Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
Thunderella: Blockchains with Optimistic Instant Confirmation Kapitel lesen Erstes Kapitel lesen

2018 | OriginalPaper | Buchkapitel

Collision Resistant Hashing for Paranoids: Dealing with Multiple Collisions

verfasst von : Ilan Komargodski, Moni Naor, Eylon Yogev

Erschienen in: Advances in Cryptology – EUROCRYPT 2018

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

A collision resistant hash (CRH) function is one that compresses its input, yet it is hard to find a collision, i.e. a \(x_1 \ne x_2\) s.t. \(h(x_1) = h(x_2)\). Collision resistant hash functions are one of the more useful cryptographic primitives both in theory and in practice and two prominent applications are in signature schemes and succinct zero-knowledge arguments.
In this work we consider a relaxation of the above requirement that we call Multi-CRH: a function where it is hard to find \(x_1, x_2, \ldots , x_k\) which are all distinct, yet \( h(x_1) = h(x_2) = \cdots = h(x_k)\). We show that for some of the major applications of CRH functions it is possible to replace them by the weaker notion of a Multi-CRH, albeit at the price of adding interaction: we show a constant-round statistically-hiding commitment scheme with succinct interaction (committing to \(\mathsf {poly}(n)\) bits requires exchanging \(\tilde{O}(n)\) bits) that can be opened locally (without revealing the full string). This in turn can be used to provide succinct arguments for any \({\textsf {NP}}\) statement.
We formulate four possible worlds of hashing-related assumptions (in the spirit of Impagliazzo’s worlds). They are (1) Nocrypt, where no one-way functions exist, (2) Unihash, where one-way functions exist, and hence also UOWHFs and signature schemes, but no Multi-CRH functions exist, (3) Minihash, where Multi-CRH functions exist but no CRH functions exist, and (4) Hashomania, where CRH functions exist. We show that these four worlds are distinct in a black-box model: we show a separation of CRH from Multi-CRH and a separation of Multi-CRH from one-way functions.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel Multi-Collision Resistant Hash Functions and Their Applications
Nächstes Kapitel Synchronized Aggregate Signatures from the RSA Assumption
Fußnoten
1
The function \(h \in H\) can be sampled efficiently, it is easy to compute h(x) given h and x, however, given h it is hard to find \(x_1 \ne x_2\) s.t. \(h(x_1) = h(x_2)\).
 
2
A commitment scheme is a protocol where a sender commits to a string x in the “commit” phase and that later can be revealed at the opening phase. The two properties are binding and hiding: in what sense is the sender bound to the string x (computationally or information theoretically) and in what sense is x hidden from the receiver before the opening - statistically or computationally.
 
3
NIST is the National Institute of Standards and Technology, a US agency.
 
4
By “constant-round” we mean that for a \(c \in {\mathbb {N}}\) to commit to a string of length \(n^c\) using a compression function from 2n to n bits the number of rounds is a constant that depends on c.
 
5
For constant values of k, we give a 4-round computationally-binding commitment scheme with succinct communication (see Theorem 3).
 
6
This hierarchy translates to an infinite hierarchy of natural subclasses in \({\textsf {TFNP}}\). See the full version [38] for details.
 
7
Beyond the “birthday-like” algorithm that will take time \({2}^{n \cdot \frac{k-1}{k}}\) [35], where \(2^n\) is the size of the range. See [30] for very recent work in the quantum case.
 
8
In the bipartite Ramsey problem, the goal is to find a bi-clique or bi-independent set of size \(n/4\times n/4\) in a bipartite graph of size \(2^n\times 2^n\). The work of [39] showed that if this problem is hard, then there exists an (n / 4)-MCRH from n bits to n / 2 bits. Conversely, If a \(\sqrt{n}\)-MCRH mapping n bits to \(\sqrt{n}/8\) bits exists, then this problem is hard.
 
9
The original entropy approximation problem is the one obtained by replacing the min- and max-entropy with the Shannon entropy. It is known to be complete for the class of languages that have non-interactive statistical zero-knowledge proofs (NISZK) [17].
 
10
Starting out with such a weak primitive our methods will not yield a succinct commitment either.
 
11
For simplicity of presentation here, we ignore the cost of the description of h, so it will not significantly affect the size of the commitment.
 
12
A universal hash function is a function of families \({\mathcal G}=\{g:\{0,1\}^n\rightarrow \{0,1\}^{m}\}\) such that for any \(x,y\in \{0,1\}^n\) such that \(x\ne y\) it holds that \(\mathrm{Pr}_{g\leftarrow {\mathcal G}}[{g(x)=g(y)}]\le 2^{-m}\).
 
