Paper 2021/864
A Fast and Simple Partially Oblivious PRF, with Applications
Nirvan Tyagi, Sofı́a Celi, Thomas Ristenpart, Nick Sullivan, Stefano Tessaro, and Christopher A. Wood
Abstract
We build the first construction of a partially oblivious pseudorandom function (POPRF) that does not rely on bilinear pairings. Our construction can be viewed as combining elements of the 2HashDH OPRF of Jarecki, Kiayias, and Krawczyk with the Dodis-Yampolskiy PRF. We analyze our POPRF’s security in the random oracle model via reduction to a new one-more gap strong Diffie-Hellman inversion assumption. The most significant technical challenge is establishing confidence in the new assumption, which requires new proof techniques that enable us to show that its hardness is implied by the $q$-DL assumption in the algebraic group model. Our new construction is as fast as the current, standards-track OPRF 2HashDH protocol, yet provides a new degree of flexibility useful in a variety of applications. We show how POPRFs can be used to prevent token hoarding attacks against Privacy Pass, reduce key management complexity in the OPAQUE password authenticated key exchange protocol, and ensure stronger security for password breach alerting services.
Metadata
- Available format(s)
-
PDF
- Category
- Cryptographic protocols
- Publication info
- Preprint. MINOR revision.
- Keywords
- verifiable oblivious pseudorandom functionsDiffie-Hellman inversionanonymous tokensblind signatures
- Contact author(s)
- nirvan tyagi @ gmail com
- History
- 2021-10-06: revised
- 2021-06-24: received
- See all versions
- Short URL
- https://ia.cr/2021/864
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2021/864,
author = {Nirvan Tyagi and Sofı́a Celi and Thomas Ristenpart and Nick Sullivan and Stefano Tessaro and Christopher A. Wood},
title = {A Fast and Simple Partially Oblivious {PRF}, with Applications},
howpublished = {Cryptology {ePrint} Archive, Paper 2021/864},
year = {2021},
url = {https://eprint.iacr.org/2021/864}
}
