## Abstract

Constructing a Pseudo Random Function (PRF) is a fundamental problem in cryptology. Such a construction, implemented by truncating the last m bits of permutations of {0,1}^{n} was suggested by Hall et al. (1998). They conjectured that the distinguishing advantage of an adversary with q queries, Adv_{n,m}(q), is small if q=o(2^{(n+m)∕2}), established an upper bound on Adv_{n,m}(q) that confirms the conjecture for m<n∕7, and also declared a general lower bound Adv_{n,m}(q)=Ω(q^{2}∕2^{n+m}). The conjecture was essentially confirmed by Bellare and Impagliazzo (1999). Nevertheless, the problem of estimating Adv_{n,m}(q) remained open. Combining the trivial bound 1, the birthday bound, and a result of Stam (1978) leads to the upper bound [Formula presented] In this paper we show that this upper bound is tight for every 0≤m<n and any q. This, in turn, verifies that the converse to the conjecture of Hall et al. is also correct, i.e., that Adv_{n,m}(q) is negligible only for q=o(2^{(n+m)∕2}).

Original language | English |
---|---|

Pages (from-to) | 214-223 |

Number of pages | 10 |

Journal | Discrete Applied Mathematics |

Volume | 294 |

DOIs | |

State | Published - 15 May 2021 |

### Bibliographical note

Funding Information:This research was partially supported by the Bar-Ilan University Center for Research in Applied Cryptography and Cyber Security , and the Center for Cyber Law and Policy at the University of Haifa , both in conjunction with the Israel National Cyber Bureau in the Prime Minister’s Office ; the Israel Science Foundation (ISF, Grant Number 3380/19 ); and a joint funding research grant of the U.S. National Science Foundation and the U.S.–Israel Binational Science Foundation (NSF–BSF, Grant Number 2018640 ).

Funding Information:

We thank Ron Peled for fruitful discussions. This research was partially supported by the Bar-Ilan University Center for Research in Applied Cryptography and Cyber Security, and the Center for Cyber Law and Policy at the University of Haifa, both in conjunction with the Israel National Cyber Bureau in the Prime Minister's Office; the Israel Science Foundation (ISF, Grant Number 3380/19); and a joint funding research grant of the U.S. National Science Foundation and the U.S.?Israel Binational Science Foundation (NSF?BSF, Grant Number 2018640).

Publisher Copyright:

© 2021 Elsevier B.V.

## Keywords

- Pseudo random function advantage