# Finding Collisions in Interactive Protocols---Tight Lower Bounds on the Round and Communication Complexities of Statistically Hiding Commitments

## Abstract

*Advances in Cryptology---EUROCRYPT*'98, Lecture Notes in Comput. Sci. 1403, Springer, Berlin, 1998, pp. 334--345] to the setting of interactive protocols and the reconstruction paradigm of Gennaro and Trevisan [

*Proceedings of the 41st Annual Symposium on Foundations of Computer Science (FOCS)*, IEEE Press, Piscataway, NJ, 2000, pp. 305--313].

### Keywords

### MSC codes

## Get full access to this article

View all available purchase options and get full access to this article.

## References

*Priced oblivious transfer: How to sell digital goods*, in Advances in Cryptology---EUROCRYPT 2001, Lecture Notes in Comput. Sci. 2045, Springer, Berlin, 2001, pp. 119--135.

*One-way functions are essential for single-server private information retrieval*, in Proceedings of the 31st Annual ACM Symposium on Theory of Computing (STOC), ACM, New York, 1999, pp. 89--98.

*How to generate cryptographically strong sequences of pseudo-random bits*, SIAM J. Comput., 13 (1984), pp. 850--864.

*A discrete logarithm implementation of perfect zero-knowledge blobs*, J. Cryptology, 2 (1990), pp. 63--76.

*Limits on the power of zero-knowledge proofs in cryptographic constructions*, in Proceedings of the 8th Theory of Cryptography Conference, Lecture Notes in Comput. Sci. 6597, Springer, Berlin, 2011, pp. 559--578.

*Minimum disclosure proofs of knowledge*, J. Comput. System Sci., 37 (1988), pp. 156--189.

*Computationally private information retrieval with polylogarithmic communication*, in Advances in Cryptology---EUROCRYPT '99, Lecture Notes in Comput. Sci. 1592, Springer, Berlin, 1999, pp. 402--414.

*Black-box concurrent zero-knowledge requires (almost) logarithmically many rounds*, SIAM J. Comput., 32 (2002), pp. 1--47.

*Single database private information retrieval with logarithmic communication*, in Proceedings of the 9th Australasian Conference on Information Security and Privacy, 2004, pp. 50--61.

*Private information retrieval*, in Proceedings of the 36th Annual Symposium on Foundations of Computer Science (FOCS), IEEE Press, Piscataway, NJ, 1995, pp. 41--50.

*On the existence of statistically hiding bit-commitment schemes and fail-stop signatures*, J. Cryptology, 10 (1997), pp. 163--194.

*On the instantiability of hash-and-sign RSA signatures*, in Proceedings of the Ninth Theory of Cryptography Conference, Lecture Notes in Comput. Sci. 7194, Springer, Berlin, 2012, pp. 112--132.

*Concurrent zero-knowledge*, J. ACM, 51 (2004), pp. 851--898.

*A randomized protocol for signing contracts*, Comm. ACM, 28 (1985), pp. 637--647.

*On the impossibility of constructing non-interactive statistically-secret protocols from any trapdoor one-way function*, in Topics in Cryptology---The Cryptographers' Track at the RSA Conference, Lecture Notes in Comput. Sci. 2271, Springer, Berlin, 2002, pp. 79--95.

*Lower bounds on the efficiency of generic cryptographic constructions*, in Proceedings of the 41st Annual Symposium on Foundations of Computer Science (FOCS), IEEE Press, Piscataway, NJ, 2000, pp. 305--313.

*Lower bounds on the efficiency of encryption and digital signature schemes*, in Proceedings of the 35th Annual ACM Symposium on Theory of Computing (STOC), ACM, New York, 2003, pp. 417--425.

*Bounds on the efficiency of generic cryptographic constructions*, SIAM J. Comput., 35 (2005), pp. 217--246.

*Single-database private information retrieval with constant communication rate*, in Proceedings of the 32nd International Colloquium on Automata, Languages and Programming, Lecture Notes in Comput. Sci. 3580, Springer, Berlin, 2005, pp. 803--815.

*The relationship between public key encryption and oblivious transfer*, in Proceedings of the 41st Annual Symposium on Foundations of Computer Science (FOCS), IEEE Press, Piscataway, NJ, 2000, pp. 325--335.

*Foundations of Cryptography---Volume 1: Basic Tools*, Cambridge University Press, Cambridge, UK, 2001.

*Foundations of Cryptography---Volume 2: Basic Applications*, Cambridge University Press, Cambridge, UK, 2004.

*How to construct constant-round zero-knowledge proof systems for NP*, J. Cryptology, 9 (1996), pp. 167--190.

*On the composition of zero-knowledge proof systems*, SIAM J. Comput., 25 (1996), pp. 169--192.

