Complexity measures for public-key cryptosystems

A b s t r a c t The f i r s t p a r t of t h i s paper g i v e s r e s u l t s about promise problems. A "promise problem" i s a formulation of a p a r t i a l d e c i s i o n problem t h a t i s u s e f u l f o r d e s c r i b i n g cracking problems f o r public-key cryptosystems (PKCS). We prove t h a t every NP-hard promise problem i s uniformly NP-hard, and w e show t h a t a number of r e s u l t s and a c o n j e c t u r e about promise problems a r e e q u i v a l e n t t o s e p a r a b i l-i t y a s s e r t i o n s t h a t a r e t h e n a t u r a l analogues of well-known r e s u l t s i n c l a s s i c a l r e c u r s i o n theory. The c o n j e c t u r e , i f i t i s t r u e , i m p l i e s nonexistence of PKCS having NP-hard cracking problems. The second p a r t of t h e paper s t u d i e s more a p p r o p r i a t e measures f o r PKCS. Among t h e r e s u l t s obtained are t h e following: One-way f u n c t i o n s e x i s t i f and only i f P # such t h a t range f E P e x i s t i f and only i f U n CO-U # P. It w i l l follow t h a t t h e r e e x i s t PKCS t h a t cannot be cracked i n polynomial t i m e …