Advertisement

On Basing Search SIVP on NP-Hardness

  • Tianren LiuEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11239)

Abstract

The possibility of basing cryptography on the minimal assumption \(\mathbf{NP }\nsubseteq \mathbf{BPP }\) is at the very heart of complexity-theoretic cryptography. The closest we have gotten so far is lattice-based cryptography whose average-case security is based on the worst-case hardness of approximate shortest vector problems on integer lattices. The state-of-the-art is the construction of a one-way function (and collision-resistant hash function) based on the hardness of the \(\tilde{O}(n)\)-approximate shortest independent vector problem \({\textsf {SIVP}}_{\tilde{O}(n)}\).

Although \({\textsf {SIVP}}\) is NP-hard in its exact version, Guruswami et al. (CCC 2004) showed that \({\textsf {gapSIVP}}_{\sqrt{n/\log n}}\) is in \(\mathbf{NP } \cap \mathbf{coAM }\) and thus unlikely to be \(\mathbf{NP }\)-hard. Indeed, any language that can be reduced to \({\textsf {gapSIVP}}_{\tilde{O}(\sqrt{n})}\) (under general probabilistic polynomial-time adaptive reductions) is in \(\mathbf{AM } \cap \mathbf{coAM }\) by the results of Peikert and Vaikuntanathan (CRYPTO 2008) and Mahmoody and Xiao (CCC 2010). However, none of these results apply to reductions to search problems, still leaving open a ray of hope: can \(\mathbf{NP }\) be reduced to solving search SIVP with approximation factor \(\tilde{O}(n)\)?

We eliminate such possibility, by showing that any language that can be reduced to solving search \({\textsf {SIVP}}\) with any approximation factor \(\lambda (n) = \omega (n\log n)\) lies in AM intersect coAM.

Notes

Acknowledgments

I am grateful to my advisor, Vinod Vaikuntanathan, for getting me started on the topic of NP-hardness and separations. I am indebted to Adam Sealfon, Prashant Nalini Vasudevan, Srinivasan Raghuraman and Akshay Degwekar for their extensive help with the writing of this article. I would like to thank the anonymous reviewers for their careful reading and insightful comments.

