TY - GEN
T1 - Lossy functions do not amplify well
AU - Pietrzak, Krzysztof
AU - Rosen, Alon
AU - Segev, Gil
PY - 2012
Y1 - 2012
N2 - We consider the problem of amplifying the "lossiness" of functions. We say that an oracle circuit C*: {0,1}m → {0,1}* amplifies relative lossiness from ℓ/n to L/m if for every function f:{0,1}n → {0,1}n it holds that 1 If f is injective then so is Cf. 2 If f has image size of at most 2 n-ℓ, then Cf has image size at most 2m-L. The question is whether such C* exists for L/m ≫ ℓ/n. This problem arises naturally in the context of cryptographic "lossy functions," where the relative lossiness is the key parameter. We show that for every circuit C* that makes at most t queries to f, the relative lossiness of Cf is at most L/m ≤ ℓ/n + O(log t)/n. In particular, no black-box method making a polynomial t = poly(n) number of queries can amplify relative lossiness by more than an O(logn)/n additive term. We show that this is tight by giving a simple construction (cascading with some randomization) that achieves such amplification.
AB - We consider the problem of amplifying the "lossiness" of functions. We say that an oracle circuit C*: {0,1}m → {0,1}* amplifies relative lossiness from ℓ/n to L/m if for every function f:{0,1}n → {0,1}n it holds that 1 If f is injective then so is Cf. 2 If f has image size of at most 2 n-ℓ, then Cf has image size at most 2m-L. The question is whether such C* exists for L/m ≫ ℓ/n. This problem arises naturally in the context of cryptographic "lossy functions," where the relative lossiness is the key parameter. We show that for every circuit C* that makes at most t queries to f, the relative lossiness of Cf is at most L/m ≤ ℓ/n + O(log t)/n. In particular, no black-box method making a polynomial t = poly(n) number of queries can amplify relative lossiness by more than an O(logn)/n additive term. We show that this is tight by giving a simple construction (cascading with some randomization) that achieves such amplification.
UR - http://www.scopus.com/inward/record.url?scp=84858310873&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-28914-9_26
DO - 10.1007/978-3-642-28914-9_26
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:84858310873
SN - 9783642289132
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 458
EP - 475
BT - Theory of Cryptography - 9th Theory of Cryptography Conference, TCC 2012, Proceedings
T2 - 9th Theory of Cryptography Conference, TCC 2012
Y2 - 19 March 2012 through 21 March 2012
ER -