RSA and Rabin functions: certain parts are as hard as the whole
SIAM Journal on Computing - Special issue on cryptography
A hard-core predicate for all one-way functions
STOC '89 Proceedings of the twenty-first annual ACM symposium on Theory of computing
Theory and application of trapdoor functions
SFCS '82 Proceedings of the 23rd Annual Symposium on Foundations of Computer Science
Efficient And Secure Pseudo-Random Number Generation
SFCS '84 Proceedings of the 25th Annual Symposium onFoundations of Computer Science, 1984
The Hidden Number Problem in Extension Fields and Its Applications
LATIN '02 Proceedings of the 5th Latin American Symposium on Theoretical Informatics
Spectral Bounds on General Hard Core Predicates
STACS '00 Proceedings of the 17th Annual Symposium on Theoretical Aspects of Computer Science
All Bits ax+b mod p are Hard (Extended Abstract)
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Practical Construction and Analysis of Pseudo-Randomness Primitives
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
FCT '01 Proceedings of the 13th International Symposium on Fundamentals of Computation Theory
Hard bits of the discrete log with applications to password authentication
CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology
| Hi-index | 0.00 |
In this paper we consider the bit-security of two types of universal hash functions: linear functions on GF[2n] and linear functions on the integers modulo a prime. We show individual security for all bits in the first case and for the O(log n) least significant bits in the second case. Both types of functions are shown to have O(log n) simultaneous secure bits. For the second type of functions, primes of length Ω(n) are needed. Together with the Goldreich-Levin theorem, this shows that all the common types of universal hash functions provide so called hard-core bits.