References

  1. [AGGM06]
    Akavia, A., Goldreich, O., Goldwasser, S., Moshkovitz, D.: On basing one-way functions on NP-hardness. In: Kleinberg, J.M. (ed.) Proceedings of the 38th Annual ACM Symposium on Theory of Computing, 21–23 May 2006, Seattle, WA, USA, pp. 701–710. ACM (2006)Google Scholar
  2. [Ajt96]
    Ajtai, M.: Generating hard instances of lattice problems (extended abstract). In: Miller, G.L. (ed.) Proceedings of the Twenty-Eighth Annual ACM Symposium on the Theory of Computing, 22–24 May 1996, Philadelphia, Pennsylvania, USA, pp. 99–108. ACM (1996)Google Scholar
  3. [AR04]
    Aharonov, D., Regev, O.: Lattice problems in NP \(\cap \) coNP. In: Proceedings of 45th Symposium on Foundations of Computer Science, FOCS 2004, 17–19 October 2004, Rome, Italy [DBL04], pp. 362–371 (2004)Google Scholar
  4. [Ban93]
    Banaszczyk, W.: New bounds in some transference theorems in the geometry of numbers. Math. Ann. 296(1), 625–635 (1993)MathSciNetCrossRefGoogle Scholar
  5. [BB15]
    Bogdanov, A., Brzuska, C.: On basing size-verifiable one-way functions on NP-hardness. In: Dodis, Y., Nielsen, J.B. (eds.) TCC 2015. LNCS, vol. 9014, pp. 1–6. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-46494-6_1CrossRefGoogle Scholar
  6. [BL13]
    Bogdanov, A., Lee, C.H.: Limits of provable security for homomorphic encryption. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 111–128. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-40041-4_7CrossRefGoogle Scholar
  7. [BLP+13]
    Brakerski, Z., Langlois, A., Peikert, C., Regev, O., Stehlé, D.: Classical hardness of learning with errors. In: Boneh, D., Roughgarden, T., Feigenbaum, J. (eds.) Symposium on Theory of Computing Conference, STOC 2013, 1–4 June 2013, Palo Alto, CA, USA, pp. 575–584. ACM (2013)Google Scholar
  8. [Bra79]
    Brassard, G.: Relativized cryptography. In: 20th Annual Symposium on Foundations of Computer Science, 29–31 October 1979, San Juan, Puerto Rico, pp. 383–391. IEEE Computer Society (1979)Google Scholar
  9. [BS99]
    Blömer, J., Seifert, J.P.: On the complexity of computing short linearly independent vectors and short bases in a lattice. In: Vitter, J.S., Larmore, L.L., Leighton, F.T (eds.) Proceedings of the Thirty-First Annual ACM Symposium on Theory of Computing, 1–4 May 1999, Atlanta, Georgia, USA, pp. 711–720. ACM (1999)Google Scholar
  10. [BT06]
    Bogdanov, A., Trevisan, L.: On worst-case to average-case reductions for NP problems. SIAM J. Comput. 36(4), 1119–1159 (2006)MathSciNetCrossRefGoogle Scholar
  11. [DBL04]
    In: Proceedings of 45th Symposium on Foundations of Computer Science, FOCS 2004, 17–19 October 2004, Rome, Italy. IEEE Computer Society (2004)Google Scholar
  12. [FF91]
    Feigenbaum, J., Fortnow, L.: On the random-self-reducibility of complete sets. In: Proceedings of the Sixth Annual Structure in Complexity Theory Conference, 30 June–3 July 1991, Chicago, Illinois, USA, pp. 124–132. IEEE Computer Society (1991)Google Scholar
  13. [GG98]
    Goldreich, O., Goldwasser, S.: On the possibility of basing cryptography on the assumption that \(P \ne NP\). IACR Cryptol. Eprint Arch. 1998, 5 (1998)Google Scholar
  14. [GG00]
    Goldreich, O., Goldwasser, S.: On the limits of nonapproximability of lattice problems. J. Comput. Syst. Sci. 60(3), 540–563 (2000)MathSciNetCrossRefGoogle Scholar
  15. [GMR04]
    Guruswami, V., Micciancio, D., Regev, O.: The complexity of the covering radius problem on lattices and codes. In: 19th Annual IEEE Conference on Computational Complexity, CCC 2004, 21–24 June 2004, Amherst, MA, USA, pp. 161–173. IEEE Computer Society (2004)Google Scholar
  16. [GPV08]
    Gentry, C., Peikert, C., Vaikuntanathan, V.: Trapdoors for hard lattices and new cryptographic constructions. In: Dwork, C. (ed.) Proceedings of the 40th Annual ACM Symposium on Theory of Computing, 17–20 May 2008, Victoria, British Columbia, Canada, pp. 197–206. ACM (2008)Google Scholar
  17. [GS86]
    Goldwasser, S., Sipser, M.: Private coins versus public coins in interactive proof systems. In: Proceedings of the Eighteenth Annual ACM Symposium on Theory of Computing, pp. 59–68. ACM (1986)Google Scholar
  18. [GV99]
    Goldreich, O., Vadhan, S.: Comparing entropies in statistical zero knowledge with applications to the structure of SZK. In: Proceedings of Fourteenth Annual IEEE Conference on Computational Complexity, pp. 54–73. IEEE (1999)Google Scholar
  19. [LV16]
    Liu, T., Vaikuntanathan, V.: On basing private information retrieval on NP-hardness. In: Kushilevitz, E., Malkin, T. (eds.) TCC 2016. LNCS, vol. 9562, pp. 372–386. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-49096-9_16CrossRefGoogle Scholar
  20. [MR04]
    Micciancio, D., Regev, O.: Worst-case to average-case reductions based on Gaussian measures. In: Proceedings of 45th Symposium on Foundations of Computer Science, FOCS 2004, 17–19 October 2004, Rome, Italy [DBL04], pp. 372–381 (2014)Google Scholar
  21. [MV03]
    Micciancio, D., Vadhan, S.P.: Statistical Zero-knowledge proofs with efficient provers: lattice problems and more. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 282–298. Springer, Heidelberg (2003).  https://doi.org/10.1007/978-3-540-45146-4_17CrossRefGoogle Scholar
  22. [MX10]
    Mahmoody, M., Xiao, D.: On the power of randomized reductions and the checkability of SAT. In: 2010 IEEE 25th Annual Conference on Computational Complexity (CCC), pp. 64–75. IEEE (2010)Google Scholar
  23. [PV08]
    Peikert, C., Vaikuntanathan, V.: Noninteractive statistical zero-knowledge proofs for lattice problems. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 536–553. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-85174-5_30CrossRefGoogle Scholar
  24. [Reg09]
    Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. J. ACM 56(6), 34:1–34:40 (2009)MathSciNetCrossRefGoogle Scholar

Copyright information

© International Association for Cryptologic Research 2018

Authors and Affiliations

  1. 1.MITCambridgeUSA

Personalised recommendations