On the Complexity of Decomposable Randomized Encodings, Or: How Friendly Can a Garbling-Friendly PRF Be?

Authors Marshall Ball, Justin Holmgren, Yuval Ishai, Tianren Liu, Tal Malkin



PDF
Thumbnail PDF

File

LIPIcs.ITCS.2020.86.pdf
  • Filesize: 0.63 MB
  • 22 pages

Document Identifiers

Author Details

Marshall Ball
  • Columbia University, New York, NY, USA
Justin Holmgren
  • Simons Institute, Berkeley, CA, USA
Yuval Ishai
  • Technion - Israel Institute of Technology, Haifa, Israel
Tianren Liu
  • University of Washington, Seattle, WA, USA
Tal Malkin
  • Columbia University, New York, NY, USA

Acknowledgements

We thank Igor Shparlinski for helpful discussions and pointers to the literature on the hidden shift problem. We also thank Siyao Guo, Lucas Kowlaczyk, Ron Rothblum, Jonathan Ullman, and Vinod Vaikuntanathan for related discussions and collaborations.

Cite AsGet BibTex

Marshall Ball, Justin Holmgren, Yuval Ishai, Tianren Liu, and Tal Malkin. On the Complexity of Decomposable Randomized Encodings, Or: How Friendly Can a Garbling-Friendly PRF Be?. In 11th Innovations in Theoretical Computer Science Conference (ITCS 2020). Leibniz International Proceedings in Informatics (LIPIcs), Volume 151, pp. 86:1-86:22, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2020)
https://doi.org/10.4230/LIPIcs.ITCS.2020.86

Abstract

Garbling schemes, also known as decomposable randomized encodings (DRE), have found many applications in cryptography. However, despite a large body of work on constructing such schemes, very little is known about their limitations. We initiate a systematic study of the DRE complexity of Boolean functions, obtaining the following main results: - Near-quadratic lower bounds. We use a classical lower bound technique of Nečiporuk [Dokl. Akad. Nauk SSSR '66] to show an Ω(n²/log n) lower bound on the size of any DRE for many explicit Boolean functions. For some natural functions, we obtain a corresponding upper bound, thus settling their DRE complexity up to polylogarithmic factors. Prior to our work, no superlinear lower bounds were known, even for non-explicit functions. - Garbling-friendly PRFs. We show that any exponentially secure PRF has Ω(n²/log n) DRE size, and present a plausible candidate for a "garbling-optimal" PRF that nearly meets this bound. This candidate establishes a barrier for super-quadratic DRE lower bounds via natural proof techniques. In contrast, we show a candidate for a weak PRF with near-exponential security and linear DRE size. Our results establish several qualitative separations, including near-quadratic separations between computational and information-theoretic DRE size of Boolean functions, and between DRE size of weak vs. strong PRFs.

Subject Classification

ACM Subject Classification
  • Theory of computation → Computational complexity and cryptography
Keywords
  • Randomized Encoding
  • Private Simultaneous Messages

Metrics

  • Access Statistics
  • Total Accesses (updated on a weekly basis)
    0
    PDF Downloads

