CS 276 &mdash Projects

A final project involves the study of a paper or series of papers on an advanced subject not covered in class. You will write a short report (5-10 pages), and give a 25-minute presentation in class. Two-people collaborations are possible, in which case the subject/papers should be more ambitious, and the presentation will be 40 minutes. A project may be planned with a research problem in mind.

Here are some suggested topics.

Hard-core predicates

Every bit of RSA and exponentiation is hard-core
- Johan Hastad, Mats Naslund: The security of all RSA and discrete log bits. J. ACM 51(2): 187-230 (2004)
The unified framework of Akavia, Goldwasser and Safra
- Adi Akavia, Shafi Goldwasser, Shmuel Safra: Proving Hard-Core Predicates Using List Decoding. FOCS 2003

One-way Functions and Pseudorandom Generators

Efficient "hardness amplification" for one-way permutations
- Oded Goldreich, Russell Impagliazzo, Leonid A. Levin, Ramarathnam Venkatesan, David Zuckerman: Security Preserving Amplification of Hardness FOCS 1990: 318-326
- See also Goldreich's book
- A long-standing research question is whether one can do the same for general one-way functions. It's possible that the answer is negative for "black-box reductions."
Pseudorandom generators from "regular" one-way functions. ("Regular is a technical term, it means all elements of the range have the same number of preimages.)
- Oded Goldreich, Hugo Krawczyk, Michael Luby: On the Existence of Pseudorandom Generators. SIAM J. Comput. 22(6): 1163-1175 (1993)
- See also Oded Goldreich's textbook
The full HILL construction (with Holenstein's simplification). Note that this might be too much to tackle in one month.
- Johan Hastad, Russell Impagliazzo, Leonid A. Levin, Michael Luby: A Pseudorandom Generator from any One-way Function. SIAM J. Comput. 28(4): 1364-1396 (1999)
- Thomas Holenstein: Pseudorandom Generators from One-Way Functions: A Simple Construction for Any Hardness. TCC 2006: 443-461
- Again, it's a long-standing open question whether a more efficient construction (one in which the seed is nearly linear in the input length of the original one-way function) is possible. Maybe no such "black-box" construction is possible. Although, if you are still reading, there is a sort of "doble-negative" result showing that a certain style of "blak-box impossibility" argument will not work here
  - Omer Reingold, Luca Trevisan, Salil P. Vadhan: Notions of Reducibility between Cryptographic Primitives. TCC 2004: 1-20

Impossibility Results

Key agreement from one-way functions. The work that started it all
- Russell Impagliazzo, Steven Rudich: Limits on the Provable Consequences of One-Way Permutations STOC 1989: 44-61
- It might be helpful to read about uniform generation with an NP oracle, for example from
  - Mihir Bellare, Oded Goldreich, Erez Petrank: Uniform Generation of NP-witnesses using an NP-oracle.
  The nature of the impossibility result is clarified in
  - Omer Reingold, Luca Trevisan, Salil P. Vadhan: Notions of Reducibility between Cryptographic Primitives. TCC 2004: 1-20
One-way permutations from one-way functions
- Steven Rudich's PhD Thesis
- Jeff Kahn, Michael E. Saks, Clifford D. Smyth: A Dual Version of Reimer's Inequality and a Proof of Rudich's Conjecture. IEEE Conference on Computational Complexity 2000: 98-103
Oblivious transfer versus public-key encryption
- Yael Gertner, Sampath Kannan, Tal Malkin, Omer Reingold, Mahesh Viswanathan: The Relationship between Public Key Encryption and Oblivious Transfer. FOCS 2000: 325-335
Trapdoor functions from public key encryption
- Yael Gertner, Tal Malkin, Omer Reingold: On the Impossibility of Basing Trapdoor Functions on Trapdoor Predicates. FOCS 2001: 126-135
A major open question is whether CCA-secure public-key encryption can be derived in a black-box way (or in any way) from CPA-secure public-key encryption. Currently, the partial evidence is unclear
- Yael Gertner, Tal Malkin, Steven Myers: Towards a Separation of Semantic and CCA Security for Public Key Encryption. TCC 2007: 434-455
- Seung Geol Choi, Dana Dachman-Soled, Tal Malkin, Hoeteck Wee: Black-Box Construction of a Non-malleable Encryption Scheme from Any Semantically Secure One. TCC 2008: 427-444
Collision-resistant hash functions from one-way functions
- Daniel R. Simon: Finding Collisions on a One-Way Street: Can Secure Hash Functions Be Based on General Assumptions? EUROCRYPT 1998: 334-345

Candidate One-Way Functions and Trapdoor Functions

Algorithms for Discrete Logarithm
Discrete Logarithm on Elliptic Curves
Lattice Problems

Public Key Encryption

Non-malleable encryption
The full DNS construction
Cramer-Shoup
The unifying framework of Sahai

Obfuscation

The Barak et al. paper
Point functions

The Random Oracle Model

Unimplementable protocols
Extractable functions

Commitment Schemes

Stat binding, comp hiding, round lower bound
Stat binding, comp hiding, construction

Zero Knowledge

Black-box impossibility results
Barak's protocols
Magic functions
Notions of resettable and concurrent zero knowledge
Non-interactive zero knowledge