IACR News item: 02 August 2013
Nir Bitansky, Ran Canetti, Omer Paneth
ePrint ReportWhen combined with hardness properties such as one-wayness or collision-resistance, extractability has proven to be a powerful tool. However, so far, extractability has not been explicitly shown. Instead, it has only been considered as a non-standard {\\em knowledge assumption} on certain functions.
We give the first construction of extractable one-way functions assuming only standard hardness assumptions (e.g.,subexponential security of Decision Diffie-Hellman or Quadratic Residousity).
Our functions are extractable against adversaries with bounded polynomial advice and unbounded polynomial running time. We then use these functions to construct the first 2-message zero-knowledge arguments and 3-message zero-knowledge arguments of knowledge, against the same class of adversarial verifiers, from essentially the same assumptions.
The construction uses ideas from [Barak, FOCS01] and [Barak, Lindell, and Vadhan, FOCS03], and rely on the recent breakthrough construction of privately verifiable $\\P$-delegation schemes [Kalai, Raz, and Rothblum]. The extraction procedure uses the program evaluating $f$ in a non-black-box way, which we show to be necessary.
Additional news items may be found on the IACR news page.