How to construct random functions
Journal of the ACM (JACM)
Limits on the provable consequences of one-way permutations
STOC '89 Proceedings of the twenty-first annual ACM symposium on Theory of computing
A Pseudorandom Generator from any One-way Function
SIAM Journal on Computing
Expanding Pseudorandom Functions; or: From Known-Plaintext Security to Chosen-Plaintext Security
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
A personal view of average-case complexity
SCT '95 Proceedings of the 10th Annual Structure in Complexity Theory Conference (SCT'95)
Number-theoretic constructions of efficient pseudo-random functions
Journal of the ACM (JACM)
Foundations of Cryptography: Volume 2, Basic Applications
Foundations of Cryptography: Volume 2, Basic Applications
On the randomness complexity of efficient sampling
Proceedings of the thirty-eighth annual ACM symposium on Theory of computing
One-way functions are essential for complexity based cryptography
SFCS '89 Proceedings of the 30th Annual Symposium on Foundations of Computer Science
A Fast and Key-Efficient Reduction of Chosen-Ciphertext to Known-Plaintext Security
EUROCRYPT '07 Proceedings of the 26th annual international conference on Advances in Cryptology
Range Extension for Weak PRFs; The Good, the Bad, and the Ugly
EUROCRYPT '07 Proceedings of the 26th annual international conference on Advances in Cryptology
Distributed Pseudo-random functions and KDCs
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Efficient pseudorandom generators from exponentially hard one-way functions
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
Composition implies adaptive security in minicrypt
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Luby-Rackoff ciphers from weak round functions?
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Pseudorandom generators from one-way functions: a simple construction for any hardness
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Expanding weak PRF with small key size
ICISC'05 Proceedings of the 8th international conference on Information Security and Cryptology
Leftover Hash Lemma, revisited
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Practical leakage-resilient pseudorandom objects with minimum public randomness
CT-RSA'13 Proceedings of the 13th international conference on Topics in Cryptology
Leakage-Resilient symmetric encryption via re-keying
CHES'13 Proceedings of the 15th international conference on Cryptographic Hardware and Embedded Systems
| Hi-index | 0.00 |
A family of functions is weaklypseudorandom if a random member of the family is indistinguishable from a uniform random function when queried on randominputs. We point out a subtle ambiguity in the definition of weak PRFs: there are natural weak PRFs whose security breaks down if the randomness used to sample the inputs is revealed. To capture this ambiguity we distinguish between public-coinand secret-coinweak PRFs.We show that the existence of a secret-coin weak PRF which is notalso a public-coin weak PRF implies the existence of two pass key-agreement (i.e. public-key encryption). So in Minicrypt, i.e. under the assumption that one-way functions exist but public-key cryptography does not, the notion of public- and secret-coin weak PRFs coincide.Previous to this paper all positive cryptographic statements known to hold exclusively in Minicryptconcerned the adaptive security of constructions using non-adaptively secure components. Weak PRFs give rise to a new set of statements having this property. As another example we consider the problem of range extension for weak PRFs. We show that in Minicryptone can beat the best possible range expansion factor (using a fixed number of distinct keys) for a very general class of constructions (in particular, this class contains all constructions that are known today).