TY - JOUR
T1 - More constructions of lossy and correlation-secure trapdoor functions
AU - Freeman, David Mandell
AU - Goldreich, Oded
AU - Kiltz, Eike
AU - Rosen, Alon
AU - Segev, Gil
N1 - National Science Foundation International Research Fellowship; Office of Multidisciplinary Activities in NSF Directorate for Mathematical and Physical Sciences; NSF Mathematical Sciences Postdoctoral Fellowship; Israel Science Foundation [1041/08, 334/08]; Sofja Kovalevskaja Award of Alexander von Humboldt Foundation; German Federal Ministry for Education and Research; Adams Fellowship Program of Israel Academy of Sciences and HumanitiesPart of David Mandell Freeman's research was conducted at CWI and Universiteit Leiden, Netherlands, and supported by a National Science Foundation International Research Fellowship, with additional support from the Office of Multidisciplinary Activities in the NSF Directorate for Mathematical and Physical Sciences. The remainder was supported by an NSF Mathematical Sciences Postdoctoral Fellowship.Oded Goldreich is partially supported by the Israel Science Foundation (grant No. 1041/08).Eike Kiltz is supported by a Sofja Kovalevskaja Award of the Alexander von Humboldt Foundation, funded by the German Federal Ministry for Education and Research. Part of this research was conducted at CWI and Universiteit Leiden, Netherlands.Alon Rosen is partially supported by the Israel Science Foundation (grant No. 334/08).Part of Gil Segev's research was conducted at the Weizmann Institute of Science, Israel, and supported by the Adams Fellowship Program of the Israel Academy of Sciences and Humanities.
PY - 2013/1
Y1 - 2013/1
N2 - We propose new and improved instantiations of lossy trapdoor functions (Peikert and Waters in STOC'08, pp. 187-196, 2008), and correlation-secure trapdoor functions (Rosen and Segev in TCC'09, LNCS, vol. 5444, pp. 419-436, 2009). Our constructions widen the set of number-theoretic assumptions upon which these primitives can be based, and are summarized as follows: Lossy trapdoor functions based on the quadratic residuosity assumption. Our construction relies on modular squaring, and whereas previous such constructions were based on seemingly stronger assumptions, we present the first construction that is based solely on the quadratic residuosity assumption. We also present a generalization to higher-order power residues. Lossy trapdoor functions based on the composite residuosity assumption. Our construction guarantees essentially any required amount of lossiness, where at the same time the functions are more efficient than the matrix-based approach of Peikert and Waters. Lossy trapdoor functions based on the d-Linear assumption. Our construction both simplifies the DDH-based construction of Peikert and Waters and admits a generalization to the whole family of d-Linear assumptions without any loss of efficiency. Correlation-secure trapdoor functions related to the hardness of syndrome decoding.
AB - We propose new and improved instantiations of lossy trapdoor functions (Peikert and Waters in STOC'08, pp. 187-196, 2008), and correlation-secure trapdoor functions (Rosen and Segev in TCC'09, LNCS, vol. 5444, pp. 419-436, 2009). Our constructions widen the set of number-theoretic assumptions upon which these primitives can be based, and are summarized as follows: Lossy trapdoor functions based on the quadratic residuosity assumption. Our construction relies on modular squaring, and whereas previous such constructions were based on seemingly stronger assumptions, we present the first construction that is based solely on the quadratic residuosity assumption. We also present a generalization to higher-order power residues. Lossy trapdoor functions based on the composite residuosity assumption. Our construction guarantees essentially any required amount of lossiness, where at the same time the functions are more efficient than the matrix-based approach of Peikert and Waters. Lossy trapdoor functions based on the d-Linear assumption. Our construction both simplifies the DDH-based construction of Peikert and Waters and admits a generalization to the whole family of d-Linear assumptions without any loss of efficiency. Correlation-secure trapdoor functions related to the hardness of syndrome decoding.
KW - Correlation-secure trapdoor functions
KW - Lossy trapdoor functions
KW - Public-key encryption
UR - http://www.scopus.com/inward/record.url?scp=84878511341&partnerID=8YFLogxK
U2 - 10.1007/s00145-011-9112-3
DO - 10.1007/s00145-011-9112-3
M3 - مقالة
SN - 0933-2790
VL - 26
SP - 39
EP - 74
JO - Journal of Cryptology
JF - Journal of Cryptology
IS - 1
ER -