Let fbe a one-way function. According to the definition of such a function, it is difficult, given \(y = f\,(x)\) where x is random, to recover x. However, it may be easy to determine certain information about x. For instance, the RSA function \(f\,(x) = x^e \bmod n\) (see RSA public-key encryption) is believed to be one-way, yet it is easy to compute the Jacobi symbol of x, given f(x):
Another example is found in the discrete exponentiation function \(f\,(x) = g^x \bmod p\) (see discrete logarithm problem), where the least-significant bit of x is revealed from the Legendre symbol of f(x), i.e., \(f\,(x)$, i.e., $f\,(x)^{(p-1)/2}\), which indicates whether f(x) is a square and hence whether x is even.
It has therefore been of considerable interest in cryptography to understand which parts of the inverse of certain one-way functions are hardest to compute. This has led to the notion of a h...
References
Alexi, W.B., B. Chor, O. Goldreich, and C.-P. Schnorr (1988). “RSA and Rabin functions: Certain parts are as hard as the whole.” SIAM Journal on Computing, 17 (2), 194–209.
Blum, M. and S. Micali (1984). “How to generate cryptographically strong sequences of pseudo-random bits.” SIAM Journal on Computing, 13 (4), 850–863.
Goldreich, O. and L. Levin (1989). “A hard-core predicate for all one-way functions.” Proceedings of the 21st Annual ACM Symposium on Theory of Computing, 25–32.
Håstad, J. and M. Näslund (2004). “The security of all RSA and discrete log bits.” Journal of the ACM, 51 (2), 187–230.
Håstad, J., A.W. Schrift, and A. Shamir (1993). “The discrete logarithm modulo a composite hides o(n) bits.” Journal of Computer and System Sciences, 47 (3), 376–404.
Yao. A. (1982). “Theory and applications of trapdoor functions.” Proceedings of the 23rd Annual IEEE Symposium on Foundations of Computer Science (FOCS), 80–91.
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 International Federation for Information Processing
About this entry
Cite this entry
Kaliski, B. (2005). Hard-Core Bit. In: van Tilborg, H.C.A. (eds) Encyclopedia of Cryptography and Security. Springer, Boston, MA . https://doi.org/10.1007/0-387-23483-7_184
Download citation
DOI: https://doi.org/10.1007/0-387-23483-7_184
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-23473-1
Online ISBN: 978-0-387-23483-0
eBook Packages: Computer ScienceReference Module Computer Science and Engineering