References

  1. Shweta Agrawal, Yuval Ishai, Dakshita Khurana, and Anat Paskin-Cherniavsky. Statistical Randomized Encodings: A Complexity Theoretic View. In Magnús M. Halldórsson, Kazuo Iwama, Naoki Kobayashi, and Bettina Speckmann, editors, Automata, Languages, and Programming - 42nd International Colloquium, ICALP 2015, Kyoto, Japan, July 6-10, 2015, Proceedings, Part I, volume 9134 of Lecture Notes in Computer Science, pages 1-13. Springer, 2015. URL: https://doi.org/10.1007/978-3-662-47672-7_1.
  2. Martin R. Albrecht, Lorenzo Grassi, Léo Perrin, Sebastian Ramacher, Christian Rechberger, Dragos Rotaru, Arnab Roy, and Markus Schofnegger. Feistel Structures for MPC, and More. IACR Cryptology ePrint Archive, 2019:397, 2019. URL: https://eprint.iacr.org/2019/397.
  3. Martin R. Albrecht, Christian Rechberger, Thomas Schneider, Tyge Tiessen, and Michael Zohner. Ciphers for MPC and FHE. In Elisabeth Oswald and Marc Fischlin, editors, Advances in Cryptology - EUROCRYPT 2015 - 34th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Sofia, Bulgaria, April 26-30, 2015, Proceedings, Part I, volume 9056 of Lecture Notes in Computer Science, pages 430-454. Springer, 2015. URL: https://doi.org/10.1007/978-3-662-46800-5_17.
  4. Michael Anshel and Dorian Goldfeld. Zeta functions, one-way functions, and pseudorandom number generators. Duke Math. J., 88(2):371-390, June 1997. URL: https://doi.org/10.1215/S0012-7094-97-08815-3.
  5. Benny Applebaum. Key-Dependent Message Security: Generic Amplification and Completeness. J. Cryptology, 27(3):429-451, 2014. URL: https://doi.org/10.1007/s00145-013-9149-6.
  6. Benny Applebaum. Garbled Circuits as Randomized Encodings of Functions: a Primer. In Yehuda Lindell, editor, Tutorials on the Foundations of Cryptography, pages 1-44. Springer International Publishing, 2017. URL: https://doi.org/10.1007/978-3-319-57048-8_1.
  7. Benny Applebaum, Thomas Holenstein, Manoj Mishra, and Ofer Shayevitz. The Communication Complexity of Private Simultaneous Messages, Revisited. In Jesper Buus Nielsen and Vincent Rijmen, editors, Advances in Cryptology - EUROCRYPT 2018 - 37th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Tel Aviv, Israel, April 29 - May 3, 2018 Proceedings, Part II, volume 10821 of Lecture Notes in Computer Science, pages 261-286. Springer, 2018. URL: https://doi.org/10.1007/978-3-319-78375-8_9.
  8. Benny Applebaum, Yuval Ishai, and Eyal Kushilevitz. Cryptography in NC^0. SIAM J. Comput., 36(4):845-888, 2006. URL: https://doi.org/10.1137/S0097539705446950.
  9. Benny Applebaum, Yuval Ishai, and Eyal Kushilevitz. Cryptography with Constant Input Locality. J. Cryptology, 22(4):429-469, 2009. URL: https://doi.org/10.1007/s00145-009-9039-0.
  10. Benny Applebaum, Yuval Ishai, and Eyal Kushilevitz. From Secrecy to Soundness: Efficient Verification via Secure Computation. In Samson Abramsky, Cyril Gavoille, Claude Kirchner, Friedhelm Meyer auf der Heide, and Paul G. Spirakis, editors, Automata, Languages and Programming, 37th International Colloquium, ICALP 2010, Bordeaux, France, July 6-10, 2010, Proceedings, Part I, volume 6198 of Lecture Notes in Computer Science, pages 152-163. Springer, 2010. URL: https://doi.org/10.1007/978-3-642-14165-2_14.
  11. Benny Applebaum, Yuval Ishai, and Eyal Kushilevitz. How to Garble Arithmetic Circuits. SIAM J. Comput., 43(2):905-929, 2014. Google Scholar
  12. Marshall Ball, Brent Carmer, Tal Malkin, Mike Rosulek, and Nichole Schimanski. Garbled Neural Networks are Practical. IACR Cryptology ePrint Archive, 2019:338, 2019. URL: https://eprint.iacr.org/2019/338.
  13. Boaz Barak, Iftach Haitner, Dennis Hofheinz, and Yuval Ishai. Bounded Key-Dependent Message Security. In Henri Gilbert, editor, Advances in Cryptology - EUROCRYPT 2010, 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Monaco / French Riviera, May 30 - June 3, 2010. Proceedings, volume 6110 of Lecture Notes in Computer Science, pages 423-444. Springer, 2010. URL: https://doi.org/10.1007/978-3-642-13190-5_22.
