### Combiners for Backdoored Random Oracles

Balthazar Bauer, Pooya Farshim, and Sogol Mazaheri

##### Abstract

We formulate and study the security of cryptographic hash functions in the backdoored random-oracle (BRO) model, whereby a big brother designs a "good" hash function, but can also see arbitrary functions of its table via backdoor capabilities. This model captures intentional (and unintentional) weaknesses due to the existence of collision-finding or inversion algorithms, but goes well beyond them by allowing, for example, to search for structured preimages. The latter can easily break constructions that are secure under random inversions. BROs make the task of bootstrapping cryptographic hardness somewhat challenging. Indeed, with only a single arbitrarily backdoored function no hardness can be bootstrapped as any construction can be inverted. However, when two (or more) independent hash functions are available, hardness emerges even with unrestricted and adaptive access to all backdoor oracles. At the core of our results lie new reductions from cryptographic problems to the communication complexities of various two-party tasks. Along the way we establish a communication complexity lower bound for set-intersection for cryptographically relevant ranges of parameters and distributions and where set-disjointness can be easy.

Available format(s)
Category
Foundations
Publication info
A major revision of an IACR publication in CRYPTO 2018
Keywords
random oraclecombinercommunication complexityset- disjointnessset-intersectionlower bounds
Contact author(s)
sogol mazaheri @ cryptoplexity de
History
Short URL
https://ia.cr/2018/770

CC BY

BibTeX

@misc{cryptoeprint:2018/770,
author = {Balthazar Bauer and Pooya Farshim and Sogol Mazaheri},
title = {Combiners for Backdoored Random Oracles},
howpublished = {Cryptology ePrint Archive, Paper 2018/770},
year = {2018},
note = {\url{https://eprint.iacr.org/2018/770}},
url = {https://eprint.iacr.org/2018/770}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.