Secure Obfuscation for Encrypted Signatures

Obfuscation is one of the most intriguing open problems in cryptography and only a few positive results are known. In TCC’07, Hohenberger et al. proposed an obfuscator for a re-encryption functionality, which takes a ciphertext for a message encrypted under Alice’s public key and transforms it into a ciphertext for the same message under Bob’s public key [24]. It is the first complicated cryptographic functionality that can be securely obfuscated, but obfuscators for such cryptographic functionalities are still elusive. In this paper, we consider obfuscation for encrypted signature (ES) functionalities, which generate a signature on a given message under Alice’s secret signing key and encrypt the signature under Bob’s public encryption key. We propose a special ES functionality, which is the sequential composition of Waters’s signature scheme [33] and the linear encryption scheme proposed by Boneh, Boyen, and Shacham [5], and construct a secure obfuscator for it. We follow the security argument by Hohenberger et al. to prove that our proposed obfuscator satisfies a virtual black-box property (VBP), which guarantees that the security of the signature scheme is preserved even when adversaries are given an obfuscated program. Our security argument is in the standard model.

[1]  Brent Waters,et al.  Efficient Identity-Based Encryption Without Random Oracles , 2005, EUROCRYPT.

[2]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[3]  Dan Boneh,et al.  Advances in Cryptology - CRYPTO 2003 , 2003, Lecture Notes in Computer Science.

[4]  Craig Gentry,et al.  A fully homomorphic encryption scheme , 2009 .

[5]  Yevgeniy Dodis,et al.  Correcting errors without leaking partial information , 2005, STOC '05.

[6]  Matthew Franklin,et al.  Advances in Cryptology – CRYPTO 2004 , 2004, Lecture Notes in Computer Science.

[7]  A. J. Menezes,et al.  Advances in Cryptology - CRYPTO 2007, 27th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 19-23, 2007, Proceedings , 2007, CRYPTO.

[8]  Anna Lysyanskaya,et al.  Unique Signatures and Verifiable Random Functions from the DH-DDH Separation , 2002, CRYPTO.

[9]  Amit Sahai,et al.  Positive Results and Techniques for Obfuscation , 2004, EUROCRYPT.

[10]  Ben Adida,et al.  How to Shuffle in Public , 2007, TCC.

[11]  Ran Canetti,et al.  Perfectly One-Way Probabilistic Hash Functions , 1998, Symposium on the Theory of Computing.

[12]  Claus-Peter Schnorr,et al.  Efficient signature generation by smart cards , 2004, Journal of Cryptology.

[13]  Arto Salomaa,et al.  Public-Key Cryptography , 1991, EATCS Monographs on Theoretical Computer Science.

[14]  Ronald Cramer,et al.  Advances in Cryptology - EUROCRYPT 2005, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22-26, 2005, Proceedings , 2005, EUROCRYPT.

[15]  Hoeteck Wee,et al.  On obfuscating point functions , 2005, STOC '05.

[16]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[17]  Aggelos Kiayias,et al.  Traitor Tracing with Constant Transmission Rate , 2002, EUROCRYPT.

[18]  Moni Naor,et al.  Number-theoretic constructions of efficient pseudo-random functions , 2004, JACM.

[19]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[20]  Dennis Hofheinz,et al.  Obfuscation for Cryptographic Purposes , 2007, Journal of Cryptology.

[21]  Aggelos Kiayias,et al.  Traceable Signatures , 2004, EUROCRYPT.

[22]  Colin Boyd,et al.  Advances in Cryptology - ASIACRYPT 2001 , 2001 .

[23]  Satoshi Hada,et al.  Zero-Knowledge and Code Obfuscation , 2000, ASIACRYPT.

[24]  Ronald Cramer,et al.  Design and Analysis of Practical Public-Key Encryption Schemes Secure against Adaptive Chosen Ciphertext Attack , 2003, SIAM J. Comput..

