About set-theoretic properties of one-way functions

arXiv:1110.3189v1 [cs.CC] 14 Oct 2011 About set-theoretic properties of one-way functions Anatoly D. Plotnikov∗ Abstract We investigate the problem of cryptanalysis as a problem belonging to the class NP. A class of problems UF is defined for which the time constructing any feasible solution is polynomial. The properties of the problems of NP, which may be one-way functions, are established. Keywords: Class P, class NP, class UF, one-way function. MCS 2000: 94A60, 68Q15. 1 Statement of the problem There are several equivalent definitions of the problems of the class NP [1, 2]. We say that the problem of Z belongs to the class NP, if: a) the problem can be determined by a finite number of symbols n; b) the solution of the problem can be represented by a finite the number m of symbols, where m is a polynomial function of n: m = f(n); c) the time of verification of the solution t is a polynomial function of n: t = ϕ(n). It is easy to see that every cryptosystem determines the problems that belong to the class NP. So, the problem of encryption includes, as an input, N-bit plaintext and M-bit key, that is, in this case, the problem is determined by N + M = n symbols. The solution of the problem of encryption, as a rule, contains ∗Department of “Computer Systems and Networks” of Dalh East-Ukrainian National University, Luhansk, 91034, Ukraine. E-mail: a dot plotnikov at list dot ru 1 m = N < n bits. Finally, the time of encryption, which can be considered as the time of verification of the obtained solution, is a polynomial function of dimension n of the initial data. Thus, we see that the problem of encryption belongs to the class NP. The problem of deciphering is symmetric of the problem of encryption. In this case, the initial data are the ciphertext of N bits and M-bit key, and the solution of the problem is the N-bit plaintext. The time of deciphering is a polynomial function of N +M = n. This time of deciphering can also be considered as a verification of the solution. Thus, the problem of deciphering also belongs to the class NP. There are different types of attacks on a cryptosystem. Without loss of generality, we can assume that the cryptanalyst, to crack the cryptosystem, has N-bit plaintext, N-bit ciphertext. He needs to find a solution — the key that contains M bits. In addition, the cryptanalyst knows polynomial-time algorithm for encryption and decryption. In other words, the cryptanalyst has a good algorithm of verification of the received solution. Consequently, the problem of cryptanalysis also belongs to the class NP. To increase the stability of the cryptosystem, the developers try to make a problem for the cryptanalyst intractable. One way of doing this — to con- struct one-way function y = f(x), i.e. such that the value of y for the spec- ified x is computed easily (using a polynomial-time algorithm), and inverse operation — computing the inverse function x = f −1(y) — is intractable. Thus, for example, the process of encryption and decryption consist in to computing some function y = f(x), and the problem of the cryptanalyst consists in computing the difficult inverse function x = f −1(y) It is believed that some functions, using in the existing cryptosystems, are one-way. These are the operations of discrete logarithms, factorization, and others. However, so far no evidence that such functions exist. The purpose of this paper be to investigate the set-theoretic properties of functions that can be one-way functions. 2 The basic constructions It is clear that the process of constructing solution of the problem of crypt- analysis Z is extensive in the time. That is, theretofore as the solution Z will be found, a cryptanalyst can obtain some intermediate solutions. Denote by Q the set of all intermediate and final solutions of the Z. Then each of the final solution Z is called support solution, and all solutions of the set Q, including support solutions, are feasible solutions of Z. 2 Then, more precisely, the problem of the class NP can be formulated as follows: a) the problem can be determined by a finite number of symbols n; b) any support solution can be represented by a finite the number m sym- bols, where m is a polynomial function of n: m = f(n); c) the time of verification of the support solution t is a polynomial func- tions of n: t = ϕ(n). We define a new class of problems UF [3, 5]. We say that the problem of Z belongs to the class UF, if: a) the problem can be determined by a finite number of symbols n; b) any feasible solution can be represented by a finite the number m sym- bols, where m is a polynomial function of n: m = f(n); c) the time of verification of the feasible solution t is a polynomial func- tions of n: t = ϕ(n). An example of the problem, in which the finding of an intermediate result requires exponential time of verification of an intermediate solution is the Hamiltonian cycle problem. Theorem 1. UF ⊂NP and UF ̸= NP. Proof. Obviously, that properties of any problem of the class UF are mor

This content is AI-processed based on open access ArXiv data.