TY - GEN
T1 - Candidate weak pseudorandom functions in AC0 · MOD2
AU - Akavia, Adi
AU - Bogdanov, Andrej
AU - Guo, Siyao
AU - Kamath, Akshay
AU - Rosen, Alon
PY - 2014
Y1 - 2014
N2 - Pseudorandom functions (PRFs) play a fundamental role in symmetric-key cryptography. However, they are inherently complex and cannot be implemented in the class AC0(MOD2). Weak pseudorandom functions (weak PRFs) do not suffer from this complexity limitation, yet they suffice for many cryptographic applications. We study the minimal complexity requirements for constructing weak PRFs. To this end • We conjecture that the function family FA (x) = g (Ax), where A is a random square GF(2) matrix and g is a carefully chosen function of constant depth, is a weak PRF. In support of our conjecture, we show that functions in this family are inapproximable by GF(2) polynomials of low degree and do not correlate with any fixed Boolean function family of subexponential size. • We study the class AC0 · MOD2 that captures the complexity of our construction. We conjecture that all functions in this class have a Fourier coefficient of magnitude exp(-poly log n) and prove this conjecture in the case when the MOD2 function is typical. • We investigate the relation between the hardness of learning noisy parities and the existence of weak PRFs in AC0 · MOD2. We argue that such a complexity-driven approach can play a role in bridging the gap between the theory and practice of cryptography.
AB - Pseudorandom functions (PRFs) play a fundamental role in symmetric-key cryptography. However, they are inherently complex and cannot be implemented in the class AC0(MOD2). Weak pseudorandom functions (weak PRFs) do not suffer from this complexity limitation, yet they suffice for many cryptographic applications. We study the minimal complexity requirements for constructing weak PRFs. To this end • We conjecture that the function family FA (x) = g (Ax), where A is a random square GF(2) matrix and g is a carefully chosen function of constant depth, is a weak PRF. In support of our conjecture, we show that functions in this family are inapproximable by GF(2) polynomials of low degree and do not correlate with any fixed Boolean function family of subexponential size. • We study the class AC0 · MOD2 that captures the complexity of our construction. We conjecture that all functions in this class have a Fourier coefficient of magnitude exp(-poly log n) and prove this conjecture in the case when the MOD2 function is typical. • We investigate the relation between the hardness of learning noisy parities and the existence of weak PRFs in AC0 · MOD2. We argue that such a complexity-driven approach can play a role in bridging the gap between the theory and practice of cryptography.
KW - Learning Parity with Noise
KW - Parallel Cryptography
KW - Weak Pseudorandom Functions
UR - http://www.scopus.com/inward/record.url?scp=84893233799&partnerID=8YFLogxK
U2 - 10.1145/2554797.2554821
DO - 10.1145/2554797.2554821
M3 - Conference contribution
AN - SCOPUS:84893233799
SN - 9781450322430
T3 - ITCS 2014 - Proceedings of the 2014 Conference on Innovations in Theoretical Computer Science
SP - 251
EP - 259
BT - ITCS 2014 - Proceedings of the 2014 Conference on Innovations in Theoretical Computer Science
PB - Association for Computing Machinery
T2 - 2014 5th Conference on Innovations in Theoretical Computer Science, ITCS 2014
Y2 - 12 January 2014 through 14 January 2014
ER -