Cryptography in NC/sup 0/

We study the parallel time-complexity of basic cryptographic primitives such as one-way functions (OWFs) and pseudorandom generators (PRGs). Specifically, we study the possibility of computing instances of these primitives by NC/sup 0/ circuits, in which each output bit depends on a constant number of input bits. Despite previous efforts in this direction, there has been no significant theoretical evidence supporting this possibility, which was posed as an open question in several previous works. We essentially settle this question by providing overwhelming positive evidence for the possibility of cryptography in NC/sup 0/. Our main result is that every "moderately easy" OWF (resp., PRG), say computable in NC/sup 1/, can be compiled into a corresponding OWF (resp., low-stretch PRG) in NC/sub 4//sup 0/, i.e. whose output bits each depend on at most 4 input bits. The existence of OWF and PRG in NC/sup 1/ is a relatively mild assumption, implied by most number-theoretic or algebraic intractability assumptions commonly used in cryptography. Hence, the existence of OWF and PRG in NC/sup 0/ follows from a variety of standard assumptions. A similar compiler can also be obtained for other cryptographic primitives such as one-way permutations, encryption, commitment, and collision-resistant flashing. The above results leave a small gap between the possibility of cryptography in NC/sub 4//sup 0/, and the known impossibility of implementing even OWF in NC/sub 2//sup 0/. We partially close this gap by providing evidence for the existence of OWF in NC/sub 3//sup 0/. Finally, our techniques can also be applied to obtain unconditionally provable constructions of non-cryptographic PRGs. In particular, we obtain e-biased generators in NC/sub 3//sup 0/, resolving an open question posed by Mossel et al. (2003), as well as a PRG for logspace in NC/sup 0/. Our results make use of the machinery of randomizing polynomials which was originally motivated by questions in the domain of information-theoretic secure multiparty computation.

[1]  M. Rabin DIGITALIZED SIGNATURES AND PUBLIC-KEY FUNCTIONS AS INTRACTABLE AS FACTORIZATION , 1979 .

[2]  Andrew Chi-Chih Yao,et al.  Theory and application of trapdoor functions , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[3]  Manuel Blum,et al.  How to generate cryptographically strong sequences of pseudo random bits , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[4]  Manuel Blum,et al.  Coin flipping by telephone a protocol for solving impossible problems , 1983, SIGA.

[5]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[6]  David A. Mix Barrington,et al.  Bounded-width polynomial-size branching programs recognize exactly those languages in NC1 , 1986, STOC '86.

[7]  A. Yao,et al.  Fair exchange with a semi-trusted third party (extended abstract) , 1997, CCS '97.

[8]  Noam Nisan,et al.  Constant depth circuits, Fourier transform, and learnability , 1989, 30th Annual Symposium on Foundations of Computer Science.

[9]  Andrew V. Goldberg,et al.  Lower bounds for pseudorandom number generators , 1989, 30th Annual Symposium on Foundations of Computer Science.

[10]  Noam Nisan,et al.  Multiparty protocols and logspace-hard pseudorandom sequences , 1989, STOC '89.

[11]  Russell Impagliazzo,et al.  One-way functions are essential for complexity based cryptography , 1989, 30th Annual Symposium on Foundations of Computer Science.

[12]  Moni Naor,et al.  Small-bias probability spaces: efficient constructions and applications , 1990, STOC '90.

[13]  Noam Nisan,et al.  Pseudorandom generators for space-bounded computation , 1992, Comb..

[14]  Moti Yung,et al.  Space lower-bounds for pseudorandom-generators , 1994, Proceedings of IEEE 9th Annual Conference on Structure in Complexity Theory.

[15]  Miklós Ajtai,et al.  Generating Hard Instances of Lattice Problems , 1996, Electron. Colloquium Comput. Complex..

[16]  Eric Allender,et al.  Reductions in Circuit Complexity: An Isomorphism Theorem and a Gap Theorem , 1998, J. Comput. Syst. Sci..

[17]  Leonid A. Levin,et al.  A Pseudorandom Generator from any One-way Function , 1999, SIAM J. Comput..

[18]  Yuval Ishai,et al.  Randomizing polynomials: A new representation with applications to round-efficient secure computation , 2000, Proceedings 41st Annual Symposium on Foundations of Computer Science.

[19]  Stefan Lucks,et al.  On the Minimal Hardware Complexity of Pseudorandom Function Generators , 2001, STACS.

[20]  Yuval Ishai,et al.  Perfect Constant-Round Secure Computation via Perfect Randomizing Polynomials , 2002, ICALP.

[21]  Richard E. Overill,et al.  Foundations of Cryptography: Basic Tools , 2002, J. Log. Comput..

[22]  Yuval Ishai,et al.  Efficient Multi-party Computation over Rings , 2003, EUROCRYPT.

[23]  Moni Naor,et al.  Efficient cryptographic schemes provably as secure as subset sum , 2004, Journal of Cryptology.

[24]  Moni Naor,et al.  Number-theoretic constructions of efficient pseudo-random functions , 2004, JACM.

[25]  Emanuele Viola On Parallel Pseudorandom Generators , 2004, Electron. Colloquium Comput. Complex..