Efficient range-trapdoor functions and applications: Rate-1 OT and more

Sanjam Garg; Mohammad Hajiabadi; Rafail Ostrovsky

doi:10.1007/978-3-030-64375-1_4

Efficient range-trapdoor functions and applications: Rate-1 OT and more

Sanjam Garg, Mohammad Hajiabadi, Rafail Ostrovsky

School of Electrical Engineering and Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

9 Scopus citations

Abstract

Substantial work on trapdoor functions (TDFs) has led to many powerful notions and applications. However, despite tremendous work and progress, all known constructions have prohibitively large public keys. In this work, we introduce new techniques for realizing so-called range-trapdoor hash functions with short public keys. This notion, introduced by Döttling et al. [Crypto 2019], allows for encoding a range of indices into a public key in a way that the public key leaks no information about the range, yet an associated trapdoor enables recovery of the corresponding input part. We give constructions of range-trapdoor hash functions, where for a given range I the public key consists of O(n) group elements, improving upon O(n|I|) achieved by Döttling et al. Moreover, by designing our evaluation algorithm in a special way involving Toeplitz matrix multiplication and by showing how to perform fast-Fourier transforms in the exponent, we arrive at O(nlog n) group operations for evaluation, improving upon O(n²), required of previous constructions. Our constructions rely on power-DDH assumptions in pairing-free groups. As applications of our results we obtain 1.The first construction of (rate-1) lossy TDFs with public keys consisting of a linear number of group elements (without pairings).2.Rate-1 string OT with receiver communication complexity of O(n) group elements, where n is the sender’s message size, improving upon O(n²) [Crypto 2019].3.Two-round private-information retrieval protocols for one-bit records, where for a server of N bits, the client’s message consists of O(λ) polylog(N) group elements, improving upon O(λ²) polylog(N).4.Semi-compact homomorphic encryption for branching programs: A construction of homomorphic encryption for branching programs, with ciphertexts consisting of O(λnd²) group elements, improving upon O(λ²nd³). Here λ denotes the security parameter, n the input size and d the depth of the program.

Original language	English (US)
Title of host publication	Theory of Cryptography - 18th International Conference, TCC 2020, Proceedings
Editors	Rafael Pass, Krzysztof Pietrzak
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	88-116
Number of pages	29
ISBN (Print)	9783030643744
DOIs	https://doi.org/10.1007/978-3-030-64375-1_4
State	Published - 2020
Event	18th International Conference on Theory of Cryptography, TCCC 2020 - Durham, United States Duration: Nov 16 2020 → Nov 19 2020

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	12550 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	18th International Conference on Theory of Cryptography, TCCC 2020
Country/Territory	United States
City	Durham
Period	11/16/20 → 11/19/20

All Science Journal Classification (ASJC) codes

Theoretical Computer Science
General Computer Science

Access to Document

10.1007/978-3-030-64375-1_4

Cite this

Garg, S., Hajiabadi, M., & Ostrovsky, R. (2020). Efficient range-trapdoor functions and applications: Rate-1 OT and more. In R. Pass, & K. Pietrzak (Eds.), Theory of Cryptography - 18th International Conference, TCC 2020, Proceedings (pp. 88-116). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 12550 LNCS). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-030-64375-1_4

Garg, Sanjam ; Hajiabadi, Mohammad ; Ostrovsky, Rafail. / Efficient range-trapdoor functions and applications : Rate-1 OT and more. Theory of Cryptography - 18th International Conference, TCC 2020, Proceedings. editor / Rafael Pass ; Krzysztof Pietrzak. Springer Science and Business Media Deutschland GmbH, 2020. pp. 88-116 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{dd0a2121f2654ab796fe1d90e2c112b4,

title = "Efficient range-trapdoor functions and applications: Rate-1 OT and more",

