One-Way Functions in Worst-Case Cryptography: Algebraic and Security Properties

TL;DR

This paper surveys recent advances in the study of worst-case one-way functions with strong algebraic and security properties, highlighting their construction, equivalence, and implications for cryptographic protocols.

Contribution

It discusses the recent proof that such specialized one-way functions exist if and only if general one-way functions exist, advancing understanding of their foundational role.

Findings

Existence of strong, total, commutative, associative one-way functions is equivalent to the existence of general one-way functions.

Recent progress has been made in constructing and understanding algebraic properties of one-way functions.

The survey connects theoretical results with practical cryptographic protocol design.

Abstract

We survey recent developments in the study of (worst-case) one-way functions having strong algebraic and security properties. According to [RS93], this line of research was initiated in 1984 by Rivest and Sherman who designed two-party secret-key agreement protocols that use strongly noninvertible, total, associative one-way functions as their key building blocks. If commutativity is added as an ingredient, these protocols can be used by more than two parties, as noted by Rabi and Sherman [RS93] who also developed digital signature protocols that are based on such enhanced one-way functions. Until recently, it was an open question whether one-way functions having the algebraic and security properties that these protocols require could be created from any given one-way function. Recently, Hemaspaandra and Rothe [HR99] resolved this open issue in the affirmative, by showing that one-way functions exist if and only if strong, total, commutative, associative one-way functions exist. We discuss this result, and the work of Rabi, Rivest, and Sherman, and recent work of Homan [Hom99] that makes progress on related issues.