Cryptology ePrint Archive: Report 2014/914

Cryptography with One-Way Communication

Sanjam Garg and Yuval Ishai and Eyal Kushilevitz and Rafail Ostrovsky and Amit Sahai

Abstract: There is a large body of work on using noisy communication channels for realizing different cryptographic tasks. In particular, it is known that secure message transmission can be achieved unconditionally using only {\em one-way} communication from the sender to the receiver. In contrast, known solutions for more general secure computation tasks inherently require interaction, even when the entire input originates from the sender.

We initiate a general study of cryptographic protocols over noisy channels in a setting where only one party speaks. In this setting, we show that the landscape of what a channel is useful for is much richer. Concretely, we obtain the following results.

[-] Relationships between channels. The binary erasure channel (BEC) and the binary symmetric channel (BSC), which are known to be securely reducible to each other in the interactive setting, turn out to be qualitatively different in the setting of one-way communication. In particular, a BEC cannot be implemented from a BSC, and while the erasure probability of a BEC can be manipulated in both directions, the crossover probability of a BSC can only be manipulated in one direction.

[-] Zero-knowledge proofs and secure computation of deterministic functions. One-way communication over BEC or BSC is sufficient for securely realizing any deterministic (possibly reactive) functionality which takes its inputs from a sender and delivers its outputs to a receiver. This provides the first truly non-interactive solutions to the problem of zero-knowledge proofs.

[-] Secure computation of randomized functions. One-way communication over BEC or BSC {\em cannot} be used for realizing general randomized functionalities which take input from a sender and deliver output to a receiver. On the other hand, one-way communication over other natural channels, such as bursty erasure channels, can be used to realize such functionalities. This type of protocols can be used for distributing certified cryptographic keys without revealing the keys to the certification authority.

Category / Keywords: foundations / secure computation, noisy channels

Original Publication (with minor differences): IACR-CRYPTO-2015

Date: received 5 Nov 2014, last revised 15 Jul 2015

Contact author: sanjamg at berkeley edu

Available format(s): PDF | BibTeX Citation

Version: 20150715:070642 (All versions of this report)

Short URL: ia.cr/2014/914

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]