On the Impossibility of Cryptography with Tamperable Randomness: Rafael Pass, Cornell.

9:30 am on Wednesday, March 19, 2014
11:00 am on Wednesday, March 19, 2014
MCS 137
Abstract: We initiate a study of the security of cryptographic primitives in the presence of efficient tampering attacks to the randomness of honest parties. More precisely, we consider p-tampering attackers that may efficiently tamper with each bit of the honest parties’ random tape with probability p, but have to do so in an “online” fashion. Our main result is a strong negative result: We show that any secure encryption scheme, bit commitment scheme, or zero-knowledge protocol can be “broken” with probability O(p) by a p-tampering attacker. The core of this result is a new Fourier analytic technique for biasing the output of bounded-value functions, which may be of independent interest. We also show that this result cannot be extended to primitives such as signature schemes and identification protocols: assuming the existence of one-way functions, such primitives can be made resilient to 1/poly-tampering attacks where n is the security parameter. Joint work with Per Austrin, Kai-Min Chung, Mohammad Mahmoody, Karn Seth