Periodic Reporting for period 4 - CLC (Cryptography with Low Complexity)
Reporting period: 2019-11-01 to 2021-10-31
The efficiency of cryptographic constructions is a fundamental question. Theoretically, it is important to understand how many computational resources are needed to guarantee strong notions of security. Practically, highly efficient schemes are always desirable for real-world applications including ones that provide privacy to individuals. More generally, the possibility of cryptography with low complexity has wide applications for problems in computational complexity, combinatorial optimization, and computational learning theory.
In this project, we aim to understand what are the minimal computational resources needed to perform basic cryptographic tasks. In a nutshell, we focus on three main objectives.
First, we would like to get a better understanding of the cryptographic hardness of random local functions. Such functions can be computed by highly-efficient circuits and their cryptographic hardness provides a strong and clean formulation for the conjectured average-case hardness of constraint satisfaction problems—a fundamental subject which lies at the core of the theory of computer science. Our second objective is to harness our insights into the hardness of local functions to improve the efficiency of basic cryptographic building blocks such as pseudorandom functions. Finally, our third objective addresses the power of garbled circuits -- an important cryptographic tool for secure computation. The goal is to expand our theoretical understanding of garbled circuit, study their limitations, and improve their efficiency.
The project bridges across different regions of computer science such as random combinatorial structures, cryptography, and circuit complexity. It is expected to impact central problems in cryptography while enriching the general landscape of theoretical computer science.
In this project, we aim to understand what are the minimal computational resources needed to perform basic cryptographic tasks. In a nutshell, we focus on three main objectives.
First, we would like to get a better understanding of the cryptographic hardness of random local functions. Such functions can be computed by highly-efficient circuits and their cryptographic hardness provides a strong and clean formulation for the conjectured average-case hardness of constraint satisfaction problems—a fundamental subject which lies at the core of the theory of computer science. Our second objective is to harness our insights into the hardness of local functions to improve the efficiency of basic cryptographic building blocks such as pseudorandom functions. Finally, our third objective addresses the power of garbled circuits -- an important cryptographic tool for secure computation. The goal is to expand our theoretical understanding of garbled circuit, study their limitations, and improve their efficiency.
The project bridges across different regions of computer science such as random combinatorial structures, cryptography, and circuit complexity. It is expected to impact central problems in cryptography while enriching the general landscape of theoretical computer science.
Overall, we have made good progress in the project with respect to all three research goals which resulted in relatively high number of publications (14 journal papers, 22 conference papers and a book chapter) in leading venues. We continue with a brief summary of the achievements.
Objective 1:
•In FOCS’19, we showed that one can construct highly unbalanced constant-degree expanders via a probabilistic construction with negligible failure probability. We further showed how to use this result to amplify the indistinguishability parameter of local pseudorandom generators leading to the first construction of a polynomial-stretch locally-computable pseudorandom generator based on the one-wayness of random local functions.
•In FOCS’17, we related the hardness of Random Local Functions to a new exciting conjecture from complexity theory (Gap-Exponential-Time-Hypothesis), and gave a new transformation from one-wayness to pseudorandomness that can be applied to random local functions while preserving exponential hardness.
•In STOC’16, we study the security of Random Local Functions against linear attacks and a new class of algebraic attacks in the high-end regime in which the output length is polynomial in the input length. We fully characterize which predicates provide security against such attacks, and refute previous conjectures.
• We also published a survey (Springer’s Computational Complexity) that describes the state of the art of Cryptographic Hardness of Random Local Functions and suggests new directions for research and open questions.
Objective 2:
• In CRYPTO ’17, we proposed an arithmetic variant of random local functions, and showed that it can be used to obtain the first secure protocol for arithmetic computation with constant computational overhead. An actively-secure variant of this protocol (joint with Konstantini) is currently under submission
• In ITCS2017, we use the intractability of sparse linear codes to obtain the first constructions of low-complexity collision resistant hash functions. The resulting functions have linear shrinkage and constant locality, leading to linear-size circuit implementation.
• In TCC16B, we construct low-complexity Pseudorandom Functions (PRFs) based on the hardness of random local functions. This includes weak PRFs which can be computed in linear time of on a RAM machine with O(logn) word size, or by a depth-3 circuit with unbounded fan-in AND and OR gates (AC0 circuit). We also obtain standard PRFs that can be computed by a quasilinear size circuit or by a constant-depth circuit with unbounded fan-in AND, OR and Majority gates (TC0).
Objective 3. Obtain better understanding of the complexity of Garbled Circuits.
•Arithmetic Cryptography. In JACM’17, we study the possibility of computing cryptographic primitives in a fully black-box arithmetic model over a finite field F. We show that most cryptographic tasks can be implemented in this model. However, in some cases (e.g. garbled circuits) a larger communication complexity is required. This reveals a qualitative difference between the standard Boolean model and the arithmetic model, and explains, in retrospect, some of the limitations of previous constructions.
•Private Simultaneous Messages (PSM) Protocols and Statistical Randomized Encodings (SRE). In a sequence of works (Journal of Cryptology 2017, Computational Complexity 2018, Journal of Cryptology 2020), we studied the complexity of PSM and SRE, relate them to Zero-Information Arthur–Merlin Protocols and to Statistical Zero-Knowledge, and improved the existing lower-bounds for such protocols.
