A Cookbook for Black-Box Separations and a Recipe for UOWHFs

  • Kfir Barhum
  • Thomas Holenstein
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7785)


We present a new framework for proving fully black-box separations and lower bounds. We prove a general theorem that facilitates the proofs of fully black-box lower bounds from a one-way function (OWF).

Loosely speaking, our theorem says that in order to prove that a fully black-box construction does not securely construct a cryptographic primitive Q (e.g., a pseudo-random generator or a universal one-way hash function) from a OWF, it is enough to come up with a large enough set of functions \(\mathcal{F}\) and a parameterized oracle (i.e., an oracle that is defined for every f ε{0,1} n  → {0,1} n ) such that \(\mathcal{O}_{f}\) breaks the security of the construction when instantiated with f and the oracle satisfies two local properties.

Our main application of the theorem is a lower bound of Ω(n/log(n)) on the number of calls made by any fully black-box construction of a universal one-way hash function (UOWHF) from a general one-way function. The bound holds even when the OWF is regular, in which case it matches to a recent construction of Barhum and Maurer [4].


Complexity-Based Cryptography One-Way Functions Universal One-Way Hash Functions Black-Box Constructions Lower Bounds 


  1. 1.
    Ames, S., Gennaro, R., Venkitasubramaniam, M.: The Generalized Randomized Iterate and Its Application to New Efficient Constructions of UOWHFs from Regular One-Way Functions. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 154–171. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  2. 2.
    Barak, B.: How to go beyond the black-box simulation barrier. In: FOCS, pp. 106–115. IEEE Computer Society (2001)Google Scholar
  3. 3.
    Barhum, K., Holenstein, T.: A Cookbook for Black-Box Separations and a Recipe for UOWHFs. Full version available as ECCC report TR12-173Google Scholar
  4. 4.
    Barhum, K., Maurer, U.: UOWHFs from OWFs: Trading Regularity for Efficiency. In: Hevia, A., Neven, G. (eds.) LATINCRYPT 2012. LNCS, vol. 7533, pp. 234–253. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  5. 5.
    Gennaro, R., Gertner, Y., Katz, J., Trevisan, L.: Bounds on the efficiency of generic cryptographic constructions. SIAM J. Comput. 35(1), 217–246 (2005)MathSciNetCrossRefzbMATHGoogle Scholar
  6. 6.
    Haitner, I., Hoch, J.J., Reingold, O., Segev, G.: Finding collisions in interactive protocols - a tight lower bound on the round complexity of statistically-hiding commitments. In: FOCS, pp. 669–679. IEEE Computer Society (2007)Google Scholar
  7. 7.
    Haitner, I., Holenstein, T.: On the (Im)Possibility of Key Dependent Encryption. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 202–219. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  8. 8.
    Haitner, I., Holenstein, T., Reingold, O., Vadhan, S., Wee, H.: Universal One-Way Hash Functions via Inaccessible Entropy. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 616–637. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  9. 9.
    Holenstein, T., Sinha, M.: Constructing a pseudorandom generator requires an almost linear number of calls. CoRR, abs/1205.4576 (2012)Google Scholar
  10. 10.
    Impagliazzo, R., Rudich, S.: Limits on the provable consequences of one-way permutations. In: STOC, pp. 44–61. ACM (1989)Google Scholar
  11. 11.
    Kim, J.H., Simon, D.R., Tetali, P.: Limits on the efficiency of one-way permutation-based hash functions. In: FOCS, pp. 535–542. IEEE Computer Society (1999)Google Scholar
  12. 12.
    Naor, M., Yung, M.: Universal one-way hash functions and their cryptographic applications. In: STOC, pp. 33–43. ACM (1989)Google Scholar
  13. 13.
    Reingold, O., Trevisan, L., Vadhan, S.P.: Notions of Reducibility between Cryptographic Primitives. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 1–20. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  14. 14.
    Rompel, J.: One-way functions are necessary and sufficient for secure signatures. In: STOC, pp. 387–394. ACM (1990)Google Scholar
  15. 15.
    Rosen, A., Segev, G.: Chosen-ciphertext security via correlated products. SIAM J. Comput. 39(7), 3058–3088 (2010)MathSciNetCrossRefzbMATHGoogle Scholar
  16. 16.
    Shoup, V.: A Composition Theorem for Universal One-Way Hash Functions. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 445–452. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  17. 17.
    Simon, D.R.: Findings Collisions on a One-Way Street: Can Secure Hash Functions Be Based on General Assumptions? In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 334–345. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  18. 18.
    Yao, A.C.-C.: Theory and applications of trapdoor functions (extended abstract). In: FOCS, pp. 80–91. IEEE Computer Society (1982)Google Scholar

Copyright information

© International Association for Cryptologic Research 2013

Authors and Affiliations

  • Kfir Barhum
    • 1
  • Thomas Holenstein
    • 1
  1. 1.Department of Computer ScienceETH ZurichZurichSwitzerland

Personalised recommendations