Hard-Core Bit

Kaliski, Burt

doi:10.1007/0-387-23483-7_184

Burt Kaliski

153 Accesses

Let fbe a one-way function. According to the definition of such a function, it is difficult, given $y = f\,(x)$ where x is random, to recover x. However, it may be easy to determine certain information about x. For instance, the RSA function $f\,(x) = x^e \bmod n$ (see RSA public-key encryption) is believed to be one-way, yet it is easy to compute the Jacobi symbol of x, given f(x):

$$\left(\frac{x^e \bmod n}{n}\right) = {\left(\frac{x}{n}\right)}^e = {\left(\frac{x}{n}\right)}.$$

Another example is found in the discrete exponentiation function $f\,(x) = g^x \bmod p$ (see discrete logarithm problem), where the least-significant bit of x is revealed from the Legendre symbol of f(x), i.e., $f\,(x)$, i.e., $f\,(x)^{(p-1)/2}$, which indicates whether f(x) is a square and hence whether x is even.

It has therefore been of considerable interest in cryptography to understand which parts of the inverse of certain one-way functions are hardest to compute. This has led to the notion of a h...

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

References

Alexi, W.B., B. Chor, O. Goldreich, and C.-P. Schnorr (1988). “RSA and Rabin functions: Certain parts are as hard as the whole.” SIAM Journal on Computing, 17 (2), 194–209.
Article MATH MathSciNet Google Scholar
Blum, M. and S. Micali (1984). “How to generate cryptographically strong sequences of pseudo-random bits.” SIAM Journal on Computing, 13 (4), 850–863.
Article MATH MathSciNet Google Scholar
Goldreich, O. and L. Levin (1989). “A hard-core predicate for all one-way functions.” Proceedings of the 21st Annual ACM Symposium on Theory of Computing, 25–32.
Google Scholar
Håstad, J. and M. Näslund (2004). “The security of all RSA and discrete log bits.” Journal of the ACM, 51 (2), 187–230.
Article MathSciNet Google Scholar
Håstad, J., A.W. Schrift, and A. Shamir (1993). “The discrete logarithm modulo a composite hides o(n) bits.” Journal of Computer and System Sciences, 47 (3), 376–404.
Article MATH MathSciNet Google Scholar
Yao. A. (1982). “Theory and applications of trapdoor functions.” Proceedings of the 23rd Annual IEEE Symposium on Foundations of Computer Science (FOCS), 80–91.
Google Scholar

Download references

Authors

Burt Kaliski
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Eindhoven University of Technology, Eindhoven, The Netherlands
Henk C. A. van Tilborg

Rights and permissions

Reprints and permissions

Copyright information

About this entry

Cite this entry

Kaliski, B. (2005). Hard-Core Bit. In: van Tilborg, H.C.A. (eds) Encyclopedia of Cryptography and Security. Springer, Boston, MA . https://doi.org/10.1007/0-387-23483-7_184

Download citation

DOI: https://doi.org/10.1007/0-387-23483-7_184
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-23473-1
Online ISBN: 978-0-387-23483-0
eBook Packages: Computer ScienceReference Module Computer Science and Engineering

Publish with us

Policies and ethics