TY - GEN
T1 - On the complexity of decomposable randomized encodings, or
T2 - 11th Innovations in Theoretical Computer Science Conference, ITCS 2020
AU - Ball, Marshall
AU - Holmgren, Justin
AU - Ishai, Yuval
AU - Liu, Tianren
AU - Malkin, Tal
N1 - Publisher Copyright:
© Marshall Ball, Justin Holmgren, Yuval Ishai, Tianren Liu, and Tal Malkin.
PY - 2020/1
Y1 - 2020/1
N2 - Garbling schemes, also known as decomposable randomized encodings (DRE), have found many applications in cryptography. However, despite a large body of work on constructing such schemes, very little is known about their limitations. We initiate a systematic study of the DRE complexity of Boolean functions, obtaining the following main results: Near-quadratic lower bounds. We use a classical lower bound technique of Nečiporuk [Dokl. Akad. Nauk SSSR’66] to show an Ω(n2/log n) lower bound on the size of any DRE for many explicit Boolean functions. For some natural functions, we obtain a corresponding upper bound, thus settling their DRE complexity up to polylogarithmic factors. Prior to our work, no superlinear lower bounds were known, even for non-explicit functions. Garbling-friendly PRFs. We show that any exponentially secure PRF has Ω(n2/log n) DRE size, and present a plausible candidate for a “garbling-optimal” PRF that nearly meets this bound. This candidate establishes a barrier for super-quadratic DRE lower bounds via natural proof techniques. In contrast, we show a candidate for a weak PRF with near-exponential security and linear DRE size. Our results establish several qualitative separations, including near-quadratic separations between computational and information-theoretic DRE size of Boolean functions, and between DRE size of weak vs. strong PRFs.
AB - Garbling schemes, also known as decomposable randomized encodings (DRE), have found many applications in cryptography. However, despite a large body of work on constructing such schemes, very little is known about their limitations. We initiate a systematic study of the DRE complexity of Boolean functions, obtaining the following main results: Near-quadratic lower bounds. We use a classical lower bound technique of Nečiporuk [Dokl. Akad. Nauk SSSR’66] to show an Ω(n2/log n) lower bound on the size of any DRE for many explicit Boolean functions. For some natural functions, we obtain a corresponding upper bound, thus settling their DRE complexity up to polylogarithmic factors. Prior to our work, no superlinear lower bounds were known, even for non-explicit functions. Garbling-friendly PRFs. We show that any exponentially secure PRF has Ω(n2/log n) DRE size, and present a plausible candidate for a “garbling-optimal” PRF that nearly meets this bound. This candidate establishes a barrier for super-quadratic DRE lower bounds via natural proof techniques. In contrast, we show a candidate for a weak PRF with near-exponential security and linear DRE size. Our results establish several qualitative separations, including near-quadratic separations between computational and information-theoretic DRE size of Boolean functions, and between DRE size of weak vs. strong PRFs.
KW - Private simultaneous messages
KW - Randomized encoding
UR - http://www.scopus.com/inward/record.url?scp=85078047369&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85078047369&partnerID=8YFLogxK
U2 - 10.4230/LIPIcs.ITCS.2020.86
DO - 10.4230/LIPIcs.ITCS.2020.86
M3 - Conference contribution
AN - SCOPUS:85078047369
T3 - Leibniz International Proceedings in Informatics, LIPIcs
BT - 11th Innovations in Theoretical Computer Science Conference, ITCS 2020
A2 - Vidick, Thomas
PB - Schloss Dagstuhl- Leibniz-Zentrum fur Informatik GmbH, Dagstuhl Publishing
Y2 - 12 January 2020 through 14 January 2020
ER -