On the Impossibility of Cryptography with Tamperable Randomness

Per Austrin, Kai Min Chung, Mohammad Mahmoody*, Rafael Pass, Karn Seth

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

6 Scopus citations


We initiate a study of the security of cryptographic primitives in the presence of efficient tampering attacks to the randomness of honest parties. More precisely, we consider p-tampering attackers that may efficiently tamper with each bit of the honest parties’ random tape with probability p, but have to do so in an “online” fashion. Our main result is a strong negative result: We show that any secure encryption scheme, bit commitment scheme, or zero-knowledge protocol can be “broken” with advantage Ω (p) by a p-tampering attacker. The core of this result is a new algorithm for biasing the output of bounded-value functions, which may be of independent interest. We also show that this result cannot be extended to primitives such as signature schemes and identification protocols: assuming the existence of one-way functions, such primitives can be made resilient to [InlineEquation not available: see fulltext.]-tampering attacks where n is the security parameter.

Original languageEnglish
Pages (from-to)1052-1101
Number of pages50
Issue number4
StatePublished - 1 Dec 2017
Externally publishedYes


FundersFunder number
Alfred P. Sloan Fellowship
National Science FoundationCCF-1214844, CCF-1350939, CCF-0746990, CNS-1217821
Air Force Office of Scientific ResearchFA9550-10-1-0093
Defense Advanced Research Projects Agency
Air Force Research LaboratoryFA8750-11-2- 0211
Natural Sciences and Engineering Research Council of Canada


    • Encryption
    • Randomness
    • Tampering


    Dive into the research topics of 'On the Impossibility of Cryptography with Tamperable Randomness'. Together they form a unique fingerprint.

    Cite this