13
Our protocol from Sect. 5.1 has an additional linear dependence on c, but we will ignore this in this section to simplify notation.
 
14
The overhead in the key size can be improved if the pairwise hash function is replaced by an almost uniform hash function as described in Remark 2.
 
15
The concrete constant in our scheme is roughly 6 but we did not try to optimize it further.
 
16
The function \(\kappa (i)\) counts the number of times 2 divides i, that is, for \(i \ge 1\), \(\kappa (i)\) is the largest integer \(\kappa \) such that \(2^\kappa \) divides i.
 
Literatur
1.
Alon, N., Goldreich, O., Håstad, J., Peralta, R.: Simple construction of almost k-wise independent random variables. Random Struct. Algorithms 3(3), 289–304 (1992)MathSciNetCrossRefMATH
2.
Asharov, G., Segev, G.: Limits on the power of indistinguishability obfuscation and functional encryption. SIAM J. Comput. 45(6), 2117–2176 (2016)MathSciNetCrossRefMATH
3.
Barak, B.: How to go beyond the black-box simulation barrier. In: 42nd Annual Symposium on Foundations of Computer Science, FOCS, pp. 106–115. IEEE Computer Society (2001)
4.
5.
6.
Berman, I., Degwekar, A., Rothblum, R.D., Vasudevan, P.N.: Multi collision resistant hash functions and their applications. IACR Cryptology ePrint Archive 2017, 489 (2017)
7.
Bitansky, N., Kalai, Y.T., Paneth, O.: Multi-collision resistance: A paradigm for keyless hash functions. IACR Cryptology ePrint Archive 2017, 488 (2017)
8.
9.
10.
11.
Damgård, I., Pedersen, T.P., Pfitzmann, B.: On the existence of statistically hiding bit commitment schemes and fail-stop signatures. J. Cryptol. 10(3), 163–194 (1997)MathSciNetCrossRefMATH
12.
Damgård, I., Pedersen, T.P., Pfitzmann, B.: Statistical secrecy and multibit commitments. IEEE Trans. Inf. Theory 44(3), 1143–1151 (1998)MathSciNetCrossRefMATH
13.
14.
Gennaro, R., Gertner, Y., Katz, J., Trevisan, L.: Bounds on the efficiency of generic cryptographic constructions. SIAM J. Comput. 35(1), 217–246 (2005)MathSciNetCrossRefMATH
15.
Girault, M., Cohen, R., Campana, M.: A generalized birthday attack. In: Barstow, D., Brauer, W., Brinch Hansen, P., Gries, D., Luckham, D., Moler, C., Pnueli, A., Seegmüller, G., Stoer, J., Wirth, N., Günther, C.G. (eds.) EUROCRYPT 1988. LNCS, vol. 330, pp. 129–156. Springer, Heidelberg (1988). https://​doi.​org/​10.​1007/​3-540-45961-8_​12CrossRef
16.
17.
18.
Guruswami, V., Indyk, P.: Near-optimal linear-time codes for unique decoding and new list-decodable codes over smaller alphabets. In: Proceedings on 34th Annual ACM Symposium on Theory of Computing, pp. 812–821. ACM (2002)
19.
Guruswami, V., Indyk, P.: Linear time encodable and list decodable codes. In: Proceedings of the 35th Annual ACM Symposium on Theory of Computing, pp. 126–135. ACM (2003)
20.
21.
Guruswami, V., Sudan, M.: Improved decoding of Reed-Solomon and algebraic-geometry codes. IEEE Trans. Inf. Theory 45(6), 1757–1767 (1999)MathSciNetCrossRefMATH
22.
Guruswami, V., Umans, C., Vadhan, S.P.: Unbalanced expanders and randomness extractors from parvaresh-vardy codes. J. ACM 56(4), 20:1–20:34 (2009)
23.
Haitner, I., Hoch, J.J., Reingold, O., Segev, G.: Finding collisions in interactive protocols - tight lower bounds on the round and communication complexities of statistically hiding commitments. SIAM J. Comput. 44(1), 193–242 (2015)MathSciNetCrossRefMATH
24.
Haitner, I., Horvitz, O., Katz, J., Koo, C., Morselli, R., Shaltiel, R.: Reducing complexity assumptions for statistically-hiding commitment. J. Cryptol. 22(3), 283–310 (2009)MathSciNetCrossRefMATH
25.
26.
