Paper 2009/486
Efficient Pseudorandom Functions From the Decisional Linear Assumption and Weaker Variants
Allison Lewko and Brent Waters
Abstract
In this paper, we generalize Naor and Reingold's construction of pseudorandom functions under the DDH Assumption to yield a construction of pseudorandom functions under the decisional $k$-Linear Assumption, for each $k\geq 1$. The decisional Linear Assumption was first introduced by Boneh, Boyen, and Shacham as an alternative assumption for settings where the DDH problem is easy, such as bilinear groups. This assumption can be generalized to obtain the decisional $k$-Linear Assumptions. Shacham and Hofheinz and Kiltz showed that the decisional $(k+1)$-Linear problem is hard for generic groups even when the decisional $k$-Linear problem is easy. It is thus desirable to have constructions of cryptographic primitives based on the decisional $k$-Linear Assumption instead of DDH. Not surprisingly, one must pay a small price for added security: as $k$ increases, our constructed functions become slightly less efficient to compute and the key size increases (quadratically in $k$).
Metadata
- Available format(s)
- Publication info
- Published elsewhere. this is a full version of a paper that will appear in CCS 2009
- Contact author(s)
- alewko @ cs utexas edu
- History
- 2009-10-16: last of 3 revisions
- 2009-10-05: received
- See all versions
- Short URL
- https://ia.cr/2009/486
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2009/486, author = {Allison Lewko and Brent Waters}, title = {Efficient Pseudorandom Functions From the Decisional Linear Assumption and Weaker Variants}, howpublished = {Cryptology {ePrint} Archive, Paper 2009/486}, year = {2009}, url = {https://eprint.iacr.org/2009/486} }