From Non-adaptive to Adaptive Pseudorandom Functions

Unlike the standard notion of pseudorandom functions (PRF), a non-adaptive PRF is only required to be indistinguishable from a random function in the eyes of a non-adaptive distinguisher (i.e., one that prepares its oracle calls in advance). A recent line of research has studied the possibility of a direct construction of adaptive PRFs from non-adaptive ones, where direct means that the constructed adaptive PRF uses only few (ideally, constant number of) calls to the underlying non-adaptive PRF. Unfortunately, this study has only yielded negative results (e.g., Myers in Advances in Cryptology – EUROCRYPT 2004, pp. 189–206, 2004; Pietrzak in Advances in Cryptology – CRYPTO 2005, pp. 55–65, 2005).We give an affirmative answer to the above question, presenting a direct construction of adaptive PRFs from non-adaptive ones. The suggested construction is extremely simple, a composition of the non-adaptive PRF with an appropriate pairwise independent hash function.

[1]  Ueli Maurer,et al.  Composition of Random Systems: When Two Weak Make One Strong , 2004, TCC.

[2]  Oded Goldreich,et al.  Foundations of Cryptography: Basic Tools , 2000 .

[3]  Mihir Bellare,et al.  A Note on Negligible Functions , 2002, Journal of Cryptology.

[4]  Ueli Maurer,et al.  A Fast and Key-Efficient Reduction of Chosen-Ciphertext to Known-Plaintext Security , 2007, EUROCRYPT.

[5]  Itay Berman,et al.  From Non-adaptive to Adaptive Pseudorandom Functions , 2012, TCC.

[6]  Mihir Bellare,et al.  New Paradigms for Digital Signatures and Message Authentication Based on Non-Interative Zero Knowledge Proofs , 1989, CRYPTO.

[7]  S. Rajsbaum Foundations of Cryptography , 2014 .

[8]  R. Jueneman,et al.  Message authentication , 1985, IEEE Communications Magazine.

[9]  Larry Carter,et al.  Universal Classes of Hash Functions , 1979, J. Comput. Syst. Sci..

[10]  Eike Kiltz,et al.  Message Authentication, Revisited , 2012, EUROCRYPT.

[11]  Oded Goldreich,et al.  Foundations of Cryptography: Volume 2, Basic Applications , 2004 .

[12]  Ueli Maurer,et al.  Basing PRFs on Constant-Query Weak PRFs: Minimizing Assumptions for Efficient Symmetric Cryptography , 2008, ASIACRYPT.

[13]  Amos Fiat,et al.  Tracing traitors , 2000, IEEE Trans. Inf. Theory.

[14]  Moni Naor,et al.  Synthesizers and their application to the parallel construction of pseudo-random functions , 1995, Proceedings of IEEE 36th Annual Foundations of Computer Science.

[15]  Rafail Ostrovsky,et al.  Equivalence of Uniform Key Agreement and Composition Insecurity , 2010, CRYPTO.

[16]  Ivan Damgård,et al.  Expanding Pseudorandom Functions; or: From Known-Plaintext Security to Chosen-Plaintext Security , 2002, CRYPTO.

[17]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[18]  Steven Myers,et al.  Black-Box Composition Does Not Imply Adaptive Security , 2004, EUROCRYPT.

[19]  Ernesto Pimentel,et al.  An Efficient Software Protection Scheme , 2001, SEC.

[20]  Oded Goldreich,et al.  Foundations of Cryptography: List of Figures , 2001 .

[21]  Krzysztof Pietrzak Composition Does Not Imply Adaptive Security , 2005, CRYPTO.

[22]  Manuel Blum,et al.  Checking the correctness of memories , 2005, Algorithmica.

[23]  Larry Carter,et al.  Universal classes of hash functions (Extended Abstract) , 1977, STOC '77.

[24]  Silvio Micali,et al.  On the Cryptographic Applications of Random Functions , 1984, CRYPTO.

[25]  Oded Goldreich,et al.  The Foundations of Cryptography - Volume 2: Basic Applications , 2001 .

[26]  Michael Luby,et al.  How to Construct Pseudo-Random Permutations from Pseudo-Random Functions (Abstract) , 1986, CRYPTO.

[27]  Krzysztof Pietrzak Composition Implies Adaptive Security in Minicrypt , 2006, EUROCRYPT.

[28]  Oded Goldreich Foundations of Cryptography: Index , 2001 .

[29]  Leonid A. Levin,et al.  A Pseudorandom Generator from any One-way Function , 1999, SIAM J. Comput..

[30]  Vadim Lyubashevsky,et al.  Man-in-the-Middle Secure Authentication Schemes from LPN and Weak PRFs , 2013, IACR Cryptol. ePrint Arch..

[31]  Michael Luby,et al.  Pseudorandomness and cryptographic applications , 1996, Princeton computer science notes.

[32]  Oded Goldreich,et al.  Towards a Theory of Software Protection , 1986, CRYPTO.