Fast cryptographic primitives and circular-secure encryption based on hard learning problems.

*(English)*Zbl 1252.94044
Halevi, Shai (ed.), Advances in cryptology – CRYPTO 2009. 29th annual international cryptology conference, Santa Barbara, CA, USA, August 16–20, 2009. Proceedings. Berlin: Springer (ISBN 978-3-642-03355-1/pbk). Lecture Notes in Computer Science 5677, 595-618 (2009).

Summary: The well-studied task of learning a linear function with errors is a seemingly hard problem and the basis for several cryptographic schemes. Here we demonstrate additional applications that enjoy strong security properties and a high level of efficiency. Namely, we construct:

1. Public-key and symmetric-key cryptosystems that provide security for key-dependent messages and enjoy circular security. Our schemes are highly efficient: in both cases the ciphertext is only a constant factor larger than the plaintext, and the cost of encryption and decryption is only \(n\cdot \text{polylog} (n)\) bit operations per message symbol in the public-key case, and polylog\( (n)\) bit operations in the symmetric-case.

2. Two efficient pseudorandom objects: a “weak randomized pseudorandom function” – a relaxation of standard PRF – that can be computed obliviously via a simple protocol, and a length-doubling pseudorandom generator that can be computed by a circuit of \(n \cdot \text{polylog} (n)\) size. The complexity of our pseudorandom generator almost matches the complexity of the fastest known construction (Applebaum et al., RANDOM 2006), which runs in linear time at the expense of relying on a nonstandard intractability assumption.

Our constructions and security proofs are simple and natural, and involve new techniques that may be of independent interest. In addition, by combining our constructions with prior ones, we get fast implementations of several other primitives and protocols.

For the entire collection see [Zbl 1173.94004].

1. Public-key and symmetric-key cryptosystems that provide security for key-dependent messages and enjoy circular security. Our schemes are highly efficient: in both cases the ciphertext is only a constant factor larger than the plaintext, and the cost of encryption and decryption is only \(n\cdot \text{polylog} (n)\) bit operations per message symbol in the public-key case, and polylog\( (n)\) bit operations in the symmetric-case.

2. Two efficient pseudorandom objects: a “weak randomized pseudorandom function” – a relaxation of standard PRF – that can be computed obliviously via a simple protocol, and a length-doubling pseudorandom generator that can be computed by a circuit of \(n \cdot \text{polylog} (n)\) size. The complexity of our pseudorandom generator almost matches the complexity of the fastest known construction (Applebaum et al., RANDOM 2006), which runs in linear time at the expense of relying on a nonstandard intractability assumption.

Our constructions and security proofs are simple and natural, and involve new techniques that may be of independent interest. In addition, by combining our constructions with prior ones, we get fast implementations of several other primitives and protocols.

For the entire collection see [Zbl 1173.94004].

##### MSC:

94A60 | Cryptography |