Chosen-Ciphertext Security from Slightly Lossy Trapdoor Functions


Petros Mol and Scott Yilek


Lossy Trapdoor Functions (LTDFs), introduced by Peikert and Waters (STOC 2008) have been useful for building many cryptographic primitives. In particular, by using an LTDF that loses a (1 -1/omega(log n)) fraction of all its input bits, it is possible to achieve CCA security using the LTDF as a black-box. Unfortunately, not all candidate LTDFs achieve such a high level of lossiness. In this paper we drastically lower the lossiness required to achieve CCA security, showing that an LTDF that loses only a noticeable fraction of a single bit can be used in a black-box way to build CCA-secure PKE. To show our result, we build on the recent result of Rosen and Segev (TCC 2009) that showed how to achieve CCA security from functions whose products are one- way on particular types of correlated inputs. Lastly, we give an example construction of a slightly lossy TDF based on the assumption that it is hard to distinguish the product of two primes from the product of three primes.


Petros Mol and Scott Yilek.
Chosen-Ciphertext Security from Slightly Lossy Trapdoor Functions.
Public Key Cryptography - PKC 2010. LNCS Vol. 6056, pp. 296-311, P. Nguyen, D. Pointcheval eds., Springer, 2010.


Received Best Paper Award.


Conference Version

See Also

PKC 2010