Paper 2015/869

New Realizations of Somewhere Statistically Binding Hashing and Positional Accumulators

Tatsuaki Okamoto, Krzysztof Pietrzak, Brent Waters, and Daniel Wichs

Abstract

A somewhere statistically binding (SSB) hash, introduced by Hubacek and Wichs (ITCS '15), can be used to hash a long string $x$ to a short digest $y=H_{\text{hk}}(x)$ using a public hashing-key $\text{hk}$. Furthermore, there is a way to set up the hash key $\text{hk}$ to make it statistically binding on some arbitrary hidden position $i$, meaning that: (1) the digest $y$ completely determines the $i$'th bit (or symbol) of $x$ so that all pre-images of $y$ have the same value in the $i$'th position, (2) it is computationally infeasible to distinguish the position $i$ on which $\text{hk}$ is statistically binding from any other position $i^{\prime }$. Lastly, the hash should have a local opening property analogous to Merkle-Tree hashing, meaning that given $x$ and $y=H_{\text{hk}}(x)$ it should be possible to create a short proof $\pi$ that certifies the value of the $i$'th bit (or symbol) of $x$ without having to provide the entire input $$. A similar primitive called a positional accumulator, introduced by Koppula, Lewko and Waters (STOC '15) further supports dynamic updates of the hashed value. These tools, which are interesting in their own right, also serve as one of the main technical components in several recent works building advanced applications from indistinguishability obfuscation (iO). The prior constructions of SSB hashing and positional accumulators required fully homomorphic encryption (FHE) and iO respectively. In this work, we give new constructions of these tools based on well studied number-theoretic assumptions such as DDH, Phi-Hiding and DCR, as well as a general construction from lossy/injective functions.