Oracle Separation in the Non-uniform Model

Quantified Score

Visualization

Abstract

Oracle separation methods are used in cryptography to rule out black-box reductions between cryptographic primitives. It is sufficient to find an oracle relative to which the base primitive exists but there are no secure instances of the constructed primitive. In practice, it is beyond our current reach to construct a fixed oracle with such properties for most of the reductions because it is difficult to guarantee the existence of secure base primitives. For example, to show that there exist no black-box reductions from collision-free functions to one-way permutations we have to show that secure one-way permutations exist relative to the oracle. However, no deterministic constructions for unconditionally secure one-way permutations are known yet. To overcome this gap, randomized oracles are used to create random base primitives that are secure on average. After that, a fixed oracle with the desired properties is extracted from the probability distribution by using non-constructive combinatorial arguments such as the first Borel-Cantelli lemma. This oracle extraction argument only applies to uniform reductions because it uses the countability of the set of all uniform Turing machines. In this work, we show how to adapt oracle separation results to the non-uniform security model. We consider the known separation techniques that are capable of ruling out the so-called fully black-box reductions and show that they can be extended to the non-uniform model with only minor modifications. As almost all separation results known to date fit into our separation framework, we conclude that they imply non-existence of fully black-box reductions in the non-uniform model. We also generalize our approach to a certain strong form of semi-black-box reductions. However, it stays an open question whether it is possible to adapt our technique to the weaker notions of black-box reductions in the non-uniform model.