[25]  Jeffrey Shallit,et al.  Algorithmic Number Theory , 1996, Lecture Notes in Computer Science.

[26]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[27]  Yael Tauman Kalai,et al.  On the impossibility of obfuscation with auxiliary input , 2005, 46th Annual IEEE Symposium on Foundations of Computer Science (FOCS'05).

[28]  Tal Rabin,et al.  On the Security of Joint Signature and Encryption , 2002, EUROCRYPT.

[29]  Yevgeniy Dodis,et al.  Efficient Construction of (Distributed) Verifiable Random Functions , 2003, Public Key Cryptography.

[30]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[31]  Ran Canetti,et al.  Non-malleable Obfuscation , 2009, TCC.

[32]  Victor Shoup Advances in Cryptology - CRYPTO 2005: 25th Annual International Cryptology Conference, Santa Barbara, California, USA, August 14-18, 2005, Proceedings , 2005, CRYPTO.

[33]  Luca Trevisan,et al.  Amplifying Collision Resistance: A Complexity-Theoretic Treatment , 2007, CRYPTO.

[34]  Ran Canetti,et al.  Towards Realizing Random Oracles: Hash Functions That Hide All Partial Information , 1997, CRYPTO.

[35]  Rafail Ostrovsky,et al.  Private Searching on Streaming Data , 2005, Journal of Cryptology.

[36]  Tatsuaki Okamoto,et al.  Advances in Cryptology — ASIACRYPT 2000 , 2000, Lecture Notes in Computer Science.

[37]  Jacques Stern,et al.  Advances in Cryptology — EUROCRYPT ’99 , 1999, Lecture Notes in Computer Science.

[38]  Ran Canetti,et al.  Perfectly one-way probabilistic hash functions (preliminary version) , 1998, STOC '98.

[39]  Moti Yung,et al.  Advances in Cryptology — CRYPTO 2002 , 2002, Lecture Notes in Computer Science.

[40]  Aggelos Kiayias,et al.  Self Protecting Pirates and Black-Box Traitor Tracing , 2001, CRYPTO.

[41]  Hugo Krawczyk,et al.  Relaxing Chosen-Ciphertext Security , 2003, CRYPTO.

[42]  Antoine Joux,et al.  Separating Decision Diffie-Hellman from Diffie-Hellman in cryptographic groups , 2001, IACR Cryptology ePrint Archive.

[43]  Amit Sahai,et al.  On the (im)possibility of obfuscating programs , 2001, JACM.

[44]  Abhi Shelat,et al.  Securely Obfuscating Re-Encryption , 2007, Journal of Cryptology.

[45]  Oded Goldreich,et al.  Foundations of Cryptography: Volume 2, Basic Applications , 2004 .

[46]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[47]  Gerrit Bleumer,et al.  Undeniable Signatures , 2011, Encyclopedia of Cryptography and Security.

[48]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[49]  Nigel P. Smart,et al.  Advances in Cryptology - EUROCRYPT 2008, 27th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Istanbul, Turkey, April 13-17, 2008. Proceedings , 2008, EUROCRYPT.

[50]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[51]  Burton S. Kaliski Advances in Cryptology - CRYPTO '97 , 1997 .

[52]  Hovav Shacham,et al.  Short Group Signatures , 2004, CRYPTO.

[53]  Antoine Joux,et al.  The Weil and Tate Pairings as Building Blocks for Public Key Cryptosystems , 2002, ANTS.

[54]  Yuliang Zheng,et al.  Digital Signcryption or How to Achieve Cost(Signature & Encryption) << Cost(Signature) + Cost(Encryption) , 1997, CRYPTO.

[55]  Ran Canetti,et al.  Obfuscating Point Functions with Multibit Output , 2008, EUROCRYPT.

[56]  Antoine Joux,et al.  Separating Decision Diffie–Hellman from Computational Diffie–Hellman in Cryptographic Groups , 2003, Journal of Cryptology.