Limits on the Efficiency of One-Way Permutation-Based Hash Functions

14 years 3 months ago

Download research.microsoft.com

Naor and Yung show that a one-bit-compressing universal one-way hash function (UOWHF) can be constructed based on a one-way permutation. This construction can be iterated to build a UOWHF which compresses by n bits, at the cost of n invocations of the one-way permutation. We show that this construction is not far from optimal, in the following sense: there exists an oracle relative to which there exists a oneway permutation with inversion probability 2-p(n) (for any p(n) (log n)), but any construction of an n-bit-compressing UOWHF requires ( n/p(n)) invocations of the one-way permutation, on average. (For example, there exists in this relativized world a one-way permutation with inversion probability n-(1) , but no UOWHF that invokes it fewer than ( n/ log n) times.) Thus any proof that a more efficient UOWHF can be derived from a one-way permutation is necessarily non-relativizing; in particular, no provable construction of a more efficient UOWHF can exist based solely on a "b...

Jeong Han Kim, Daniel R. Simon, Prasad Tetali

Real-time Traffic

FOCS 1999 | Inversion Probability | One-way Permutations | Theoretical Computer Science | Universal One-way Hash Function |

claim paper

Post Info
More Details (n/a)

Added	03 Aug 2010
Updated	03 Aug 2010
Type	Conference
Year	1999
Where	FOCS
Authors	Jeong Han Kim, Daniel R. Simon, Prasad Tetali

Comments (0)

Sciweavers

Limits on the Efficiency of One-Way Permutation-Based Hash Functions

FOCS 1999 | Inversion Probability | One-way Permutations | Theoretical Computer Science | Universal One-way Hash Function |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers