Universal one-way hash functions and their cryptographic applications
STOC '89 Proceedings of the twenty-first annual ACM symposium on Theory of computing
Limits on the provable consequences of one-way permutations
STOC '89 Proceedings of the twenty-first annual ACM symposium on Theory of computing
One-way functions are necessary and sufficient for secure signatures
STOC '90 Proceedings of the twenty-second annual ACM symposium on Theory of computing
A Design Principle for Hash Functions
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
One Way Hash Functions and DES
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
The Use of Interaction in Public Cryptosystems (Extended Abstract)
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Collision-Resistant Hashing: Towards Making UOWHFs Practical
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Collision free hash functions and public key signature schemes
EUROCRYPT'87 Proceedings of the 6th annual international conference on Theory and application of cryptographic techniques
CT-RSA '02 Proceedings of the The Cryptographer's Track at the RSA Conference on Topics in Cryptology
Hash Functions: From Merkle-Damgård to Shoup
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
On the Impossibilities of Basing One-Way Permutations on Central Cryptographic Primitives
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Lower bounds on the efficiency of encryption and digital signature schemes
Proceedings of the thirty-fifth annual ACM symposium on Theory of computing
Black-box constructions for secure computation
Proceedings of the thirty-eighth annual ACM symposium on Theory of computing
Compression from Collisions, or Why CRHF Combiners Have a Long Output
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Adaptive Zero-Knowledge Proofs and Adaptively Secure Oblivious Transfer
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
On the (Im)Possibility of Key Dependent Encryption
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
Chosen-Ciphertext Security via Correlated Products
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Efficiency Bounds for Adversary Constructions in Black-Box Reductions
ACISP '09 Proceedings of the 14th Australasian Conference on Information Security and Privacy
Oracle Separation in the Non-uniform Model
ProvSec '09 Proceedings of the 3rd International Conference on Provable Security
Bounds on the efficiency of black-box commitment schemes
Theoretical Computer Science
One-way permutations, interactive hashing and statistically hiding commitments
TCC'07 Proceedings of the 4th conference on Theory of cryptography
Towards a separation of semantic and CCA security for public key encryption
TCC'07 Proceedings of the 4th conference on Theory of cryptography
On the power of claw-free permutations
SCN'02 Proceedings of the 3rd international conference on Security in communication networks
A linear lower bound on the communication complexity of single-server private information retrieval
TCC'08 Proceedings of the 5th conference on Theory of cryptography
Chosen-Ciphertext Security via Correlated Products
SIAM Journal on Computing
Black-Box Constructions of Protocols for Secure Computation
SIAM Journal on Computing
Bounds on the efficiency of “black-box” commitment schemes
ICALP'05 Proceedings of the 32nd international conference on Automata, Languages and Programming
On hardness amplification of one-way functions
TCC'05 Proceedings of the Second international conference on Theory of Cryptography
On the generic insecurity of the full domain hash
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
On the power of nonuniformity in proofs of security
Proceedings of the 4th conference on Innovations in Theoretical Computer Science
Limits on the usefulness of random oracles
TCC'13 Proceedings of the 10th theory of cryptography conference on Theory of Cryptography
A cookbook for black-box separations and a recipe for UOWHFs
TCC'13 Proceedings of the 10th theory of cryptography conference on Theory of Cryptography
Limits of random oracles in secure computation
Proceedings of the 5th conference on Innovations in theoretical computer science
| Hi-index | 0.00 |
Naor and Yung have shown that a one-bit-compressing universal one-way hash function (UOWHF) can be constructed based on a one-way permutation. This construction can be iterated to build a UOWHF which compresses by \math bits, at the cost of \math invocations of the one-way permutation. We show that this construction is not far from optimal, in the following sense: there exists an oracle relative to which there exists a one-way permutation with inversion probability \math (for any \math, but any construction of an \math-bit-compressing UOWHF requires \math invocations of the one-way permutation, on average. (For example, there exists in this relativized world a one-way permutation with inversion probability \math, but no UOWHF that invokes it fewer than \math times.) Thus any proof that a more efficient UOWHF can be derived from a one-way permutation is necessarily non-relativizing; in particular, no provable construction of a more efficient UOWHF can exist based solely on a "black box" one-way permutation. This result can be viewed as a partial justification for the practice of building efficient UOWHFs from stronger primitives (such as collision-intractable hash functions), rather than from weaker primitives such as one-way permutations.