 
Summary: PublicKey Cryptography from Di#erent Assumptions
Benny Applebaum # Boaz Barak + Avi Wigderson #
November 7, 2009
Abstract
This paper attempts to broaden the foundations of publickey cryptography. We construct
new public key encryption schemes based on new hardnessonaverage assumptions for natural
combinatorial NPhard optimization problems. We consider the following assumptions:
1. It is infeasible to solve a random set of sparse linear equations mod 2, of which a small
fraction is noisy.
2. It is infeasible to distinguish between a random unbalanced bipartite graph, and such a
graph in which we ``plant'' at random in the large side a set S with only S/3 neighbors.
3. There is a pseudorandom generator in NC 0 where every output depends on a random
constantsize subset of the inputs.
We obtain semantically secure public key encryption schemes based on several combinations
of these assumptions with di#erent parameters. In particular we obtain public key encryption
from Assumption 1 on its own, yielding the first noisyequations type public key scheme in
which the noise rate is higher than one over the square root of equations. We also obtain
public key encryption based on a combination of Assumptions 2 and 3. These are arguably
of more ``combinatorial''/``privatekey'' nature than any assumptions used before for public
key cryptography. Our proof involves novel ``search to decision'' and ``search to prediction''
