Document Open Access Logo

Time-Space Tradeoffs of Truncation with Preprocessing

Authors Krzysztof Pietrzak , Pengxiang Wang

PDF

File

Thumbnail PDF
PDF
LIPIcs.ITC.2025.4.pdf
  • Filesize: 0.73 MB
  • 10 pages

Document Identifiers

Subject Classification

ACM Subject Classification
  • Theory of computation → Interactive proof systems
  • Theory of computation → Cryptographic protocols
  • Security and privacy → Information-theoretic techniques
Keywords
  • Time-Space Lower Bounds
  • Blockchains

Metrics

  • Access Statistics
  • Total Accesses (updated on a weekly basis)
    0
    PDF Downloads
    0
    Metadata Views

Abstract

Truncation of cryptographic outputs is a technique that was recently introduced in Baldimtsi et al. [Foteini Baldimtsi et al., 2022]. The general idea is to try out many inputs to some cryptographic algorithm until the output (e.g. a public-key or some hash value) falls into some sparse set and thus can be compressed: by trying out an expected 2^k different inputs one will find an output that starts with k zeros.
Using such truncation one can for example save substantial gas fees on Blockchains where storing values is very expensive. While [Foteini Baldimtsi et al., 2022] show that truncation preserves the security of the underlying primitive, they only consider a setting without preprocessing. In this work we show that lower bounds on the time-space tradeoff for inverting random functions and permutations also hold with truncation, except for parameters ranges where the bound fails to hold for "trivial" reasons.
Concretely, it’s known that any algorithm that inverts a random function or permutation with range N making T queries and using S bits of auxiliary input must satisfy S⋅ T ≥ Nlog N. This lower bound no longer holds in the truncated setting where one must only invert a challenge from a range of size N/2^k, as now one can simply save the replies to all N/2^k challenges, which requires S = log N⋅ N /2^k bits and allows to invert with T = 1 query.
We show that with truncation, whenever S is somewhat smaller than the log N⋅ N /2^k bits required to store the entire truncated function table, the known S⋅ T ≥ Nlog N lower bound applies.

Cite As Get BibTex

Krzysztof Pietrzak and Pengxiang Wang. Time-Space Tradeoffs of Truncation with Preprocessing. In 6th Conference on Information-Theoretic Cryptography (ITC 2025). Leibniz International Proceedings in Informatics (LIPIcs), Volume 343, pp. 4:1-4:10, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2025) https://doi.org/10.4230/LIPIcs.ITC.2025.4

Author Details

Krzysztof Pietrzak
  • IST, Klosterneuburg, Austria
Pengxiang Wang
  • EPFL, Lausanne, Switzerland

References

  1. Hamza Abusalah, Joël Alwen, Bram Cohen, Danylo Khilko, Krzysztof Pietrzak, and Leonid Reyzin. Beyond hellman’s time-memory trade-offs with applications to proofs of space. In Tsuyoshi Takagi and Thomas Peyrin, editors, ASIACRYPT 2017, Part II, volume 10625 of LNCS, pages 357-379. Springer, Heidelberg, December 2017. URL: https://doi.org/10.1007/978-3-319-70697-9_13.
  2. Foteini Baldimtsi, Konstantinos Chalkias, Panagiotis Chatzigiannis, and Mahimna Kelkar. Truncator: Time-space tradeoff of cryptographic primitives. Cryptology ePrint Archive, Paper 2022/1581, 2022. URL: https://eprint.iacr.org/2022/1581.
  3. Henry Corrigan-Gibbs and Dmitry Kogan. The discrete-logarithm problem with preprocessing. In Jesper Buus Nielsen and Vincent Rijmen, editors, Advances in Cryptology - EUROCRYPT 2018 - 37th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Tel Aviv, Israel, April 29 - May 3, 2018 Proceedings, Part II, volume 10821 of Lecture Notes in Computer Science, pages 415-447. Springer, 2018. URL: https://doi.org/10.1007/978-3-319-78375-8_14.
  4. Anindya De, Luca Trevisan, and Madhur Tulsiani. Time space tradeoffs for attacks against one-way functions and PRGs. In Tal Rabin, editor, CRYPTO 2010, volume 6223 of LNCS, pages 649-665. Springer, Heidelberg, August 2010. URL: https://doi.org/10.1007/978-3-642-14623-7_35.
  5. Amos Fiat and Moni Naor. Rigorous time/space tradeoffs for inverting functions. In Cris Koutsougeras and Jeffrey Scott Vitter, editors, Proceedings of the 23rd Annual ACM Symposium on Theory of Computing, May 5-8, 1991, New Orleans, Louisiana, USA, pages 534-541. ACM, 1991. URL: https://doi.org/10.1145/103418.103473.
  6. Rosario Gennaro and Luca Trevisan. Lower bounds on the efficiency of generic cryptographic constructions. In 41st FOCS, pages 305-313. IEEE Computer Society Press, November 2000. URL: https://doi.org/10.1109/SFCS.2000.892119.
  7. Martin E. Hellman. A cryptanalytic time-memory trade-off. IEEE Trans. Inf. Theory, 26(4):401-406, 1980. URL: https://doi.org/10.1109/TIT.1980.1056220.
  8. Philippe Oechslin. Making a faster cryptanalytic time-memory trade-off. In Dan Boneh, editor, Advances in Cryptology - CRYPTO 2003, 23rd Annual International Cryptology Conference, Santa Barbara, California, USA, August 17-21, 2003, Proceedings, volume 2729 of Lecture Notes in Computer Science, pages 617-630. Springer, 2003. URL: https://doi.org/10.1007/978-3-540-45146-4_36.
  9. Shun Watanabe and Kenji Yasunaga. Bit security as computational cost for winning games with high probability. In Mehdi Tibouchi and Huaxiong Wang, editors, Advances in Cryptology - ASIACRYPT 2021 - 27th International Conference on the Theory and Application of Cryptology and Information Security, Singapore, December 6-10, 2021, Proceedings, Part III, volume 13092 of Lecture Notes in Computer Science, pages 161-188. Springer, 2021. URL: https://doi.org/10.1007/978-3-030-92078-4_6.
  10. Hoeteck Wee. On obfuscating point functions. In Harold N. Gabow and Ronald Fagin, editors, 37th ACM STOC, pages 523-532. ACM Press, May 2005. URL: https://doi.org/10.1145/1060590.1060669.
  11. Andrew Chi-Chih Yao. Coherent functions and program checkers (extended abstract). In 22nd ACM STOC, pages 84-94. ACM Press, May 1990. URL: https://doi.org/10.1145/100216.100226.
Questions / Remarks / Feedback
X

Feedback for Dagstuhl Publishing


Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail
© 2023-2025 Schloss Dagstuhl – LZI GmbH About DROPS Imprint Privacy Contact