Instantiating the Hash-then-evaluate paradigm: Strengthening PRFs, PCFs, and OPRFs.

IF 1.1 3区 计算机科学 Q3 COMPUTER SCIENCE, THEORY & METHODS
Chris Brzuska, Geoffroy Couteau, Christoph Egger, Pihla Karanko, Pierre Meyer
{"title":"Instantiating the Hash-then-evaluate paradigm: Strengthening PRFs, PCFs, and OPRFs.","authors":"Chris Brzuska, Geoffroy Couteau, Christoph Egger, Pihla Karanko, Pierre Meyer","doi":"10.1007/s12095-025-00825-3","DOIUrl":null,"url":null,"abstract":"<p><p>We instantiate the hash-then-evaluate paradigm for pseudorandom functions (PRFs), <math><mrow><mi>PRF</mi> <mo>(</mo> <mi>k</mi> <mo>,</mo> <mi>x</mi> <mo>)</mo> <mo>:</mo> <mo>=</mo> <mi>wPRF</mi> <mo>(</mo> <mi>k</mi> <mo>,</mo> <mi>RO</mi> <mo>(</mo> <mi>x</mi> <mo>)</mo> <mo>)</mo></mrow> </math> , which builds a PRF <math><mi>PRF</mi></math> from a weak PRF <math><mi>wPRF</mi></math> via a <i>public</i> pre-processing random oracle <math><mi>RO</mi></math> . In applications to secure multiparty computation (MPC), only the low-complexity <math><mi>wPRF</mi></math> performs secret-depending operations. Our construction replaces <math><mi>RO</mi></math> by <math><mrow><mi>f</mi> <mo>(</mo> <msub><mi>k</mi> <mi>H</mi></msub> <mo>,</mo> <mi>elf</mi> <mrow><mo>(</mo> <mi>x</mi> <mo>)</mo></mrow> <mo>)</mo></mrow> </math> , where <i>f</i> is a non-adaptive PRF and the key <math><msub><mi>k</mi> <mi>H</mi></msub> </math> is <i>public</i> and thus known to the distinguishing adversary. We show that, perhaps surprisingly, several existing weak PRF candidates are plausibly also secure when their inputs are generated by <math><mrow><mi>f</mi> <mo>(</mo> <msub><mi>k</mi> <mi>H</mi></msub> <mo>,</mo> <mi>elf</mi> <mrow><mo>(</mo> <mo>.</mo> <mo>)</mo></mrow> <mo>)</mo></mrow> </math> . Firstly, analogous cryptanalysis applies (because pseudorandomness of <i>f</i> implies good statistical properties) and/or secondly an attack against the weak PRF with such pseudorandom inputs generated by <i>f</i> would imply surprising results such as key agreement from the hardness of the high-noise version of the Learning Parity with Noise (LPN) when implementing both <math><mi>wPRF</mi></math> and <i>f</i> from this assumption. Our simple transformation of replacing <math><mrow><mi>RO</mi> <mo>(</mo> <mo>·</mo> <mo>)</mo></mrow> </math> public pre-processing by <math><mrow><mi>f</mi> <mo>(</mo> <msub><mi>k</mi> <mi>H</mi></msub> <mo>,</mo> <mi>elf</mi> <mrow><mo>(</mo> <mi>x</mi> <mo>)</mo></mrow> <mo>)</mo></mrow> </math> public pre-processing applies to the entire family of PRF-style functions. Specifically, we obtain results for oblivious PRFs, which are a core building block for password-based authenticated key exchange (PAKE) and private set intersection (PSI) protocols, and we also obtain results for pseudorandom correlation functions (PCF), which are a key tool for silent oblivious transfer (OT) extension.</p>","PeriodicalId":48936,"journal":{"name":"Cryptography and Communications-Discrete-Structures Boolean Functions and Sequences","volume":"17 5","pages":"1325-1366"},"PeriodicalIF":1.1000,"publicationDate":"2025-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.ncbi.nlm.nih.gov/pmc/articles/PMC12474740/pdf/","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Cryptography and Communications-Discrete-Structures Boolean Functions and Sequences","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1007/s12095-025-00825-3","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"2025/8/13 0:00:00","PubModel":"Epub","JCR":"Q3","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}
引用次数: 0

Abstract

We instantiate the hash-then-evaluate paradigm for pseudorandom functions (PRFs), PRF ( k , x ) : = wPRF ( k , RO ( x ) ) , which builds a PRF PRF from a weak PRF wPRF via a public pre-processing random oracle RO . In applications to secure multiparty computation (MPC), only the low-complexity wPRF performs secret-depending operations. Our construction replaces RO by f ( k H , elf ( x ) ) , where f is a non-adaptive PRF and the key k H is public and thus known to the distinguishing adversary. We show that, perhaps surprisingly, several existing weak PRF candidates are plausibly also secure when their inputs are generated by f ( k H , elf ( . ) ) . Firstly, analogous cryptanalysis applies (because pseudorandomness of f implies good statistical properties) and/or secondly an attack against the weak PRF with such pseudorandom inputs generated by f would imply surprising results such as key agreement from the hardness of the high-noise version of the Learning Parity with Noise (LPN) when implementing both wPRF and f from this assumption. Our simple transformation of replacing RO ( · ) public pre-processing by f ( k H , elf ( x ) ) public pre-processing applies to the entire family of PRF-style functions. Specifically, we obtain results for oblivious PRFs, which are a core building block for password-based authenticated key exchange (PAKE) and private set intersection (PSI) protocols, and we also obtain results for pseudorandom correlation functions (PCF), which are a key tool for silent oblivious transfer (OT) extension.

实例化Hash-then-evaluate范式:加强prf、pcf和oprf。
我们实例化了伪随机函数(PRF)的哈希然后求值范式,PRF (k, x): = wPRF (k, RO (x)),它通过公共预处理随机oracle RO从弱PRF wPRF构建PRF PRF。在保护多方计算(MPC)的应用程序中,只有低复杂度的wPRF执行依赖于秘密的操作。我们的构造将RO替换为f (k H, elf (x)),其中f是一个非自适应PRF,密钥k H是公开的,因此为区分对手所知。我们表明,也许令人惊讶的是,当它们的输入由f (k H, elf()生成时,几个现有的弱PRF候选对象似乎也是安全的。)。首先,应用类似的密码分析(因为f的伪随机性意味着良好的统计特性)和/或其次,使用由f生成的这种伪随机输入攻击弱PRF将意味着令人惊讶的结果,例如在实现wPRF和基于该假设的f时,高噪声版本的学习与噪声奇偶性(LPN)的硬度的密钥一致性。我们将RO(·)公共预处理替换为f (k H, elf (x))公共预处理的简单变换适用于整个prf风格函数族。具体地说,我们得到了作为基于密码的认证密钥交换(PAKE)和私有集交叉(PSI)协议核心构建块的无关prf的结果,以及作为无声无关传输(OT)扩展关键工具的伪随机相关函数(PCF)的结果。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
Cryptography and Communications-Discrete-Structures Boolean Functions and Sequences
Cryptography and Communications-Discrete-Structures Boolean Functions and Sequences COMPUTER SCIENCE, THEORY & METHODS-MATHEMATICS, APPLIED
CiteScore
2.50
自引率
7.10%
发文量
66
期刊介绍: The scope of the journal focuses on discrete structures used in stream and block ciphers in symmetric cryptography; code division multiple access in communications; and random number generation for statistics, cryptography and numerical methods. In particular, papers covering Boolean functions and sequences, without excluding any other discrete structure used in cryptography and communications, such as finite fields and other algebraic structures, are strongly encouraged.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信