Audit logs are considered good practice for business systems, and are required by federal regulations for secure systems, drug approval data, medical information disclosure, financial records, and electronic voting. Given the central role of audit logs, it is critical that they are correct and inalterable. It is not su#- cient to say, "our data is correct, because we store all interactions in a separate audit log." The integrity of the audit log itself must also be guaranteed. This paper proposes mechanisms within a database management system (DBMS), based on cryptographically strong one-way hash functions, that prevent an intruder, including an auditor or an employee or even an unknown bug within the DBMS itself, from silently corrupting the audit log. We propose that the DBMS store additional information in the database to enable a separate audit log validator to examine the database along with this extra information and state conclusively whether the audit log has been compromised.

Rabi and Sherman [RS97] presented novel digital signature and unauthenticated secret-key agreement protocols, developed by themselves and by Rivest and Sherman. These protocols use "strong," total, commutative (in the case of multi-party secret-key agreement), associative one-way functions as their key building blocks. Though Rabi and Sherman did prove that associative one-way functions exist if P 6= NP, they left as an open question whether any natural complexity-theoretic assumption is sufficient to ensure the existence of "strong," total, commutative, associative one-way functions. In this paper, we prove that if P 6= NP then "strong," total, commutative, associative one-way functions exist. Keywords: complexity-theoretic one-way functions, associativity. 1 Introduction and Preliminaries Rabi and Sherman [RS97] study associative one-way functions (AOWFs) and show that AOWFs exist exactly if P 6= NP. They also present the notion of strong AOWFs---AOWFs that are hard to invert even ...

Rabi and Sherman [RS97] present a cryptographic paradigm based on associative, one-way functions that are strong (i.e., hard to invert even if one of their arguments is given) and total. Hemaspaandra and Rothe [HR99] proved that such powerful one-way functions exist exactly if (standard) one-way functions exist, thus showing that the associative one-way function approach is as plausible as previous approaches. In the present paper, we study the degree of ambiguity of one-way functions. Rabi and Sherman showed that no associative one-way function (over a universe having at least two elements) can be unambiguous (i.e., one-to-one). Nonetheless, we prove that if standard, unambiguous, one-way functions exist, then there exist strong, total, associative, one-way functions that are O(n)-to-one. This puts a reasonable upper bound on the ambiguity. Our other main results are: 1. P 6= FewP if and only if there exists an (n O(1) )-to-one, strong, total AOWF. 2. No O(1)-to-one total, associati...

Rabi, Rivest, and Sherman alter the standard notion of noninvertibility to a new notion they call strong noninvertibility, and show|via explicit cryptographic protocols for secret-key agreement ([RS93,RS97] attribute this to Rivest and Sherman) and digital signatures [RS93,RS97]|that strongly noninvertible functions would be very useful components in protocol design. Their denition of strong noninvertibility has a small twist (\respecting the argument given") that is needed to ensure cryptographic usefulness. In this paper, we show that this small twist has a large, unexpected consequence: Unless P = NP, some strongly noninvertible functions are invertible. Topic: Computational and Structural Complexity. 1 Introduction Rabi, Rivest, and Sherman developed novel cryptographic protocols that require one-way functions with algebraic properties such as associativity (see [RS93,RS97] Department of Computer Science, University of Rochester, Rochester, NY 14627, USA. Email: lane...

The nondeterministic advice complexity of the P-selective sets is known to be exactly linear. Regarding the deterministic advice complexity of the P-selective sets—i.e., the amount of Karp– Lipton advice needed for polynomial-time machines to recognize them in general—the best current upper bound is quadratic [Ko83] and the best current lower bound is linear [HT96]. We prove that every associatively P-selective set is commutatively, associatively P-selective. Using this, we establish an algebraic sufficient condition for the P-selective sets to have a linear upper bound (which thus would match the existing lower bound) on their deterministic advice complexity: If all P-selective sets are associatively P-selective then the deterministic advice complexity of the P-selective sets is linear. The weakest previously known sufficient condition was P = NP. We also establish related results for algebraic properties of, and advice complexity of, the nondeterministically selective sets.

Rabi and Sherman [RS97,RS93] proved that the hardness of factoring is a sufficient condition for there to exist one-way functions (i.e., p-time computable, honest, p-time noninvertible functions) that are total, commutative, and associative but not strongly noninvertible. In this paper we improve the sufficient condition to P � = NP. More generally, in this paper we completely characterize which types of one-way functions stand or fall together with (plain) one-way functions—equivalently, stand or fall together with P � = NP. We look at the four attributes used in Rabi and Sherman’s seminal work on algebraic properties of one-way functions (see [RS97,RS93]) and subsequent papers—strongness (of noninvertibility), totality, commutativity, and associativity—and for each attribute, we allow it to be required to hold, required to fail, or “don’t care. ” In this categorization there are 3 4 = 81 potential types of one-way functions. We prove that each of these 81 feature-laden types stand or fall together with the existence of (plain) one-way functions. Key words: computational complexity, complexity-theoretic one-way functions, associativity, commutativity, strong noninvertibility.