By Topic

Cryptography in NC0

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
B. Applebaum ; Dept. of Comput. Sci., Technion, Haifa, Israel ; Y. Ishai ; E. Kushilevitz

We study the parallel time-complexity of basic cryptographic primitives such as one-way functions (OWFs) and pseudorandom generators (PRGs). Specifically, we study the possibility of computing instances of these primitives by NC0 circuits, in which each output bit depends on a constant number of input bits. Despite previous efforts in this direction, there has been no significant theoretical evidence supporting this possibility, which was posed as an open question in several previous works. We essentially settle this question by providing overwhelming positive evidence for the possibility of cryptography in NC0. Our main result is that every "moderately easy" OWF (resp., PRG), say computable in NC1, can be compiled into a corresponding OWF (resp., low-stretch PRG) in NC40, i.e. whose output bits each depend on at most 4 input bits. The existence of OWF and PRG in NC1 is a relatively mild assumption, implied by most number-theoretic or algebraic intractability assumptions commonly used in cryptography. Hence, the existence of OWF and PRG in NC0 follows from a variety of standard assumptions. A similar compiler can also be obtained for other cryptographic primitives such as one-way permutations, encryption, commitment, and collision-resistant flashing. The above results leave a small gap between the possibility of cryptography in NC40, and the known impossibility of implementing even OWF in NC20. We partially close this gap by providing evidence for the existence of OWF in NC30. Finally, our techniques can also be applied to obtain unconditionally provable constructions of non-cryptographic PRGs. In particular, we obtain e-biased generators in NC30, resolving an open question posed by Mossel et al. (2003), as well as a PRG for logspace in NC0. Our results make use of the machinery of randomizing polynomials which was originally motivated by questions in the domain of information-theoretic secure multiparty computation.

Published in:

Foundations of Computer Science, 2004. Proceedings. 45th Annual IEEE Symposium on

Date of Conference:

17-19 Oct. 2004