Unformatted text preview: book. Oneway functions are relatively easy to compute, but significantly harder to reverse. That is, given x it is easy to compute f(x), but given f(x) it is hard to compute x. In this context, “hard” is defined as something like: It would take millions of years to compute x from f(x), even if all the computers in the world were assigned to the problem. Breaking a plate is a good example of a oneway function. It is easy to smash a plate into a thousand tiny pieces. However, it’s not easy to put all of those tiny pieces back together into a plate. This sounds good, but it’s a lot of smoke and mirrors. If we are being strictly mathematical, we have no proof that oneway functions exist, nor any real evidence that they can be constructed [230,530,600,661]. Even so, many functions look and smell oneway: We can compute them efficiently and, as of yet, know of no easy way to reverse them. For example, in a finite field x2 is easy to compute, but x1/2 is much harder. For the rest of this section, I’m going to pretend that there are oneway functions. I’ll talk more about this in Section 11.2. So, what good are oneway functions? We can’t use them for encryption as is. A message encrypted with the oneway function isn’t useful; no one could decrypt it. (Exercise: Write a message on a plate, smash the plate into tiny bits, and then give the bits to a friend. Ask your friend to read the message. Observe how impressed he is with the oneway function.) For publickey cryptography, we need something else (although there are cryptographic applications for oneway functions—see Section 3.2). A trapdoor oneway function is a special type of oneway function, one with a secret trapdoor. It is easy to compute in one direction and hard to compute in the other direction. But, if you know the secret, you can easily compute the function in the other direction. That is, it is easy to compute f(x) given x, and hard to compute x given f(x). However, there is some secret information, y, such that given f(x) and y it is easy to comput...
View
Full
Document
This note was uploaded on 10/18/2010 for the course MATH CS 301 taught by Professor Aliulger during the Fall '10 term at Koç University.
 Fall '10
 ALIULGER
 Cryptography

Click to edit the document details