Being a permutation is also orthogonal to one-wayness in quantum world: Impossibilities of quantum one-way permutations from one-wayness primitives

Abstract In this paper, three impossible results for one-way permutations in the quantum world are obtained. The first one is the impossibility of fully black-box reduction from one-way permutations to one-way functions in a quantum setting. The two-oracle method is the main technique adopted in our proof that was originally proposed by Hsiao and Reyzin, and extended later to a quantum setting by Hosoyamada and Yamakawa. Informally this technique involves a pair of oracles, and in our proof, one oracle is chosen as a random function, and the other one is devised for breaking the security of quantum one-way permutation. We show, according to the first oracle, that there is an oracle-aided circuit that is a quantum-secure one-way function. However, we also show, according to the second oracle, that there is no one-way permutation relative to those oracles. It hence claims the impossibility in the quantum setting to construct one-way permutations from one-way functions (even if both input and output are classical). The rest two impossibilities are essential enhancements of the first impossibility: We successfully obtain that it is impossible, in the quantum world, to obtain one-way permutations in a black-box manner from injective adaptive one-way functions, and (respectively) even from injective adaptive trapdoor functions. In order to reach the latter two results, we manage to get over the obstacle of finding the inverse of random injective functions even given the partial invert oracle in the quantum setting. As a result, we get a quantum lower bound of inverting random injective functions in random case. That should be of independent interest in this paper, which might, to authors' knowledge, be the first quantum lower bound of inverting random injective functions given the partial invert oracle.

[1]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[2]  Dan Boneh,et al.  Breaking RSA May Not Be Equivalent to Factoring , 1998, EUROCRYPT.

[3]  Gábor Tardos,et al.  Query complexity, or why is it difficult to separateNPA∩coNPA fromPA by random oraclesA? , 1989, Comb..

[4]  Nir Bitansky,et al.  Perfect Structure on the Edge of Chaos - Trapdoor Permutations from Indistinguishability Obfuscation , 2016, TCC.

[5]  Shengyu Zhang,et al.  On the power of Ambainis lower bounds , 2005, Theor. Comput. Sci..

[6]  Marc Fischlin,et al.  Black-Box Reductions and Separations in Cryptography , 2012, AFRICACRYPT.

[7]  Troy Lee,et al.  Negative weights make adversaries stronger , 2007, STOC '07.

[8]  Gil Segev,et al.  On Constructing One-Way Permutations from Indistinguishability Obfuscation , 2016, Journal of Cryptology.

[9]  Goutam Paul,et al.  Quantum to classical one-way function and its applications in quantum money authentication , 2018, Quantum Inf. Process..

[10]  Gil Segev,et al.  Injective Trapdoor Functions via Derandomization: How Strong is Rudich’s Black-Box Barrier? , 2018, Journal of Cryptology.

[11]  Rafael Pass,et al.  Limits of provable security from standard assumptions , 2011, STOC '11.

[12]  Dominique Unruh,et al.  Revocable Quantum Timed-Release Encryption , 2014, J. ACM.

[13]  Andris Ambainis,et al.  Quantum security proofs using semi-classical oracles , 2019, IACR Cryptol. ePrint Arch..

[14]  Mark Zhandry,et al.  Secure Signatures and Chosen Ciphertext Security in a Quantum Computing World , 2013, CRYPTO.

[15]  Andris Ambainis,et al.  Quantum lower bounds by quantum arguments , 2000, STOC '00.

[16]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[17]  Takashi Yamakawa,et al.  Finding Collisions in a Quantum World: Quantum Black-Box Separation of Collision-Resistance and One-Wayness , 2020, IACR Cryptol. ePrint Arch..

[18]  Ronald de Wolf,et al.  Quantum lower bounds by polynomials , 2001, JACM.

[19]  Hong Wang,et al.  IND-CCA-Secure Key Encapsulation Mechanism in the Quantum Random Oracle Model, Revisited , 2018, CRYPTO.

[20]  Kai-Min Chung,et al.  Tight Quantum Time-Space Tradeoffs for Function Inversion , 2020, 2020 IEEE 61st Annual Symposium on Foundations of Computer Science (FOCS).

[21]  Madhur Tulsiani,et al.  Time Space Tradeoffs for Attacks against One-Way Functions and PRGs , 2010, CRYPTO.

[22]  Dominique Unruh,et al.  Quantum Position Verification in the Random Oracle Model , 2014, CRYPTO.

[23]  Aran Nayebi,et al.  Quantum lower bound for inverting a permutation with advice , 2014, Quantum Inf. Comput..

[24]  Gil Segev,et al.  Limits on the Power of Indistinguishability Obfuscation and Functional Encryption , 2015, 2015 IEEE 56th Annual Symposium on Foundations of Computer Science.

