[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

What a lovely hat

Is it made out of tin foil?

Paper 2023/1145

Instantiating the Hash-Then-Evaluate Paradigm: Strengthening PRFs, PCFs, and OPRFs.

Chris Brzuska, Aalto University
Geoffroy Couteau, Université Paris Cité, CNRS, IRIF
Christoph Egger, Université Paris Cité, CNRS, IRIF
Pihla Karanko, Aalto University
Pierre Meyer, Université Paris Cité, CNRS, IRIF, Reichman University, Aarhus University
Abstract

We instantiate the hash-then-evaluate paradigm for pseudorandom functions (PRFs), $\mathsf{PRF}(k, x) := \mathsf{wPRF}(k, \mathsf{RO}(x))$, which builds a PRF $\mathsf{PRF}$ from a weak PRF $\mathsf{wPRF}$ via a public preprocessing random oracle $\mathsf{RO}$. In applications to secure multiparty computation (MPC), only the low-complexity wPRF performs secret-depending operations. Our construction replaces RO by $f(k_H , \mathsf{elf}(x))$, where $f$ is a non-adaptive PRF and the key $k_H$ is public and thus known to the distinguishing adversary. We show that, perhaps surprisingly, several existing weak PRF candidates are plausibly also secure when their inputs are generated by $f(k_H , \mathsf{elf}(x))$. Firstly, analogous cryptanalysis applies (because pseudorandomness of $f$ implies good statistical properties) and/or secondly an attack against the weak PRF with such pseudorandom inputs generated by $f$ would imply surprising results such as key agreement from the hardness of the high-noise version of the Learning Parity with Noise (LPN) when implementing both wPRF and $f$ from this assumption. Our simple transformation of replacing RO(·) public pre-processing by $f(k_H , \mathsf{elf}(x))$ public preprocessing applies to the entire family of PRF-style functions. Specifically, we obtain results for oblivious PRFs, which are a core building block for password-based authenticated key exchange (PAKE) and private set intersection (PSI) protocols, and we also obtain results for pseudorandom correlation functions (PCF), which are a key tool for silent oblivious transfer (OT) extension.

Metadata
Available format(s)
PDF
Category
Foundations
Publication info
Published elsewhere. Major revision. 14th International Conference on Security and Cryptography for Networks – SCN 2024
Keywords
Random OraclesExtremely Lossy FunctionPseudorandom Correlation Function
Contact author(s)
chris brzuska @ aalto fi
couteau @ irif fr
christoph egger @ irif fr
pihla karanko @ aalto fi
pierre meyer @ irif fr
History
2024-08-24: revised
2023-07-24: received
See all versions
Short URL
https://ia.cr/2023/1145
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2023/1145,
      author = {Chris Brzuska and Geoffroy Couteau and Christoph Egger and Pihla Karanko and Pierre Meyer},
      title = {Instantiating the Hash-Then-Evaluate Paradigm: Strengthening {PRFs}, {PCFs}, and {OPRFs}.},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/1145},
      year = {2023},
      url = {https://eprint.iacr.org/2023/1145}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.