Results

**1 - 5**of**5**### Cryptography with Streaming Algorithms

"... Abstract. We put forth the question of whether cryptography is fea-sible using streaming devices. We give constructions and prove lower bounds. In streaming cryptography (not to be confused with stream-ciphers) everything—the keys, the messages, and the seeds—are huge compared to the internal memory ..."

Abstract
- Add to MetaCart

(Show Context)
Abstract. We put forth the question of whether cryptography is fea-sible using streaming devices. We give constructions and prove lower bounds. In streaming cryptography (not to be confused with stream-ciphers) everything—the keys, the messages, and the seeds—are huge compared to the internal memory of the device. These streaming algo-rithms have small internal memory size and make a constant number of passes over big data maintained in a constant number of read/write external tapes. Typically, the internal memory size is O(log n) and we use 2 external tapes; whereas 1 tape is provably insufficient. In this set-ting we cannot compute instances of popular intractability assumptions. Nevertheless, we base cryptography on these assumptions by employing non-black-box techniques, and study its limitations. We introduce new techniques to obtain unconditional lower bounds showing that no super-linear stretch pseudorandom generator exists, and no Public Key Encryption (PKE) exists with private-keys of size sub-linear in the plaintext length. For possibility results, assuming the existence of one-way functions computable in NC1—e.g. factoring, lattice assumptions—we obtain streaming algorithms computing one-way functions and pseudorandom generators. Given the Learning With Errors (LWE) assumption we con-struct PKE where both the encryption and decryption are streaming algorithms. The starting point of our work is the groundbreaking work of Applebaum-Ishai-Kushilevitz on Cryptography in NC0. In the end, our developments are technically orthogonal to their work; e.g. there is a PKE where the decryption is a streaming algorithm, whereas no PKE decryption can be in NC0.

### On the complexity of non-adaptively increasing theOn the Complexity of Non-adaptively Increasing the Stretch of Pseudorandom Generators stretch of pseudorandom generators

- THEORY OF CRYPTOGRAPHY
, 2011

"... We study the complexity of black-box constructions of linear-stretch pseudorandom generators starting from a 1-bit stretch oracle generator G. We show that there is no construction which makes non-adaptive queries to G and then just outputs bits of the answers. The result extends to constructions th ..."

Abstract
- Add to MetaCart

We study the complexity of black-box constructions of linear-stretch pseudorandom generators starting from a 1-bit stretch oracle generator G. We show that there is no construction which makes non-adaptive queries to G and then just outputs bits of the answers. The result extends to constructions that both work in the non-uniform setting and are only black-box in the primitive G (not the proof of correctness), in the sense that any such construction implies NP/poly = P/poly. We then argue that not much more can be obtained using our techniques: via a modiﬁcation of an argument of Reingold, Trevisan, and Vadhan (TCC ’04), we prove in the non-uniform setting that there is a construction which only treats the primitive G as black-box, has polynomial stretch, makes non-adaptive queries to the oracle G, and outputs an aﬃne function (i.e., parity or its complement) of the oracle query answers.