Haitner, I., Nguyen, M., Ong, S.J., Reingold, O., Vadhan, S.P.: Statistically hiding commitments and statistical zero-knowledge arguments from any one-way function. SIAM J. Comput. 39(3), 1153–1218 (2009)MathSciNetCrossRefMATH
27.
Håstad, J., Impagliazzo, R., Levin, L.A., Luby, M.: A pseudorandom generator from any one-way function. SIAM J. Comput. 28, 1364–1396 (1999)
28.
Hemenway, B., Ron-Zewi, N., Wootters, M.: Local list recovery of high-rate tensor codes & applications. In: 58th IEEE Annual Symposium on Foundations of Computer Science, FOCS, pp. 204–215. IEEE Computer Society (2017)
29.
30.
Hosoyamada, A., Sasaki, Y., Xagawa, K.: Quantum multicollision-finding algorithm. IACR Cryptology ePrint Archive 2017, 864 (2017)
31.
32.
Impagliazzo, R.: A personal view of average-case complexity. In: Proceedings of the Tenth Annual Structure in Complexity Theory Conference, pp. 134–147. IEEE Computer Society (1995)
33.
Impagliazzo, R., Levin, L.A., Luby, M.: Pseudo-random generation from one-way functions (extended abstracts). In: Proceedings of the 21st Annual ACM Symposium on Theory of Computing, pp. 12–24. ACM (1989)
34.
Impagliazzo, R., Luby, M.: One-way functions are essential for complexity based cryptography (extended abstract). In: 30th Annual Symposium on Foundations of Computer Science, FOCS, pp. 230–235. IEEE Computer Society (1989)
35.
36.
Katz, J., Koo, C.: On constructing universal one-way hash functions from arbitrary one-way functions. IACR Cryptology ePrint Archive 2005, 328 (2005)
37.
Kilian, J.: A note on efficient zero-knowledge proofs and arguments (extended abstract). In: STOC, pp. 723–732. ACM (1992)
38.
Komargodski, I., Naor, M., Yogev, E.: Collision resistant hashing for paranoids: Dealing with multiple collisions. IACR Cryptology ePrint Archive 2017, 486 (2017)
39.
Komargodski, I., Naor, M., Yogev, E.: White-box vs. black-box complexity of search problems: ramsey and graph property testing. In: 58th IEEE Annual Symposium on Foundations of Computer Science, FOCS, pp. 622–632 (2017)
40.
41.
42.
43.
44.
Naor, J., Naor, M.: Small-bias probability spaces: efficient constructions and applications. SIAM J. Comput. 22(4), 838–856 (1993)MathSciNetCrossRefMATH
45.
Naor, M., Ostrovsky, R., Venkatesan, R., Yung, M.: Perfect zero-knowledge arguments for NP using any one-way permutation. J. Cryptol. 11(2), 87–108 (1998)MathSciNetCrossRefMATH
46.
Naor, M., Yung, M.: Universal one-way hash functions and their cryptographic applications. In: Proceedings of the 21st Annual ACM Symposium on Theory of Computing, pp. 33–43. ACM (1989)
47.
Ngo, H.Q., Porat, E., Rudra, A.: Efficiently decodable compressed sensing by list-recoverable codes and recursion. In: 29th International Symposium on Theoretical Aspects of Computer Science, STACS. LIPIcs, vol. 14, pp. 230–241. Schloss Dagstuhl - Leibniz-Zentrum fuer Informatik (2012)
48.
Rompel, J.: One-way functions are necessary and sufficient for secure signatures. In: Proceedings of the 22nd Annual ACM Symposium on Theory of Computing, pp. 387–394. ACM (1990)
49.
50.
51.
52.
Ta-Shma, A.: Explicit, almost optimal, epsilon-balanced codes. In: Proceedings of the 49th Annual ACM SIGACT Symposium on Theory of Computing, STOC, pp. 238–251 (2017)
53.
54.
55.
Wegman, M.N., Carter, L.: New hash functions and their use in authentication and set equality. J. Comput. Syst. Sci. 22(3), 265–279 (1981)MathSciNetCrossRefMATH
Metadaten
Titel
Collision Resistant Hashing for Paranoids: Dealing with Multiple Collisions
verfasst von
Ilan Komargodski
Moni Naor
Eylon Yogev
Copyright-Jahr
2018
Buch
Advances in Cryptology – EUROCRYPT 2018

Print ISBN: 978-3-319-78374-1

Electronic ISBN: 978-3-319-78375-8

Copyright-Jahr: 2018

DOI
https://doi.org/10.1007/978-3-319-78375-8_6