Revision as of 21:37, 2 February 2024 edit Kaltenmeyer (talk \| contribs) Extended confirmed users 128,379 edits m edited refs ← Previous edit		Revision as of 21:48, 2 February 2024 edit undo Kaltenmeyer (talk \| contribs) Extended confirmed users 128,379 edits m close parens Next edit →
Line 11: * The second-party (''the server''), knows the ''secret'' ('''S'''), but does not learn either the input ('''I'''), nor the output ('''O'''). * The function has the same security properties as any [[Cryptographic_hash_function\|cryptographically-secure]] pseudorandom function: It is hard to find two inputs with the same output (i.e. it is [[Hash_collision\|collision resistant]]) It is hard to invert (i.e. it is resistant to [[Preimage_attack\|preimage attacks]]) ** It is hard to distinguish the output from [[Cryptographically_secure_pseudorandom_number_generator#Requirements\|true randomness]]

Oblivious pseudorandom function: Difference between revisions