Complexity measures for public-key cryptosystems
SIAM Journal on Computing - Special issue on cryptography
On hardness of one-way functions
Information Processing Letters
SIAM Journal on Computing
An observation on associative one-way functions in complexity theory
Information Processing Letters
Journal of Computer and System Sciences
Polynomial reducibilities and complete sets.
Polynomial reducibilities and complete sets.
The cpa's responsibility for the prevention and detection of computer fraud.
The cpa's responsibility for the prevention and detection of computer fraud.
If P ≠ NP then some strongly noninvertible functions are invertible
Theoretical Computer Science
Quantum cryptography: A survey
ACM Computing Surveys (CSUR)
ICTCS'05 Proceedings of the 9th Italian conference on Theoretical Computer Science
Hi-index | 0.00 |
We study the ambiguity, or "many-to-one"-ness, of two-argument, one-way functions that are strong (that is, hard to invert even if one of their arguments is given), total, and associative. Such powerful one-way functions are the basis of a cryptographic paradigm described by Rabi and Sherman (Inform. Process. Lett. 64(2) (1997) 239) and were shown by Hemaspaandra and Rothe (J. Comput. System Sci. 58(3) (1999) 648) to exist exactly if standard one-way functions exist.Rabi and Sherman (1997) show that no total, associative function defined over a universe having at least two elements is one-to-one. We show that if P ≠ UP, then, for every d ∈ N+, there is an ν (log/1d n)-to-one. strong, total, associative, one-way function σd. We argue that this bound is tight in the sense that any total, associative function having similar properties to σd but not necessarily strong or one-way must have at least the same order of magnitude of ambiguity as σd has. We demonstrate that the techniques used in proving the above-stated results easily apply to other classes of total, associative functions.We provide a complete characterization for the existence of strong, total, associative, one-way functions whose ambiguity approaches the lower bounds we provide. We say a language is in PolylogP if there exists a polynomial-time Turing machine M accepting the language such that for some d ∈ R- it holds that M has on each string x at most ν (logdn) accepting paths, where n = |x|. We show that P ≠ PolylogP if and only for some d ∈ R- there exists an ν (logdn)-to-one, strong, total, associative, one-way function.