Limits on the provable consequences of one-way permutations
STOC '89 Proceedings of the twenty-first annual ACM symposium on Theory of computing
A zero-one law for Boolean privacy
STOC '89 Proceedings of the twenty-first annual ACM symposium on Theory of computing
A general completeness theorem for two party games
STOC '91 Proceedings of the twenty-third annual ACM symposium on Theory of computing
More general completeness theorems for secure two-party computation
STOC '00 Proceedings of the thirty-second annual ACM symposium on Theory of computing
Reducibility and Completeness in Private Computations
SIAM Journal on Computing
The All-or-Nothing Nature of Two-Party Secure Computation
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Limits on the Efficiency of One-Way Permutation-Based Hash Functions
FOCS '99 Proceedings of the 40th Annual Symposium on Foundations of Computer Science
The relationship between public key encryption and oblivious transfer
FOCS '00 Proceedings of the 41st Annual Symposium on Foundations of Computer Science
A personal view of average-case complexity
SCT '95 Proceedings of the 10th Annual Structure in Complexity Theory Conference (SCT'95)
On the Impossibility of Basing Trapdoor Functions on Trapdoor Predicates
FOCS '01 Proceedings of the 42nd IEEE symposium on Foundations of Computer Science
Bounds on the Efficiency of Generic Cryptographic Constructions
SIAM Journal on Computing
FOCS '07 Proceedings of the 48th Annual IEEE Symposium on Foundations of Computer Science
Lower Bounds on Signatures From Symmetric Primitives
FOCS '07 Proceedings of the 48th Annual IEEE Symposium on Foundations of Computer Science
30th Annual Symposium on Foundations of Computer Science (Cat. No.89CH2808-4)
SFCS '89 Proceedings of the 30th Annual Symposium on Foundations of Computer Science
One-way functions are essential for complexity based cryptography
SFCS '89 Proceedings of the 30th Annual Symposium on Foundations of Computer Science
Privacy and communication complexity
SFCS '89 Proceedings of the 30th Annual Symposium on Foundations of Computer Science
On the Impossibility of Basing Identity Based Encryption on Trapdoor Permutations
FOCS '08 Proceedings of the 2008 49th Annual IEEE Symposium on Foundations of Computer Science
Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
Merkle Puzzles Are Optimal -- An O(n2)-Query Attack on Any Key Exchange from a Random Oracle
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Statistically Hiding Commitments and Statistical Zero-Knowledge Arguments from Any One-Way Function
SIAM Journal on Computing
Semi-honest to malicious oblivious transfer: the black-box way
TCC'08 Proceedings of the 5th conference on Theory of cryptography
How to compress interactive communication
Proceedings of the forty-second ACM symposium on Theory of computing
A zero-one law for cryptographic complexity with respect to computational UC security
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Proceedings of the 8th conference on Theory of cryptography
TCC'11 Proceedings of the 8th conference on Theory of cryptography
Completeness theorems with constructive proofs for finite deterministic 2-party functions
TCC'11 Proceedings of the 8th conference on Theory of cryptography
A zero-one law for secure multi-party computation with ternary outputs
TCC'11 Proceedings of the 8th conference on Theory of cryptography
On the black-box complexity of optimally-fair coin tossing
TCC'11 Proceedings of the 8th conference on Theory of cryptography
Exploring the limits of common coins using frontier analysis of protocols
TCC'11 Proceedings of the 8th conference on Theory of cryptography
On black-box separations among injective one-way functions
TCC'11 Proceedings of the 8th conference on Theory of cryptography
Impossibility of blind signatures from one-way permutations
TCC'11 Proceedings of the 8th conference on Theory of cryptography
On hardness amplification of one-way functions
TCC'05 Proceedings of the Second international conference on Theory of Cryptography
Completeness for symmetric two-party functionalities - revisited
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
Limits on the usefulness of random oracles
TCC'13 Proceedings of the 10th theory of cryptography conference on Theory of Cryptography
| Hi-index | 0.00 |
The seminal result of Impagliazzo and Rudich (STOC 1989) gave a black-box separation between one-way functions and public-key encryption: a public-key encryption scheme cannot be constructed using one-way functions in a black-box way. In addition, their result implied black-box separations between one-way functions and protocols for certain Secure Function Evaluation (SFE) functionalities (in particular, Oblivious Transfer). Surprisingly, however, since then there has been no further progress in separating one-way functions and SFE functionalities. In this work, we present the complete picture for finite deterministic 2-party SFE functionalities, vis a vis one-way functions. We show that in case of semi-honest adversaries, one-way functions are black-box separated from all such SFE functionalities, except the ones which have unconditionally secure protocols (and hence do not rely on any computational hardness). In the case of active adversaries, a black-box one-way function is indeed useful for SFE, but we show that it is useful only as much as access to an ideal commitment functionality is useful. Technically, our main result establishes the limitations of random oracles for secure computation. We show that a two-party deterministic functionality f has a secure protocol in the random oracle model that is (statistically) secure against semi-honest adversaries if and only if f has a protocol in the plain model that is (perfectly) secure against semi-honest adversaries. Further, in the case of active adversaries, a deterministic SFE functionality f has a (UC or standalone) statistically secure protocol in the random oracle model if and only if f has a (UC or standalone) statistically secure protocol in the commitment-hybrid model. Our proof is based on a "frontier analysis" of two-party protocols, combining it with (extensions of) the "independence learners" of Impagliazzo-Rudich/Barak-Mahmoody. We make essential use of a combinatorial property, originally discovered by Kushilevitz (FOCS 1989), of functions that have semi-honest secure protocols in the plain model (and hence our analysis applies only to functions of polynomial-sized domains, for which such a characterization is known). Our result could be seen as a first step towards proving a conjecture that we put forth in this work and call it the Many-Worlds Conjecture. For every 2-party SFE functionality f, one can consider a "world" where f can be semi-honest securely realized in the computational setting. Many-Worlds Conjecture states that there are infinitely many "distinct worlds" between minicrypt and cryptomania in the universe of Impagliazzo's Worlds.