  14. David Arno Barrington. Width-3 permutation branching programs. Laboratory for Computer Science, Massachusetts Institute of Technology, 1985. Google Scholar
  15. Tugkan Batu, Sanjoy Dasgupta, Ravi Kumar, and Ronitt Rubinfeld. The Complexity of Approximating the Entropy. SIAM J. Comput., 35(1):132-150, 2005. Google Scholar
  16. Paul Beame, Nathan Grosshans, Pierre McKenzie, and Luc Segoufin. Nondeterminism and An Abstract Formulation of Nečiporuk’s Lower Bound Method. TOCT, 9(1):5:1-5:34, 2016. Google Scholar
  17. Amos Beimel, Ariel Gabizon, Yuval Ishai, Eyal Kushilevitz, Sigurd Meldgaard, and Anat Paskin-Cherniavsky. Non-Interactive Secure Multiparty Computation. In CRYPTO (2), volume 8617 of Lecture Notes in Computer Science, pages 387-404. Springer, 2014. Google Scholar
  18. Mihir Bellare, Viet Tung Hoang, and Phillip Rogaway. Foundations of garbled circuits. In Ting Yu, George Danezis, and Virgil D. Gligor, editors, the ACM Conference on Computer and Communications Security, CCS'12, Raleigh, NC, USA, October 16-18, 2012, pages 784-796. ACM, 2012. URL: https://doi.org/10.1145/2382196.2382279.
  19. Dan Boneh, Yuval Ishai, Alain Passelègue, Amit Sahai, and David J. Wu. Exploring Crypto Dark Matter: - New Simple PRF Candidates and Their Applications. In TCC (2), volume 11240 of Lecture Notes in Computer Science, pages 699-729. Springer, 2018. Google Scholar
  20. Dan Boneh and Richard J. Lipton. Algorithms for Black-Box Fields and their Application to Cryptography. In Neal Koblitz, editor, Advances in Cryptology - CRYPTO '96, pages 283-297, Berlin, Heidelberg, 1996. Springer Berlin Heidelberg. Google Scholar
  21. Jean Bourgain, Moubariz Z. Garaev, Sergei Konyagin, and Igor E. Shparlinski. On the Hidden Shifted Power Problem. SIAM J. Comput., 41(6):1524-1557, 2012. Google Scholar
  22. Marco L. Carmosino, Russell Impagliazzo, Valentine Kabanets, and Antonina Kolokolova. Learning Algorithms from Natural Proofs. In Conference on Computational Complexity, volume 50 of LIPIcs, pages 10:1-10:24. Schloss Dagstuhl - Leibniz-Zentrum fuer Informatik, 2016. Google Scholar
  23. Marco L. Carmosino, Russell Impagliazzo, Valentine Kabanets, and Antonina Kolokolova. Agnostic Learning from Tolerant Natural Proofs. In APPROX-RANDOM, volume 81 of LIPIcs, pages 35:1-35:19. Schloss Dagstuhl - Leibniz-Zentrum fuer Informatik, 2017. Google Scholar
  24. Ivan Damgård. On the Randomness of Legendre and Jacobi Sequences. In CRYPTO, volume 403 of Lecture Notes in Computer Science, pages 163-172. Springer, 1988. Google Scholar
  25. Deepesh Data, Manoj Prabhakaran, and Vinod M. Prabhakaran. On the Communication Complexity of Secure Computation. In Juan A. Garay and Rosario Gennaro, editors, Advances in Cryptology - CRYPTO 2014 - 34th Annual Cryptology Conference, Santa Barbara, CA, USA, August 17-21, 2014, Proceedings, Part II, volume 8617 of Lecture Notes in Computer Science, pages 199-216. Springer, 2014. URL: https://doi.org/10.1007/978-3-662-44381-1_12.
  26. Cunsheng Ding. Pattern Distributions of Legendre Sequences. IEEE Trans. Information Theory, 44(4):1693-1698, 1998. Google Scholar
  27. Itai Dinur, Daniel Kales, Angela Promitzer, Sebastian Ramacher, and Christian Rechberger. Linear Equivalence of Block Ciphers with Partial Non-Linear Layers: Application to LowMC. In Yuval Ishai and Vincent Rijmen, editors, Advances in Cryptology - EUROCRYPT 2019 - 38th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Darmstadt, Germany, May 19-23, 2019, Proceedings, Part I, volume 11476 of Lecture Notes in Computer Science, pages 343-372. Springer, 2019. URL: https://doi.org/10.1007/978-3-030-17653-2_12.
  28. Christoph Dobraunig, Maria Eichlseder, Lorenzo Grassi, Virginie Lallemand, Gregor Leander, Eik List, Florian Mendel, and Christian Rechberger. Rasta: A Cipher with Low ANDdepth and Few ANDs per Bit. In Hovav Shacham and Alexandra Boldyreva, editors, Advances in Cryptology - CRYPTO 2018 - 38th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 19-23, 2018, Proceedings, Part I, volume 10991 of Lecture Notes in Computer Science, pages 662-692. Springer, 2018. URL: https://doi.org/10.1007/978-3-319-96884-1_22.