abstract = "Substantial work on trapdoor functions (TDFs) has led to many powerful notions and applications. However, despite tremendous work and progress, all known constructions have prohibitively large public keys. In this work, we introduce new techniques for realizing so-called range-trapdoor hash functions with short public keys. This notion, introduced by D{\"o}ttling et al. [Crypto 2019], allows for encoding a range of indices into a public key in a way that the public key leaks no information about the range, yet an associated trapdoor enables recovery of the corresponding input part. We give constructions of range-trapdoor hash functions, where for a given range I the public key consists of O(n) group elements, improving upon O(n|I|) achieved by D{\"o}ttling et al. Moreover, by designing our evaluation algorithm in a special way involving Toeplitz matrix multiplication and by showing how to perform fast-Fourier transforms in the exponent, we arrive at O(nlog n) group operations for evaluation, improving upon O(n2), required of previous constructions. Our constructions rely on power-DDH assumptions in pairing-free groups. As applications of our results we obtain 1.The first construction of (rate-1) lossy TDFs with public keys consisting of a linear number of group elements (without pairings).2.Rate-1 string OT with receiver communication complexity of O(n) group elements, where n is the sender{\textquoteright}s message size, improving upon O(n2) [Crypto 2019].3.Two-round private-information retrieval protocols for one-bit records, where for a server of N bits, the client{\textquoteright}s message consists of O(λ) polylog(N) group elements, improving upon O(λ2) polylog(N).4.Semi-compact homomorphic encryption for branching programs: A construction of homomorphic encryption for branching programs, with ciphertexts consisting of O(λnd2) group elements, improving upon O(λ2nd3). Here λ denotes the security parameter, n the input size and d the depth of the program.",

author = "Sanjam Garg and Mohammad Hajiabadi and Rafail Ostrovsky",

note = "Publisher Copyright: {\textcopyright} International Association for Cryptologic Research 2020.; 18th International Conference on Theory of Cryptography, TCCC 2020 ; Conference date: 16-11-2020 Through 19-11-2020",

year = "2020",

doi = "10.1007/978-3-030-64375-1_4",

language = "English (US)",

isbn = "9783030643744",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "88--116",

editor = "Rafael Pass and Krzysztof Pietrzak",

booktitle = "Theory of Cryptography - 18th International Conference, TCC 2020, Proceedings",

address = "Germany",

}

Garg, S, Hajiabadi, M & Ostrovsky, R 2020, Efficient range-trapdoor functions and applications: Rate-1 OT and more. in R Pass & K Pietrzak (eds), Theory of Cryptography - 18th International Conference, TCC 2020, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 12550 LNCS, Springer Science and Business Media Deutschland GmbH, pp. 88-116, 18th International Conference on Theory of Cryptography, TCCC 2020, Durham, United States, 11/16/20. https://doi.org/10.1007/978-3-030-64375-1_4

Efficient range-trapdoor functions and applications: Rate-1 OT and more. / Garg, Sanjam; Hajiabadi, Mohammad; Ostrovsky, Rafail.
Theory of Cryptography - 18th International Conference, TCC 2020, Proceedings. ed. / Rafael Pass; Krzysztof Pietrzak. Springer Science and Business Media Deutschland GmbH, 2020. p. 88-116 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 12550 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Efficient range-trapdoor functions and applications

