash Functions , 2011, TCC.

[19]  Elisabeth Oswald,et al.  A Comprehensive Evaluation of Mutual Information Analysis Using a Fair Evaluation Framework , 2011, CRYPTO.

[20]  Leonid A. Levin,et al.  A Pseudorandom Generator from any One-way Function , 1999, SIAM J. Comput..

[21]  Yevgeniy Vahlis,et al.  Two Is a Crowd? A Black-Box Separation of One-Wayness and Security under Correlated Inputs , 2010, TCC.

[22]  Yael Tauman Kalai,et al.  Leaky Pseudo-Entropy Functions , 2011, ICS.

[23]  Dan Boneh,et al.  Advances in Cryptology - CRYPTO 2003 , 2003, Lecture Notes in Computer Science.

[24]  Brent Waters,et al.  Lossy Trapdoor Functions and Their Applications , 2011, SIAM J. Comput..

[25]  Gil Segev,et al.  Chosen-Ciphertext Security via Correlated Products , 2009, SIAM J. Comput..

[26]  Yuval Ishai,et al.  Semantic Security under Related-Key Attacks and Applications , 2011, ICS.

[27]  Gil Segev,et al.  Efficient Lossy Trapdoor Functions based on the Composite Residuosity Assumption , 2008, IACR Cryptol. ePrint Arch..

[28]  Leonid A. Levin,et al.  Pseudo-random generation from one-way functions , 1989, STOC '89.