•Lower-bounds against information-theoretic garbled circuits. In (Computational Complexity 2016), we presented the first constructions of incompressible functions and related objects. These results are used to derive a new lower-bound on the online communication of garbled circuits. Conditional impossibility results against actively-secure garbled circuits were proved in TCC 2021 (with Goel).
•We published a survey (as a book chapter) on Garbled Circuits and their view as Randomized Encoding of Functions.
•Conditional Disclosure of Secrets. In a sequence of works (SICOMP 2021, ACM Trans. Comput. Theory 2020, Journal of Cryptology 2021) we study a weak variant of garbled circuit known as Conditional Disclosure of Secrets. We establish several positive and negative results regarding the complexity of CDS including closure properties, amplification theorems, amortization results, and lower bounds and separations.
•Secret Sharing schemes. In a sequence of works (EUROCRYPT2019, STOC2020, Crypto 2021, ITCS 2021) we improved the complexity of developed new methods for generalized secret sharing schemes that lead to significant improvements over the state of the art, and derived some limitations to these new tools.
•Secure Multiparty Protocols with low round complexity. In a sequence of works (SICOMP 2021, EUROCRYPT 2019, ITCS 2020, FOCS 2020, TCC 2020), we studied the round complexity of information-theoretic secure computation and derived tight lower-bounds and upper-bounds for various settings including the case of perfect security with optimal resiliency.
Objective 1:
•In FOCS’19, we showed that one can construct highly unbalanced constant-degree expanders via a probabilistic construction with negligible failure probability. We further showed how to use this result to amplify the indistinguishability parameter of local pseudorandom generators leading to the first construction of a polynomial-stretch locally-computable pseudorandom generator based on the one-wayness of random local functions.
•In FOCS’17, we related the hardness of Random Local Functions to a new exciting conjecture from complexity theory (Gap-Exponential-Time-Hypothesis), and gave a new transformation from one-wayness to pseudorandomness that can be applied to random local functions while preserving exponential hardness.
•In STOC’16, we study the security of Random Local Functions against linear attacks and a new class of algebraic attacks in the high-end regime in which the output length is polynomial in the input length. We fully characterize which predicates provide security against such attacks, and refute previous conjectures.
• We also published a survey (Springer’s Computational Complexity) that describes the state of the art of Cryptographic Hardness of Random Local Functions and suggests new directions for research and open questions.
Objective 2:
• In CRYPTO ’17, we proposed an arithmetic variant of random local functions, and showed that it can be used to obtain the first secure protocol for arithmetic computation with constant computational overhead. An actively-secure variant of this protocol (joint with Konstantini) is currently under submission
• In ITCS2017, we use the intractability of sparse linear codes to obtain the first constructions of low-complexity collision resistant hash functions. The resulting functions have linear shrinkage and constant locality, leading to linear-size circuit implementation.
• In TCC16B, we construct low-complexity Pseudorandom Functions (PRFs) based on the hardness of random local functions. This includes weak PRFs which can be computed in linear time of on a RAM machine with O(logn) word size, or by a depth-3 circuit with unbounded fan-in AND and OR gates (AC0 circuit). We also obtain standard PRFs that can be computed by a quasilinear size circuit or by a constant-depth circuit with unbounded fan-in AND, OR and Majority gates (TC0).
Objective 3. Obtain better understanding of the complexity of Garbled Circuits.
•Arithmetic Cryptography. In JACM’17, we study the possibility of computing cryptographic primitives in a fully black-box arithmetic model over a finite field F. We show that most cryptographic tasks can be implemented in this model. However, in some cases (e.g. garbled circuits) a larger communication complexity is required. This reveals a qualitative difference between the standard Boolean model and the arithmetic model, and explains, in retrospect, some of the limitations of previous constructions.
•Private Simultaneous Messages (PSM) Protocols and Statistical Randomized Encodings (SRE). In a sequence of works (Journal of Cryptology 2017, Computational Complexity 2018, Journal of Cryptology 2020), we studied the complexity of PSM and SRE, relate them to Zero-Information Arthur–Merlin Protocols and to Statistical Zero-Knowledge, and improved the existing lower-bounds for such protocols.
•Lower-bounds against information-theoretic garbled circuits. In (Computational Complexity 2016), we presented the first constructions of incompressible functions and related objects. These results are used to derive a new lower-bound on the online communication of garbled circuits. Conditional impossibility results against actively-secure garbled circuits were proved in TCC 2021 (with Goel).
•We published a survey (as a book chapter) on Garbled Circuits and their view as Randomized Encoding of Functions.
•Conditional Disclosure of Secrets. In a sequence of works (SICOMP 2021, ACM Trans. Comput. Theory 2020, Journal of Cryptology 2021) we study a weak variant of garbled circuit known as Conditional Disclosure of Secrets. We establish several positive and negative results regarding the complexity of CDS including closure properties, amplification theorems, amortization results, and lower bounds and separations.
•Secret Sharing schemes. In a sequence of works (EUROCRYPT2019, STOC2020, Crypto 2021, ITCS 2021) we improved the complexity of developed new methods for generalized secret sharing schemes that lead to significant improvements over the state of the art, and derived some limitations to these new tools.
•Secure Multiparty Protocols with low round complexity. In a sequence of works (SICOMP 2021, EUROCRYPT 2019, ITCS 2020, FOCS 2020, TCC 2020), we studied the round complexity of information-theoretic secure computation and derived tight lower-bounds and upper-bounds for various settings including the case of perfect security with optimal resiliency.
In all the above fronts we have made progress beyond the state of the art.