  29. Nico Döttling and Sanjam Garg. Identity-Based Encryption from the Diffie-Hellman Assumption. In Jonathan Katz and Hovav Shacham, editors, Advances in Cryptology - CRYPTO 2017 - 37th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 20-24, 2017, Proceedings, Part I, volume 10401 of Lecture Notes in Computer Science, pages 537-569. Springer, 2017. URL: https://doi.org/10.1007/978-3-319-63688-7_18.
  30. Uriel Feige, Joe Kilian, and Moni Naor. A minimal model for secure computation (extended abstract). In STOC, pages 554-563. ACM, 1994. Google Scholar
  31. Dankrad Feist. Legendre PRF bounties. URL: https://legendreprf.org/bounties.
  32. Michael J. Freedman, Yuval Ishai, Benny Pinkas, and Omer Reingold. Keyword Search and Oblivious Pseudorandom Functions. In Theory of Cryptography, Second Theory of Cryptography Conference, TCC 2005, Cambridge, MA, USA, February 10-12, 2005, Proceedings, pages 303-324, 2005. Google Scholar
  33. Rosario Gennaro, Craig Gentry, and Bryan Parno. Non-interactive Verifiable Computing: Outsourcing Computation to Untrusted Workers. In Tal Rabin, editor, Advances in Cryptology - CRYPTO 2010, 30th Annual Cryptology Conference, Santa Barbara, CA, USA, August 15-19, 2010. Proceedings, volume 6223 of Lecture Notes in Computer Science, pages 465-482. Springer, 2010. URL: https://doi.org/10.1007/978-3-642-14623-7_25.
  34. Oded Goldreich. The Foundations of Cryptography - Volume 1: Basic Techniques. Cambridge University Press, 2001. URL: https://doi.org/10.1017/CBO9780511546891.
  35. Oded Goldreich, Shafi Goldwasser, and Silvio Micali. How to construct random functions. J. ACM, 33(4):792-807, 1986. URL: https://doi.org/10.1145/6490.6503.
  36. Shafi Goldwasser, Yael Tauman Kalai, and Guy N. Rothblum. One-Time Programs. In David A. Wagner, editor, Advances in Cryptology - CRYPTO 2008, 28th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 17-21, 2008. Proceedings, volume 5157 of Lecture Notes in Computer Science, pages 39-56. Springer, 2008. URL: https://doi.org/10.1007/978-3-540-85174-5_3.
  37. Lorenzo Grassi, Christian Rechberger, Dragos Rotaru, Peter Scholl, and Nigel P. Smart. MPC-friendly symmetric key primitives. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria, October 24-28, 2016, pages 430-443, 2016. Google Scholar
  38. Jeffrey Hoffstein and Daniel Lieman. The Distribution of the Quadratic Symbol in Function Fields and a Faster Mathematical Stream Cipher. In Kwok-Yan Lam, Igor Shparlinski, Huaxiong Wang, and Chaoping Xing, editors, Cryptography and Computational Number Theory, pages 59-68, Basel, 2001. Birkhäuser Basel. Google Scholar
  39. Yuval Ishai. Randomization Techniques for Secure Computation. In Secure Multi-Party Computation, volume 10 of Cryptology and Information Security Series, pages 222-248. IOS Press, 2013. Google Scholar
  40. Yuval Ishai and Eyal Kushilevitz. Randomizing Polynomials: A New Representation with Applications to Round-Efficient Secure Computation. In 41st Annual Symposium on Foundations of Computer Science, FOCS 2000, 12-14 November 2000, Redondo Beach, California, USA, pages 294-304. IEEE Computer Society, 2000. URL: https://doi.org/10.1109/SFCS.2000.892118.
  41. Gábor Ivanyos, Marek Karpinski, Miklos Santha, Nitin Saxena, and Igor E. Shparlinski. Polynomial Interpolation and Identity Testing from High Powers Over Finite Fields. Algorithmica, 80(2):560-575, 2018. Google Scholar
  42. Jonathan Katz and Yehuda Lindell. Introduction to Modern Cryptography, Second Edition. CRC Press, 2014. Google Scholar
  43. Dmitry Khovratovich. Key recovery attacks on the Legendre PRFs within the birthday bound. IACR Cryptology ePrint Archive, 2019:862, 2019. Google Scholar
  44. Joe Kilian. Founding Cryptography on Oblivious Transfer. In Janos Simon, editor, Proceedings of the 20th Annual ACM Symposium on Theory of Computing, May 2-4, 1988, Chicago, Illinois, USA, pages 20-31. ACM, 1988. URL: https://doi.org/10.1145/62212.62215.
