Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Tight Characterizations for Preprocessing against Cryptographic Salting

Fangqi Dong, Qipeng Liu, Kewen Wu

TL;DR

The paper provides tight, general characterizations of preprocessing defenses against cryptographic salting in both classical and quantum regimes. By linking non-uniform security to direct-product phenomena for memoryless algorithms, it delivers sharp bounds that improve prior results and apply across idealized models. In the quantum realm, the authors extend Zhandry’s compressed oracle to prove average-case direct-product theorems for property-finding games in the QROM, yielding concrete bounds for salted collision resistance and related primitives. The work also introduces threshold direct-product results and multi-challenge refinements, with broad implications for assessing non-uniform security and the effectiveness of salting in real-world cryptographic settings.

Abstract

Cryptography often considers the strongest yet plausible attacks in the real world. Preprocessing (a.k.a. non-uniform attack) plays an important role in both theory and practice: an efficient online attacker can take advantage of advice prepared by a time-consuming preprocessing stage. Salting is a heuristic strategy to counter preprocessing attacks by feeding a small amount of randomness to the cryptographic primitive. We present general and tight characterizations of preprocessing against cryptographic salting, with upper bounds matching the advantages of the most intuitive attack. Our result quantitatively strengthens the previous work by Coretti, Dodis, Guo, and Steinberger (EUROCRYPT'18). Our proof exploits a novel connection between the non-uniform security of salted games and direct product theorems for memoryless algorithms. For quantum adversaries, we give similar characterizations for property finding games, resolving an open problem of the quantum non-uniform security of salted collision resistant hash by Chung, Guo, Liu, and Qian (FOCS'20). Our proof extends the compressed oracle framework of Zhandry (CRYPTO'19) to prove quantum strong direct product theorems for property finding games in the average-case hardness.

Tight Characterizations for Preprocessing against Cryptographic Salting

TL;DR

The paper provides tight, general characterizations of preprocessing defenses against cryptographic salting in both classical and quantum regimes. By linking non-uniform security to direct-product phenomena for memoryless algorithms, it delivers sharp bounds that improve prior results and apply across idealized models. In the quantum realm, the authors extend Zhandry’s compressed oracle to prove average-case direct-product theorems for property-finding games in the QROM, yielding concrete bounds for salted collision resistance and related primitives. The work also introduces threshold direct-product results and multi-challenge refinements, with broad implications for assessing non-uniform security and the effectiveness of salting in real-world cryptographic settings.

Abstract

Cryptography often considers the strongest yet plausible attacks in the real world. Preprocessing (a.k.a. non-uniform attack) plays an important role in both theory and practice: an efficient online attacker can take advantage of advice prepared by a time-consuming preprocessing stage. Salting is a heuristic strategy to counter preprocessing attacks by feeding a small amount of randomness to the cryptographic primitive. We present general and tight characterizations of preprocessing against cryptographic salting, with upper bounds matching the advantages of the most intuitive attack. Our result quantitatively strengthens the previous work by Coretti, Dodis, Guo, and Steinberger (EUROCRYPT'18). Our proof exploits a novel connection between the non-uniform security of salted games and direct product theorems for memoryless algorithms. For quantum adversaries, we give similar characterizations for property finding games, resolving an open problem of the quantum non-uniform security of salted collision resistant hash by Chung, Guo, Liu, and Qian (FOCS'20). Our proof extends the compressed oracle framework of Zhandry (CRYPTO'19) to prove quantum strong direct product theorems for property finding games in the average-case hardness.
Paper Structure (32 sections, 28 theorems, 136 equations)

This paper contains 32 sections, 28 theorems, 136 equations.

Table of Contents

  1. Introduction
  2. Our Results
  3. Technique Overview
  4. The Classical Setting
  5. The Quantum Random Oracle Setting
  6. Preliminaries
  7. Non-Uniform Security of Salting: the Classical Setting
  8. Strong Direct Product Theorems for Memoryless Algorithms
  9. Improved Estimates for Games with Numerous Challenges
  10. Non-Uniform Security of Salting in the QROM
  11. Preliminaries: Database and Property on Databases
  12. Preliminaries: Quantum Random Oracle and Compressed Oracle
  13. Classical and Quantum Property Finding Problem
  14. Main Quantum Theorem
  15. Quantum Direct Product Theorems for Property Finding Problem
  16. ...and 17 more sections

Key Result

Theorem 1.1

For any cryptographic games $G$ in the ROM, we have Here we use $\widetilde{O}$ to hide low order terms for simplicity.

Theorems & Definitions (97)

  • Theorem 1.1: EC:CDGS18
  • Theorem 1.2: Consequence of \ref{['thm:classical_salt']}
  • Corollary 1.3: \ref{['cor:funcinv']} Restated, Salted Function Inversion
  • Corollary 1.4: Consequence of \ref{['cor:classical_salt_mult']}, Large Advice
  • Theorem 1.5: Consequence of \ref{['thm:main_quantum']}
  • Definition 3.1: Game
  • Definition 3.2: Plain Game
  • Definition 3.3: Challenge-Conditioned Game
  • Definition 3.6: Salted Game
  • Remark 3.7
  • ...and 87 more