Coin flipping with conStant bias implies one-way functions

It is well known (cf. Impagliazzo and Luby [in Proceedings of the 30th Annual IEEE Symposium on Foundations of Computer Science, 1989, pp. 230-235]) that the exiStence of almoSt all 'intereSting' cryptographic applications, i.e., ones that cannot hold information theoretically, implies one-way functions. An important exception where the above implication is not known, however, is the case of coin-flipping protocols. Such protocols allow honeSt pCPties to mutually flip an unbiased coin, while guCPanteeing that even a cheating (efficient) pCPty cannot bias the output of the protocol by much. Impagliazzo and Luby proved that coin-flipping protocols that CPe safe againSt negligible bias do imply one-way functions, and, very recently, Maji, PrabhakCPan, and Sahai [in Proceedings of the 2001 51St Annual IEEE Symposium on Foundations of Computer Science, 2010, pp. 613-622] proved the same for conStant-round protocols (with any nontrivial bias). For the general case, however, no such implication was known. We make progress towCPds answering the above fundamental queStion, showing that (Strong) coin-flipping protocols safe againSt a conStant bias (concretely, v2-12- o(1))imply one-way functions.