  45. O B Lupanov. A Method for Synthesizing Circuits. Radiofizika, 1958. Google Scholar
  46. Christian Mauduit. Finite and infinite pseudorandom binary words. Theor. Comput. Sci., 273(1-2):249-261, 2002. Google Scholar
  47. Christian Mauduit and András Sárközy. On Finite Pseudorandom Binary Sequences, VI,(On Sequences). Monatshefte für Mathematik, 130(4):281-298, September 2000. URL: https://doi.org/10.1007/s006050070028.
  48. Moni Naor and Omer Reingold. Number-theoretic Constructions of Efficient Pseudo-random Functions. In 38th Annual Symposium on Foundations of Computer Science, FOCS '97, Miami Beach, Florida, USA, October 19-22, 1997, pages 458-467, 1997. Google Scholar
  49. Eduard Ivanovich Nečiporuk. On a Boolean function. In Dokl. Akad. Nauk SSSR, volume 169, pages 765-766, 1966. Google Scholar
  50. Ryan O'Donnell. Analysis of Boolean Functions. Cambridge University Press, New York, NY, USA, 2014. Google Scholar
  51. Igor Carboni Oliveira and Rahul Santhanam. Conspiracies Between Learning Algorithms, Circuit Lower Bounds, and Pseudorandomness. In Computational Complexity Conference, volume 79 of LIPIcs, pages 18:1-18:49. Schloss Dagstuhl - Leibniz-Zentrum fuer Informatik, 2017. Google Scholar
  52. Rene Peralta. On the distribution of quadratic residues and nonresidues modulo a prime number. Mathematics of Computation, 58(197):433-440, 1992. Google Scholar
  53. Alexander A. Razborov and Steven Rudich. Natural Proofs. J. Comput. Syst. Sci., 55(1):24-35, 1997. Google Scholar
  54. Christian Rechberger, Hadi Soleimany, and Tyge Tiessen. Cryptanalysis of Low-Data Instances of Full LowMCv2. IACR Trans. Symmetric Cryptol., 2018(3):163-181, 2018. URL: https://doi.org/10.13154/tosc.v2018.i3.163-181.
  55. Joël Rivat and András Sárközy. On Pseudorandom Sequences and Their Application. In Rudolf Ahlswede, Lars Bäumer, Ning Cai, Harout K. Aydinian, Vladimir M. Blinovsky, Christian Deppe, and Haik Mashurian, editors, General Theory of Information Transfer and Combinatorics, volume 4123 of Lecture Notes in Computer Science, pages 343-361. Springer, 2006. URL: https://doi.org/10.1007/11889342_19.
  56. Alexander Russell and Igor E. Shparlinski. Classical and quantum function reconstruction via character evaluation. J. Complexity, 20(2-3):404-422, 2004. URL: https://doi.org/10.1016/j.jco.2003.08.019.
  57. John E. Savage. Models of computation - exploring the power of computing. Addison-Wesley, 1998. Google Scholar
  58. Rocco A. Servedio and Li-Yang Tan. What Circuit Classes Can Be Learned with Non-Trivial Savings? In ITCS, volume 67 of LIPIcs, pages 30:1-30:21. Schloss Dagstuhl - Leibniz-Zentrum fuer Informatik, 2017. Google Scholar
  59. C. E. Shannon. The synthesis of two-terminal switching circuits. The Bell System Technical Journal, 28(1):59-98, January 1949. URL: https://doi.org/10.1002/j.1538-7305.1949.tb03624.x.
  60. Igor E. Shparlinski. Private Communication, 2019. Google Scholar
  61. Wim van Dam. Quantum Algorithms for Weighing Matrices and Quadratic Residues. Algorithmica, 34(4):413-428, 2002. Google Scholar
  62. Wim van Dam and Sean Hallgren. Efficient Quantum Algorithms for Shifted Quadratic Character Problems. CoRR, quant-ph/0011067, 2000. URL: http://arxiv.org/abs/quant-ph/0011067.
  63. Wim van Dam, Sean Hallgren, and Lawrence Ip. Quantum Algorithms for Some Hidden Shift Problems. SIAM J. Comput., 36(3):763-778, 2006. Google Scholar
  64. Frederik Vercauteren. The Hidden Root Problem. In Pairing, volume 5209 of Lecture Notes in Computer Science, pages 89-99. Springer, 2008. Google Scholar
  65. Andrew Chi-Chih Yao. How to Generate and Exchange Secrets (Extended Abstract). In 27th Annual Symposium on Foundations of Computer Science, Toronto, Canada, 27-29 October 1986, pages 162-167. IEEE Computer Society, 1986. URL: https://doi.org/10.1109/SFCS.1986.25.
Questions / Remarks / Feedback
X

Feedback for Dagstuhl Publishing


Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail