Tightly-Secure Pseudorandom Functions via Work Factor Partitioning

5 years 6 months ago
Tightly-Secure Pseudorandom Functions via Work Factor Partitioning
We introduce a new technique for tight security proofs called work factor partitioning. Using this technique in a modified version of the framework of D¨ottling and Schr¨oder (CRYPTO 2015), we obtain the first generic construction of tightly-secure pseudorandom functions (PRFs) from PRFs with small domain. By instantiating the small-domain PRFs with the Naor-Reingold function (FOCS 1997) or its generalization by Lewko and Waters (ACM CCS 2009), this yields the first fully-secure PRFs whose black-box security proof loses a factor of only O(log2 λ), where λ is the security parameter. Interestingly, our variant of the Naor-Reingold construction can be seen as a standard Naor-Reingold PRF (whose security proof has a loss of Θ(λ)), where a special encoding is applied to the input before it is processed. The tightness gain comes almost for free: the encoding is very efficiently computable and increases the length of the input only by a constant factor smaller than 2.
Tibor Jager
Added 03 Apr 2016
Updated 03 Apr 2016
Type Journal
Year 2016
Where IACR
Authors Tibor Jager
Comments (0)