*On the cryptographic applications of random functions*, in Advances in Cryptology---CRYPTO '84, Lecture Notes in Comput. Sci. 196, Springer, Berlin, 1984, pp. 276--288.

*How to construct random functions*, J. ACM, 33 (1986), pp. 792--807.

*How to play any mental game or a completeness theorem for protocols with honest majority*, in Proceedings of the 19th Annual ACM Symposium on Theory of Computing (STOC), ACM, New York, 1987, pp. 218--229.

*A digital signature scheme secure against adaptive chosen-message attacks*, SIAM J. Comput., 17 (1988), pp. 281--308.

*On the round complexity of zero-knowledge proofs based on one-way permutations*, in Progress in Cryptography---LATINCRYPT, Lecture Notes in Comput. Sci. 6212, Springer, Berlin, 2010, pp. 189--204.

*On the existence of 3-round zero-knowledge protocols*, in Advances in Cryptology---CRYPTO '98, Lecture Notes in Comput Sci. 1462, Springer, Berlin, 1998, pp. 408--423.

*Implementing oblivious transfer using collection of dense trapdoor permutations*, in Theory of Cryptography, First Theory of Cryptography Conference (TCC 2004), Lecture Notes in Comput. Sci. 2951, Springer, Berlin, 2004, pp. 394--409.

*On the (im)possibility of key dependent encryption*, in Theory of Cryptography, Sixth Theory of Cryptography Conference (TCC 2009), Lecture Notes in Comput. Sci. 5444, Springer, Berlin, 2009, pp. 220--237.

*A new interactive hashing theorem*, J. Cryptology, 27 (2014), pp. 109--138.

*A new interactive hashing theorem*, in Proceedings of the 22nd Annual IEEE Conference on Computational Complexity, IEEE Press, Piscataway, NJ, 2007, pp. 319--332.

*Reducing complexity assumptions for statistically-hiding commitment*, in Advances in Cryptology---EUROCRYPT 2005, Lecture Notes in Comput. Sci. 3494, Springer, Berlin, 2005, pp. 58--77.

*Finding collisions in interactive protocols---A tight lower bound on the round complexity of statistically hiding commitments*, in Proceedings of the 48th Annual Symposium on Foundations of Computer Science (FOCS), IEEE Press, Piscataway, NJ, 2007, pp. 669--679.

*A linear lower bound on the communication complexity of single-server private information retrieval*, in Theory of Cryptography, Fifth Theory of Cryptography Conference (TCC 2008), Lecture Notes in Comput. Sci. 4948, Springer, Berlin, 2008, pp. 445--464.

*Statistically hiding commitments and statistical zero-knowledge arguments from any one-way function*, SIAM J. Comput., 39 (2009), pp. 1153--1218\natexlaba.

*Inaccessible entropy*, in Proceedings of the 41st Annual ACM Symposium on Theory of Computing (STOC), ACM, New York, 2009, pp. 611--620\natexlabb.

*On basing constant-round statistically hiding commitments on np-hardness*, in Proceedings of the 24th Annual IEEE Conference on Computational Complexity, IEEE Press, Piscataway, NJ, 2010, pp. 76--87.

*A pseudorandom generator from any one-way function*, SIAM J. Comput., 28 (1999), pp. 1364--1396.

*Bounds on the efficiency of “black-box” commitment schemes*, in Proceedings of the 32nd International Colloquium on Automata, Languages and Programming, Lecture Notes in Comput. Sci. 3580, Springer, Berlin, 2005, pp. 128--139.

*Limits on the provable consequences of one-way permutations*, in Proceedings of the 21st Annual ACM Symposium on Theory of Computing (STOC), 1989, pp. 44--61.

*Founding cryptography on oblivious transfer*, in Proceedings of the 20th Annual ACM Symposium on Theory of Computing (STOC), ACM, New York, 1988, pp. 20--31.

*Lower bounds for concurrent zero knowledge*, Combinatorica, 25 (2005), pp. 217--249.

*Limits on the efficiency of one-way permutation-based hash functions*, in Proceedings of the 40th Annual Symposium on Foundations of Computer Science (FOCS), IEEE Press, Piscataway, NJ, 1999, pp. 535--542.

*Round-Efficient One-Way Permutation Based Perfectly Concealing Bit Commitment Scheme*, Reprot TR06-093, Electronic Colloquium on Computational Complexity, 2006. Available online at http://eccc.hpi-web.de/report/2006/093/

*Replication is NOT needed: SINGLE database, computationally-private information retrieval*, in Proceedings of the 38th Annual Symposium on Foundations of Computer Science (FOCS), IEEE Press, Piscataway, NJ, 1997, pp. 364--373.

*One-way trapdoor permutations are sufficient for non-trivial single-server private information retrieval*, in Advances in Cryptology---EUROCRYPT 2000, Lecture Notes in Comput. Sci. 1807, Springer, Berlin, 2000, pp. 104--121.

*Parallel coin-tossing and constant-round secure two-party computation*, J. Cryptology, 16 (2003), pp. 143--184.

*An oblivious transfer protocol with log-squared communication*, in Proceedings of the 8th International Conference on Information Security, Lecture Notes in Comput. Sci. 3650, Springer, Berlin, 2005, pp. 314--328.

*Pseudorandomness and Cryptographic Applications*, Princeton University Press, Princeton, NJ, 1996.

*How to construct pseudorandom permutations from pseudorandom functions*, SIAM J. Comput., 17 (1988), pp. 373--386.

*Bit commitment using pseudorandomness*, J. Cryptology, 4 (1991), pp. 151--158.

*Efficient oblivious transfer protocols*, in Proceedings of the 12th Annual Symposium on Discrete Algorithms (SODA), SIAM, Philadelphia, 2001, pp. 448--457.

*Universal one-way hash functions and their cryptographic applications*, in Proceedings of the 21st Annual ACM Symposium on Theory of Computing (STOC), ACM, New York, 1989, pp. 33--43.

*Perfect zero-knowledge arguments for NP using any one-way permutation*, J. Cryptology, 11 (1998), pp. 87--108.

*Statistical zero-knowledge arguments for NP from any one-way function*, in Proceedings of the 47th Annual Symposium on Foundations of Computer Science (FOCS), IEEE Press, Piscataway, NJ, 2006, pp. 3--14.

*A Survey of Single Database PIR: Techniques and Applications*, Cryptology ePrint Archive, Report 2007/059, 2007. Available online from https://eprint.iacr.org/2007/059.pdf.

*Private coins versus public coins in zero-knowledge proof systems*, in Theory of Cryptography, Seventh Theory of Cryptography Conference (TCC 2010), Lecture Notes in Comput. Sci. 5978, Springer, Berlin, 2010, pp. 588--605.

*Compression from collisions, or why CRHF combiners have a long output*, in Advances in Cryptology---CRYPTO 2008, Lecture Notes in Comput. Sci. 5157, Springer, Berlin, 2008, pp. 413--432.

*Lossy functions do not amplify well*, in Theory of Cryptography, Ninth Theory of Cryptography Conference (TCC 2012), Lecture Notes in Comput. Sci. 7194, Springer, Berlin, 2012, pp. 458--475.

*How to Exchange Secret by Oblivious Transfer*, Technical Report TR-81, Harvard University, Cambridge, MA, 1981.

*Notions of reducibility between cryptographic primitives*, in Theory of Cryptography, First Theory of Cryptography Conference (TCC 2004), Lecture Notes in Comput. Sci. 2951, Springer, Berlin, 2004, pp. 1--20.

*One-way functions are necessary and sufficient for secure signatures*, in Proceedings of the 22nd Annual ACM Symposium on Theory of Computing (STOC), ACM, New York, 1990, pp. 387--394.

*A note on constant-round zero-knowledge proofs for NP*, in Theory of Cryptography, First Theory of Cryptography Conference (TCC 2004), Lecture Notes in Comput. Sci. 2951, Springer, Berlin, 2004, pp. 191--202.

*Chosen-ciphertext security via correlated products*, in Theory of Cryptography, Sixth Theory of Cryptography Conference (TCC 2009), Lecture Notes in Comput. Sci. 5444, Springer, Berlin, 2009, pp. 419--436.

*Chosen-ciphertext security via correlated products*, SIAM J. Comput., 39 (2010), pp. 3058--3088.

*Limits on the Provable Consequences of One-Way Functions*, Ph.D. thesis, EECS Department, University of California, Berkeley, CA, 1988.

*A complete problem for statistical zero knowledge*, J. ACM, 50 (2003), pp. 196--249.

*Finding collisions on a one-way street: Can secure hash functions be based on general assumptions?*, in Advances in Cryptology---EUROCRYPT '98, Lecture Notes in Comput. Sci. 1403, Springer, Berlin, 1998, pp. 334--345.

*Computing with very weak random sources*, SIAM J. Comput., 28 (1999), pp. 1433--1459.

*One-way permutations, interactive hashing and statistically hiding commitments*, in Theory of Cryptography, Fourth Theory of Cryptography Conference (TCC 2007), Lecture Notes in Comput. Sci. 4392, Springer, Berlin, 2007, pp. 419--433.

*Oblivious transfer is symmetric*, in Advances in Cryptology ---EUROCRYPT 2006, Lecture Notes in Comput. Sci. 4004, Springer, Berlin, 2006, pp. 222--232.

*How to generate and exchange secrets*, in Proceedings of the 27th Annual Symposium on Foundations of Computer Science (FOCS), IEEE Press, Piscataway, NJ, 1986, pp. 162--167.

## Information & Authors

### Information

#### Published In

#### Copyright

#### History

**Submitted**: 24 September 2013

**Accepted**: 12 January 2015

**Published online**: 26 February 2015

#### Keywords

#### MSC codes

### Authors

## Metrics & Citations

### Metrics

### Citations

If you have the appropriate software installed, you can download article citation data to the citation manager of your choice. Simply select your manager software from the list below and click Download.

#### Cited By

- Batch Proofs Are Statistically HidingProceedings of the 56th Annual ACM Symposium on Theory of Computing | 11 June 2024
- Collision Resistance from Multi-collision ResistanceJournal of Cryptology, Vol. 37, No. 2 | 6 March 2024
- Constant-Round Arguments from One-Way FunctionsProceedings of the 55th Annual ACM Symposium on Theory of Computing | 2 June 2023
- Communication Lower Bounds of Key-Agreement Protocols via Density Increment ArgumentsTheory of Cryptography | 27 November 2023
- On subset-resilient hash function familiesDesigns, Codes and Cryptography, Vol. 90, No. 3 | 6 February 2022
- Collision-Resistance from Multi-Collision-ResistanceAdvances in Cryptology – CRYPTO 2022 | 12 October 2022
- The Gap Is Sensitive to Size of Preimages: Collapsing Property Doesn’t Go Beyond Quantum Collision-Resistance for Preimages Bounded Hash FunctionsAdvances in Cryptology – CRYPTO 2022 | 12 October 2022
- A Random Oracle for All of UsProgress in Cryptology - AFRICACRYPT 2022 | 6 October 2022
- Structure Versus Hardness Through the Obfuscation LensSIAM Journal on Computing, Vol. 50, No. 1 | 13 January 2021
- Can PPAD Hardness be Based on Standard Cryptographic Assumptions?Journal of Cryptology, Vol. 34, No. 1 | 12 January 2021
- Accumulators in (and Beyond) Generic Groups: Non-trivial Batch Verification Requires InteractionTheory of Cryptography | 9 December 2020
- On Average-Case Hardness in $$\mathsf {TFNP}$$ from One-Way FunctionsTheory of Cryptography | 9 December 2020
- On the Relationship Between Statistical Zero-Knowledge and Statistical Randomized Encodingscomputational complexity, Vol. 28, No. 4 | 20 August 2018
- Distributional Collision Resistance Beyond One-Way FunctionsAdvances in Cryptology – EUROCRYPT 2019 | 24 April 2019
- On the Complexity of Collision Resistant Hash Functions: New and Old Black-Box SeparationsTheory of Cryptography | 22 November 2019
- On Constructing One-Way Permutations from Indistinguishability ObfuscationJournal of Cryptology, Vol. 31, No. 3 | 15 September 2017
- Multi-Collision Resistant Hash Functions and Their ApplicationsAdvances in Cryptology – EUROCRYPT 2018 | 31 March 2018
- Collision Resistant Hashing for Paranoids: Dealing with Multiple CollisionsAdvances in Cryptology – EUROCRYPT 2018 | 31 March 2018
- From Laconic Zero-Knowledge to Public-Key CryptographyAdvances in Cryptology – CRYPTO 2018 | 24 July 2018
- Structure vs. Hardness Through the Obfuscation LensAdvances in Cryptology – CRYPTO 2017 | 29 July 2017
- Can PPAD Hardness be Based on Standard Cryptographic Assumptions?Theory of Cryptography | 5 November 2017
- Limits on the Power of Indistinguishability Obfuscation and Functional EncryptionSIAM Journal on Computing, Vol. 45, No. 6 | 8 December 2016
- On Constructing One-Way Permutations from Indistinguishability ObfuscationTheory of Cryptography | 24 December 2015
- On the Relationship Between Statistical Zero-Knowledge and Statistical Randomized EncodingsAdvances in Cryptology – CRYPTO 2016 | 21 July 2016
- Composable Security in the Tamper-Proof Hardware Model Under Minimal ComplexityTheory of Cryptography | 22 October 2016
- Limits on the Power of Indistinguishability Obfuscation and Functional Encryption2015 IEEE 56th Annual Symposium on Foundations of Computer Science | 1 Oct 2015
- Parallel Hashing via List RecoverabilityAdvances in Cryptology -- CRYPTO 2015 | 1 August 2015

## View Options

### Get Access

**Access via your Institution**- Questions about how to access this content? Contact SIAM at
**[email protected]**.