Public Randomness in Cryptography
The main contribution of this paper is the introduction of a formal notion of public randomness in the context of cryptography. We show how this notion affects the definition of the security of a cryptographic primitive and the definition of how much security is preserved when one cryptographic primitive is reduced to another. Previous works considered the public random bits as a part of the input, and security was parameterized in terms of the total length of the input. We parameterize security solely in terms of the length of the private input, and treat the public random bits as a separate resource. This separation allows us to independently address the important issues of how much security is preserved by a reduction and how many public random bits are used in the reduction.
To exemplify these new definitions, we present reductions from weak one-way permutations to one-way permutations with strong security preserving properties that are simpler than previously known reductions.
KeywordsSuccess Probability Turing Machine Standard Function Length Relationship Expander Graph
- 1.Goldreich, O., Impagliazzo, R., Levin, L., Venketesan, R., Zuckerman, D., “Security Preserving Amplification of Hardness”, Proceedings of the 31st IEEE Symposium on Foundations of Computer Science, pp. 318–326, 1990.Google Scholar
- 2.Phillips, S. J., “Security Preserving Hardness Amplification Using PRGs for Bounded Space-Preliminary Report”, unpublished manuscript, July 1992.Google Scholar
- 3.Luby, M., “Pseudorandomness and Applications”, monograph in progress.Google Scholar
- 4.Yao, A., “Theory and applications of trapdoor functions”, Proceedings of the 23rd IEEE Symposium on Foundations of Computer Science, pp. 80–91, 1982.Google Scholar