Black-box constructions of two-party protocols from one-way functions

Rafael Pass*, Hoeteck Wee

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review


We exhibit constructions of the following two-party cryptographic protocols given only black-box access to a one-way function: constant-round zero-knowledge arguments (of knowledge) for any language in NP; constant-round trapdoor commitment schemes; constant-round parallel coin-tossing. Previous constructions either require stronger computational assumptions (e.g. collision-resistant hash functions), non-black-box access to a one-way function, or a super-constant number of rounds. As an immediate corollary, we obtain a constant-round black-box construction of secure two-party computation protocols starting from only semi-honest oblivious transfer. In addition, by combining our techniques with recent constructions of concurrent zero-knowledge and non-malleable primitives, we obtain black-box constructions of concurrent zero-knowledge arguments for NP and non-malleable commitments starting from only one-way functions.

Original languageEnglish
Title of host publicationTheory of Cryptography - 6th Theory of Cryptography Conference, TCC 2009, Proceedings
Number of pages16
StatePublished - 2009
Externally publishedYes
Event6th Theory of Cryptography Conference, TCC 2009 - San Francisco, CA, United States
Duration: 15 Mar 200917 Mar 2009

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume5444 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Conference6th Theory of Cryptography Conference, TCC 2009
Country/TerritoryUnited States
CitySan Francisco, CA


  • Black-box constructions
  • Non-malleable commitments
  • Parallel coin-tossing
  • Secure two-party computation
  • Trapdoor commitments
  • Zero-knowledge arguments


Dive into the research topics of 'Black-box constructions of two-party protocols from one-way functions'. Together they form a unique fingerprint.

Cite this