Pseudo-random permutation generators and cryptographic composition
STOC '86 Proceedings of the eighteenth annual ACM symposium on Theory of computing
How to construct pseudorandom permutations from pseudorandom functions
SIAM Journal on Computing - Special issue on cryptography
Indistinguishability of Random Systems
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Hard-core distributions for somewhat hard problems
FOCS '95 Proceedings of the 36th Annual Symposium on Foundations of Computer Science
Does Parallel Repetition Lower the Error in Computationally Sound Protocols?
FOCS '97 Proceedings of the 38th Annual Symposium on Foundations of Computer Science
Key agreement from weak bit agreement
Proceedings of the thirty-seventh annual ACM symposium on Theory of computing
Theory and application of trapdoor functions
SFCS '82 Proceedings of the 23rd Annual Symposium on Foundations of Computer Science
Security Amplification for Interactive Cryptographic Primitives
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
Computational Indistinguishability Amplification: Tight Product Theorems for System Composition
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Parallel repetition of computationally sound protocols revisited
TCC'07 Proceedings of the 4th conference on Theory of cryptography
Indistinguishability amplification
CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
Random oracles and auxiliary input
CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
TCC'10 Proceedings of the 7th international conference on Theory of Cryptography
Pseudorandom generators from one-way functions: a simple construction for any hardness
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Counterexamples to hardness amplification beyond negligible
TCC'12 Proceedings of the 9th international conference on Theory of Cryptography
Efficient and optimally secure key-length extension for block ciphers via randomized cascading
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
| Hi-index | 0.00 |
We consider the task of amplifying the security of a weak pseudorandom permutation (PRP), called an ε-PRP, for which the computational distinguishing advantage is only guaranteed to be bounded by some (possibly non-negligible) quantity ε 1. We prove that the cascade (i.e., sequential composition) of m ε-PRPs (with independent keys) is an ((m - (m - 1)ε)εm + V)-PRP, where V is a negligible function. In the asymptotic setting, this implies security amplification for all ε 1-1/poly, and the result extends to two-sided PRPs, where the inverse of the given permutation is also queried. Furthermore, we show that this result is essentially tight. This settles a long-standing open problem due to Luby and Rackoff (STOC '86). Our approach relies on the first hardcore lemma for computational indistinguishability of interactive systems: Given two systems whose states do not depend on the interaction, and which no efficient adversary can distinguish with advantage better than ε, we show that there exist events on the choices of the respective states, occurring each with probability at least 1-ε, such that the two systems are computationally indistinguishable conditioned on these events.