Can we base cryptography on SZK-Hardness? Salil Vadhan Harvard University.

Slides:

Advertisements

Similar presentations

Constant-Round Private Database Queries Nenad Dedic and Payman Mohassel Boston UniversityUC Davis.

Advertisements

Impagliazzos Worlds in Arithmetic Complexity: A Progress Report Scott Aaronson and Andrew Drucker MIT 100% QUANTUM-FREE TALK (FROM COWS NOT TREATED WITH.

On Black-Box Separations in Cryptography Omer Reingold Closed captioning and other considerations provided by Tal Malkin, Luca Trevisan, and Salil Vadhan.

Efficient Private Approximation Protocols Piotr Indyk David Woodruff Work in progress.

On Black-Box Separations in Cryptography

On the Complexity of Parallel Hardness Amplification for One-Way Functions Chi-Jen Lu Academia Sinica, Taiwan.

Low-End Uniform Hardness vs. Randomness Tradeoffs for Arthur-Merlin Games. Ronen Shaltiel, University of Haifa Chris Umans, Caltech.

Lower Bounds for Non-Black-Box Zero Knowledge Boaz Barak (IAS*) Yehuda Lindell (IBM) Salil Vadhan (Harvard) *Work done while in Weizmann Institute. Short.

Are PCPs Inherent in Efficient Arguments? Guy Rothblum, MIT ) MSR-SVC ) IAS Salil Vadhan, Harvard University.

Efficiency vs. Assumptions in Secure Computation Yuval Ishai Technion & UCLA.

Average-case Complexity Luca Trevisan UC Berkeley.

Statistical Zero-Knowledge Arguments for NP from Any One-Way Function Salil Vadhan Minh Nguyen Shien Jin Ong Harvard University.

Derandomization & Cryptography Boaz Barak, Weizmann Shien Jin Ong, MIT Salil Vadhan, Harvard.

Approximate List- Decoding and Hardness Amplification Valentine Kabanets (SFU) joint work with Russell Impagliazzo and Ragesh Jaiswal (UCSD)

Inaccessible Entropy Iftach Haitner Microsoft Research Omer Reingold Weizmann & Microsoft Hoeteck Wee Queens College, CUNY Salil Vadhan Harvard University.

Inaccessible Entropy Iftach Haitner Microsoft Research Omer Reingold Weizmann Institute Hoeteck Wee Queens College, CUNY Salil Vadhan Harvard University.

1 Introduction to Complexity Classes Joan Feigenbaum Jan 18, 2007.

The Complexity of Zero-Knowledge Proofs Salil Vadhan Harvard University.

Semi-Honest to Malicious Oblivious-Transfer The Black-box Way Iftach Haitner Weizmann Institute of Science.

Inaccessible Entropy Iftach Haitner Microsoft Research Omer Reingold Weizmann & Microsoft Hoeteck Wee Queens College, CUNY Salil Vadhan Harvard University.

The Complexity of Zero Knowledge Salil Vadhan Harvard University.

On the Composition of Public- Coin Zero-Knowledge Protocols Rafael Pass (Cornell) Wei-Lung Dustin Tseng (Cornell) Douglas Wiktröm (KTH) 1.

Using Nondeterminism to Amplify Hardness Emanuele Viola Joint work with: Alex Healy and Salil Vadhan Harvard University.

Time vs Randomness a GITCS presentation February 13, 2012.

Two Query PCP with Sub-constant Error Dana Moshkovitz Princeton University Ran Raz Weizmann Institute 1.

Introductions for the “Weizmann Distinguished Lectures Day” by Oded Goldreich.

Lattice-Based Cryptography. Cryptographic Hardness Assumptions Factoring is hard Discrete Log Problem is hard  Diffie-Hellman problem is hard  Decisional.

Derandomization: New Results and Applications Emanuele Viola Harvard University March 2006.

Exact Learning of Boolean Functions with Queries Lisa Hellerstein Polytechnic University Brooklyn, NY AMS Short Course on Statistical Learning Theory,

1 The Future of Cryptography Salil Vadhan Harvard University.

1 CSE 417: Algorithms and Computational Complexity Winter 2001 Lecture 22 Instructor: Paul Beame.

ON THE PROVABLE SECURITY OF HOMOMORPHIC ENCRYPTION Andrej Bogdanov Chinese University of Hong Kong Bertinoro Summer School | July 2014 based on joint work.

On Everlasting Security in the Hybrid Bounded Storage Model Danny Harnik Moni Naor.

CS151 Complexity Theory Lecture 9 April 27, 2004.

Computational Entropy Joint works with Iftach Haitner (Tel Aviv), Thomas Holenstein (ETH Zurich), Omer Reingold (MSR-SVC), Hoeteck Wee (George Washington.

