Constrained PRFs for \mathrmNC^1 in Traditional Groups.

We propose new constrained pseudorandom functions (CPRFs) in traditional groups. Traditional groups mean cyclic and multiplicative groups of prime order that were widely used in the 1980s and 1990s (sometimes called "pairing free" groups). Our main constructions are as follows. - We propose a selectively single-key secure CPRF for circuits with depth O(log n) (that is, NC1 circuits) in traditional groups where n is the input size. It is secure under the L-decisional Diffie-Hellman inversion (L-DDHI) assumption in the group of quadratic residues QR(q) and the decisional Diffie-Hellman (DDH) assumption in a traditional group of order q in the standard model. - We propose a selectively single-key private bit-fixing CPRF in traditional groups. It is secure under the DDH assumption in any prime-order cyclic group in the standard model. - We propose adaptively single-key secure CPRF for NC1 and private bit-fixing CPRF in the random oracle model. To achieve the security in the standard model, we develop a new technique using correlated-input secure hash functions.