[25]  Russell Impagliazzo,et al.  Limits on the provable consequences of one-way permutations , 1988, STOC '89.

[26]  Dario Fiore,et al.  Uniqueness is a Different Story: Impossibility of Verifiable Random Functions from Trapdoor Permutations , 2012, IACR Cryptol. ePrint Arch..

[27]  Craig Gentry,et al.  Separating succinct non-interactive arguments from all falsifiable assumptions , 2011, STOC '11.

[28]  David Cash,et al.  Foundations of Non-malleable Hash and One-Way Functions , 2009, ASIACRYPT.

[29]  Michael Luby,et al.  How to Construct Pseudo-Random Permutations from Pseudo-Random Functions (Abstract) , 1986, CRYPTO.

[30]  Yevgeniy Dodis,et al.  On the Generic Insecurity of the Full Domain Hash , 2005, CRYPTO.

[31]  Andris Ambainis,et al.  Symmetry-Assisted Adversaries for Quantum State Generation , 2011, 2011 IEEE 26th Annual Conference on Computational Complexity.

[32]  Mark Zhandry,et al.  A Note on Quantum-Secure PRPs , 2016, IACR Cryptol. ePrint Arch..

[33]  Mark Zhandry,et al.  Secure Identity-Based Encryption in the Quantum Random Oracle Model , 2012, CRYPTO.

[34]  Leonid A. Levin,et al.  A hard-core predicate for all one-way functions , 1989, STOC '89.

[35]  Marc Fischlin,et al.  On the Impossibility of Three-Move Blind Signature Schemes , 2010, EUROCRYPT.

[36]  Luca Trevisan,et al.  Notions of Reducibility between Cryptographic Primitives , 2004, TCC.

[37]  Mark Zhandry,et al.  Quantum-Secure Message Authentication Codes , 2013, IACR Cryptol. ePrint Arch..

[38]  Robert Spalek The Multiplicative Quantum Adversary , 2008, 2008 23rd Annual IEEE Conference on Computational Complexity.

[39]  John Rompel,et al.  One-way functions are necessary and sufficient for secure signatures , 1990, STOC '90.

[40]  Troy Lee,et al.  Quantum Query Complexity of State Conversion , 2010, 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science.

[41]  Jérémie Roland,et al.  Explicit relation between all lower bound techniques for quantum query complexity , 2012, STACS.

[42]  Dominique Unruh,et al.  Non-Interactive Zero-Knowledge Proofs in the Quantum Random Oracle Model , 2015, EUROCRYPT.

[43]  Mark Zhandry,et al.  How to Construct Quantum Random Functions , 2012, 2012 IEEE 53rd Annual Symposium on Foundations of Computer Science.

[44]  Andrew Chi-Chih Yao,et al.  Theory and Applications of Trapdoor Functions (Extended Abstract) , 1982, FOCS.

[45]  Mark Zhandry,et al.  Random Oracles in a Quantum World , 2010, ASIACRYPT.

[46]  Mark Zhandry,et al.  On Finding Quantum Multi-collisions , 2018, IACR Cryptol. ePrint Arch..

[47]  Michael E. Saks,et al.  A dual version of Reimer's inequality and a proof of Rudich's conjecture , 2000, Proceedings 15th Annual IEEE Conference on Computational Complexity.

[48]  Manuel Blum,et al.  Generic Oracles and Oracle Classes (Extended Abstract) , 1987, FOCS 1987.

[49]  Juris Hartmanis,et al.  One-Way Functions and the Nonisomorphism of NP-Complete Sets , 1991, Theor. Comput. Sci..

[50]  Leonid Reyzin,et al.  Finding Collisions on a Public Road, or Do Secure Hash Functions Need Secret Coins? , 2004, CRYPTO.

[51]  Leonid A. Levin,et al.  A Pseudorandom Generator from any One-way Function , 1999, SIAM J. Comput..

[52]  Luca Trevisan,et al.  Lower bounds on the efficiency of generic cryptographic constructions , 2000, Proceedings 41st Annual Symposium on Foundations of Computer Science.

[53]  Chi-Jen Lu,et al.  The Impossibility of Basing One-Way Permutations on Central Cryptographic Primitives , 2005, Journal of Cryptology.

[54]  I. Chuang,et al.  Quantum Computation and Quantum Information: Bibliography , 2010 .

[55]  Mark Zhandry,et al.  How to Record Quantum Queries, and Applications to Quantum Indifferentiability , 2019, IACR Cryptol. ePrint Arch..

[56]  Gilles Brassard,et al.  Quantum cryptography: Public key distribution and coin tossing , 2014, Theor. Comput. Sci..

[57]  Takahiro Matsuda,et al.  On Black-Box Separations among Injective One-Way Functions , 2011, TCC.