If NP languages are hard on the worst-case then it is easy to find their hard instances Danny Gutfreund, Hebrew U. Ronen Shaltiel, Haifa U. Amnon Ta-Shma,

Some Recent Progress in Combinatorial Statistics Elchanan Mossel, UC Berkeley + Weizmann Institute

Correlation testing for affine invariant properties on Shachar Lovett Institute for Advanced Study Joint with Hamed Hatami (McGill)

Impossibility and Feasibility Results for Zero Knowledge with Public Keys Joël Alwen Tech. Univ. Vienna AUSTRIA Giuseppe Persiano Univ. Salerno ITALY Ivan.

Ideal Lattices and Ring-LWE

A Linear Lower Bound on the Communication Complexity of Single-Server PIR Weizmann Institute of Science Israel Iftach HaitnerJonathan HochGil Segev.

Computational Entropy Joint works with Iftach Haitner (Tel Aviv), Thomas Holenstein (ETH Zurich), Omer Reingold (MSR-SVC), Hoeteck Wee (George Washington.

On Constructing Parallel Pseudorandom Generators from One-Way Functions Emanuele Viola Harvard University June 2005.

Using Nondeterminism to Amplify Hardness Emanuele Viola Joint work with: Alex Healy and Salil Vadhan Harvard University.

CRYPTOGRAPHY AND NP-HARDNESS Andrej Bogdanov Chinese University of Hong Kong Bertinoro Summer School | July 2014.

2012/1/25 Complete Problem for Perfect Zero-Knowledge Quantum Interactive Proof Jun Yan State Key Laboratory of Computer Science, Institute.

The computational complexity of entanglement detection Based on and With Gus Gutoski, Patrick Hayden, and Kevin Milner Mark M. Wilde.

On the Communication Complexity of SFE with Long Output Daniel Wichs (Northeastern) joint work with Pavel Hubáček.

Quantum Algorithms & Complexity

1 How to Prove that Minicrypt=Cryptomania (in the future) Danny Harnik Moni Naor.

Statistical Zero-Knowledge:

On Constructing Parallel Pseudorandom Generators from One-Way Functions Emanuele Viola Harvard University June 2005.

CS151 Complexity Theory Lecture 16 May 20, The outer verifier Theorem: NP  PCP[log n, polylog n] Proof (first steps): –define: Polynomial Constraint.

CRYPTOGRAPHY AND NP-HARDNESS Andrej Bogdanov Chinese University of Hong Kong MACS Foundations of Cryptography| January 2016.

Honest-Verifier Statistical Zero-Knowledge Equals General Statistical Zero-Knowledge Oded Goldreich (Weizmann) Amit Sahai (MIT) Salil Vadhan (MIT)

CRYPTOGRAPHIC HARDNESS OTHER FUNCTIONALITIES Andrej Bogdanov Chinese University of Hong Kong MACS Foundations of Cryptography| January 2016.

Pseudo-random generators Talk for Amnon ’ s seminar.

Statistical Zero-Knowledge Amit Sahai MIT Laboratory for Computer Science.

Lower Bounds on Assumptions behind Indistinguishability Obfuscation

Derandomization & Cryptography

CS154, Lecture 18:.

The Learning With Errors Problem

The Complexity of Zero Knowledge

Umans Complexity Theory Lectures

Robust PCPs of Proximity (Shorter PCPs, applications to Coding)

Quantum-security of commitment schemes and hash functions

Cryptographic Applications of Randomness Extractors

Identity Based Encryption from the Diffie-Hellman Assumption

Presentation transcript:

Can we base cryptography on SZK-Hardness? Salil Vadhan Harvard University

Obstacles to Crypto from NP-Hardness 1.NP * BPP ) NP hard on average? – Impossible via nonadaptive black-box reductions unless PH = AM Å coAM [BT] 2.NP hard on average ) OWF? Q: What if we replace NP by SZK?

Crypto from SZK-Hardness? 1.SZK * BPP ) SZK hard on average? – Impossible via nonadaptive black-box reductions unless PH = AM Å coAM [BT] 2.SZK hard on average ) OWF? – Yes! [O91]

Worst-case Complexity of SZK Thm [DGRV]: Complete Problem for SZK L, the class of problems having SZK proofs w/logspace verifier & simulator: “Given a degree 3 polynomial p : Z 2 n ! Z 2 m, approximate H(p(U n )) to within § 1 bit.” Pf: combine standard SZK reductions [GV99] w/randomizing polys [IK00,AIK04,GGHKR07].

Worst-Case/Avg-Case Reductions? Approach 1: show that some lattice problem (e.g. GapSVP poly(n) ) is SZK-complete. Approach 2: worst-case /avg-case reductions for approximating entropy of polynomials. – Entropy related to algebraic quantities over large fields [DGW07].

Average-Case Complexity of SZK [RV] SZK hard-on-average O(1)-round statistically hiding commitments 1-round statistical OT Collision-resistant Hashing 1-round PIR Homomorphic+ encryption Rerandomizable encryption O(1)-round statistical OT [NY89,DPP93] w/ perfect correctness Using [OV07] trivial [KO97] [PW08] Lossy trapdoor funcs [PW08] [IKO05] [PW08] folklore

More Research Questions Natural crypto primitive equivalent to avg- case hardness of SZK? Understand entropy of low-degree polys of small fields. More SZK L -complete problems?