Abstract
We show that the existence of a coin-flipping protocol safe against any nontrivial constant bias (e.g., .499) implies the existence of one-way functions. This improves upon a result of Haitner and Omri (FOCS’11), who proved this implication for protocols with bias √ 2−1/2 − o(1) ≈ .207. Unlike the result of Haitner and Omri, our result also holds for weak coin-flipping protocols.
- B. Averbuch, M. Blum, B. Chor, S. Goldwasser, and S. Micali. 1985. How to implement Bracha’s O(log n) Byzantine agreement algorithm. Unpublished manuscript.Google Scholar
- A. Beimel, E. Omri, and I. Orlov. 2010. Protocols for multiparty coin toss with dishonest majority. In Advances in Cryptology (CRYPTO’10). 538--557. Google ScholarDigital Library
- I. Berman, I. Haitner, and A. Tentes. 2014. Coin flipping of any constant bias implies one-way functions. In Symposium on Theory of Computing (STOC’14). 398--407. Google ScholarDigital Library
- M. Blum. 1981. Coin flipping by telephone. In Advances in Cryptology (CRYPTO’81). 11--15.Google Scholar
- A. Chailloux and I. Kerenidis. 2009. Optimal quantum strong coin flipping. In Proceedings of the 50th Annual Symposium on Foundations of Computer Science (FOCS’09). 527--533. Google ScholarDigital Library
- R. Cleve. 1986. Limits on the security of coin flips when half the processors are faulty. In Proceedings of the 18th Annual ACM Symposium on Theory of Computing (STOC’86). 364--369. Google ScholarDigital Library
- R. Cleve and R. Impagliazzo. 1993. Martingales, collective coin flipping and discrete control processes (Extended Abstract). Retrieved from http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.51.1797.Google Scholar
- D. Dachman-Soled, Y. Lindell, M. Mahmoody, and T. Malkin. 2011. On the black-box complexity of optimally-fair coin tossing. In Theory of Cryptography, 8th Theory of Cryptography Conference (TCC’11), Vol. 6597. 450--467. Google ScholarDigital Library
- O. Goldreich, S. Goldwasser, and S. Micali. 1984. On the cryptographic applications of random functions. In Advances in Cryptology (CRYPTO’84). 276--288. Google ScholarDigital Library
- O. Goldreich, S. Goldwasser, and S. Micali. 1986. How to construct random functions. J. ACM 33 (1986), 792--807. http://dblp.uni-trier.de/rec/bibtex/journals/jacm/GoldreichGM86. Google ScholarDigital Library
- O. Goldreich and L. A. Levin. 1989. A hard-core predicate for all one-way functions. In Proceedings of the 21st Annual ACM Symposium on Theory of Computing (STOC’89). 25--32. Google ScholarDigital Library
- I. Haitner, M. Nguyen, S. J. Ong, O. Reingold, and S. Vadhan. 2009. Statistically hiding commitments and statistical zero-knowledge arguments from any one-way function. SIAM J. Comput. 39, 3 (2009), 1153--1218. Google ScholarDigital Library
- I. Haitner and E. Omri. 2011. Coin flipping with constant bias implies one-way functions. In Proceedings of the 52nd Annual Symposium on Foundations of Computer Science (FOCS’11). 110--119. Google ScholarDigital Library
- J. Håstad, R. Impagliazzo, L. A. Levin, and M. Luby. 1999. A pseudorandom generator from any one-way function. SIAM J. Comput. 28 (1999), 1364--1396. Preliminary versions in STOC’89 and STOC’90. http://dblp.uni-rier.de/rec/bibtex/journals/siamcomp/HastadILL99. Google ScholarDigital Library
- R. Impagliazzo. Pseudo-random generators for cryptography and for randomized algorithms. Ph.D. Thesis. Retrieved from http://cseweb.ucsd.edu/russell/format.ps.Google Scholar
- R. Impagliazzo and M. Luby. 1989. One-way functions are essential for complexity based cryptography. In Proceedings of the 30th Annual Symposium on Foundations of Computer Science (FOCS’89). 230--235. Google ScholarDigital Library
- A. Y. Kitaev. 2003. Quantum coin-flipping. (2003). Presentation at the 6th Workshop on Quantum Information Processing (QIP’03).Google Scholar
- H. K. Maji, M. Prabhakaran, and A. Sahai. 2010. On the computational complexity of coin flipping. In Proceedings of the 51st Annual Symposium on Foundations of Computer Science (FOCS’10). 613--622. Google ScholarDigital Library
- C. Mochon. 2007. Quantum weak coin flipping with arbitrarily small bias. arXiv:0711.4114. (2007).Google Scholar
- T. Moran, M. Naor, and G. Segev. 2009. An optimally fair coin toss. In Theory of Cryptography, 6th Theory of Cryptography Conference (TCC’09). 1--18. Google ScholarDigital Library
- M. Naor. 1991. Bit commitment using pseudorandomness. J. Cryptol. 4 (1991), 151--158. Preliminary version in CRYPTO’89. http://dblp.uni-trier.de/rec/bibtex/journals/joc/Naor91. Google ScholarDigital Library
- M. Naor and M. Yung. 1989. Universal one-way hash functions and their cryptographic applications. In Proceedings of the 21st Annual ACM Symposium on Theory of Computing (STOC’89). 33--43. Google ScholarDigital Library
- A. Wayne Roberts and D. E. Varberg. 1973. Convex Functions. Academic Press.Google Scholar
- J. Rompel. 1990. One-way functions are necessary and sufficient for secure signatures. In Proceedings of the 22nd Annual ACM Symposium on Theory of Computing (STOC’90). 387--394. Google ScholarDigital Library
- S. Zachos. 1986. Probabilistic quantifiers, adversaries, and complexity classes: An overview. In Proceedings of the 1st Annual IEEE Conference on Computational Complexity. 383--400. Google ScholarDigital Library
Index Terms
- Coin Flipping of Any Constant Bias Implies One-Way Functions
Recommendations
Coin Flipping with Constant Bias Implies One-Way Functions
FOCS '11: Proceedings of the 2011 IEEE 52nd Annual Symposium on Foundations of Computer ScienceIt is well known (cf., Impagliazzo and Luby [FOCS '89]) that the existence of almost all ``interesting" cryptographic applications, i.e., ones that cannot hold information theoretically, implies one-way functions. An important exception where the above ...
Coin flipping of any constant bias implies one-way functions
STOC '14: Proceedings of the forty-sixth annual ACM symposium on Theory of computingWe show that the existence of a coin-flipping protocol safe against any non-trivial constant bias (e.g., .499) implies the existence of one-way functions. This improves upon a recent result of Haitner and Omri [FOCS '11], who proved this implication for ...
An almost-optimally fair three-party coin-flipping protocol
STOC '14: Proceedings of the forty-sixth annual ACM symposium on Theory of computingIn a multiparty fair coin-flipping protocol, the parties output a common (close to) unbiased bit, even when some corrupted parties try to bias the output. Cleve [STOC 1986] has shown that in the case of dishonest majority (i.e., at least half of the ...
Comments