T2 - 18th International Conference on Theory of Cryptography, TCCC 2020

AU - Garg, Sanjam

AU - Hajiabadi, Mohammad

AU - Ostrovsky, Rafail

PY - 2020

Y1 - 2020

N2 - Substantial work on trapdoor functions (TDFs) has led to many powerful notions and applications. However, despite tremendous work and progress, all known constructions have prohibitively large public keys. In this work, we introduce new techniques for realizing so-called range-trapdoor hash functions with short public keys. This notion, introduced by Döttling et al. [Crypto 2019], allows for encoding a range of indices into a public key in a way that the public key leaks no information about the range, yet an associated trapdoor enables recovery of the corresponding input part. We give constructions of range-trapdoor hash functions, where for a given range I the public key consists of O(n) group elements, improving upon O(n|I|) achieved by Döttling et al. Moreover, by designing our evaluation algorithm in a special way involving Toeplitz matrix multiplication and by showing how to perform fast-Fourier transforms in the exponent, we arrive at O(nlog n) group operations for evaluation, improving upon O(n2), required of previous constructions. Our constructions rely on power-DDH assumptions in pairing-free groups. As applications of our results we obtain 1.The first construction of (rate-1) lossy TDFs with public keys consisting of a linear number of group elements (without pairings).2.Rate-1 string OT with receiver communication complexity of O(n) group elements, where n is the sender’s message size, improving upon O(n2) [Crypto 2019].3.Two-round private-information retrieval protocols for one-bit records, where for a server of N bits, the client’s message consists of O(λ) polylog(N) group elements, improving upon O(λ2) polylog(N).4.Semi-compact homomorphic encryption for branching programs: A construction of homomorphic encryption for branching programs, with ciphertexts consisting of O(λnd2) group elements, improving upon O(λ2nd3). Here λ denotes the security parameter, n the input size and d the depth of the program.

AB - Substantial work on trapdoor functions (TDFs) has led to many powerful notions and applications. However, despite tremendous work and progress, all known constructions have prohibitively large public keys. In this work, we introduce new techniques for realizing so-called range-trapdoor hash functions with short public keys. This notion, introduced by Döttling et al. [Crypto 2019], allows for encoding a range of indices into a public key in a way that the public key leaks no information about the range, yet an associated trapdoor enables recovery of the corresponding input part. We give constructions of range-trapdoor hash functions, where for a given range I the public key consists of O(n) group elements, improving upon O(n|I|) achieved by Döttling et al. Moreover, by designing our evaluation algorithm in a special way involving Toeplitz matrix multiplication and by showing how to perform fast-Fourier transforms in the exponent, we arrive at O(nlog n) group operations for evaluation, improving upon O(n2), required of previous constructions. Our constructions rely on power-DDH assumptions in pairing-free groups. As applications of our results we obtain 1.The first construction of (rate-1) lossy TDFs with public keys consisting of a linear number of group elements (without pairings).2.Rate-1 string OT with receiver communication complexity of O(n) group elements, where n is the sender’s message size, improving upon O(n2) [Crypto 2019].3.Two-round private-information retrieval protocols for one-bit records, where for a server of N bits, the client’s message consists of O(λ) polylog(N) group elements, improving upon O(λ2) polylog(N).4.Semi-compact homomorphic encryption for branching programs: A construction of homomorphic encryption for branching programs, with ciphertexts consisting of O(λnd2) group elements, improving upon O(λ2nd3). Here λ denotes the security parameter, n the input size and d the depth of the program.

UR - http://www.scopus.com/inward/record.url?scp=85098254147&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85098254147&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-64375-1_4

DO - 10.1007/978-3-030-64375-1_4

M3 - Conference contribution

AN - SCOPUS:85098254147

SN - 9783030643744

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 88

EP - 116

BT - Theory of Cryptography - 18th International Conference, TCC 2020, Proceedings

A2 - Pass, Rafael

A2 - Pietrzak, Krzysztof

PB - Springer Science and Business Media Deutschland GmbH

Y2 - 16 November 2020 through 19 November 2020

ER -

Garg S, Hajiabadi M, Ostrovsky R. Efficient range-trapdoor functions and applications: Rate-1 OT and more. In Pass R, Pietrzak K, editors, Theory of Cryptography - 18th International Conference, TCC 2020, Proceedings. Springer Science and Business Media Deutschland GmbH. 2020. p. 88-116. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-030-64375-1_4

Efficient range-trapdoor functions and applications: Rate-1 OT and more

Abstract

Publication series

Conference

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this