Indistinguishability Obfuscation for Turing Machines: Constant Overhead and Amortization

We study the asymptotic efficiency of indistinguishability obfuscation (\(\mathsf {i}\mathcal {O}\)) on two fronts: Obfuscation size: Present constructions of indistinguishability obfuscation (\(\mathsf {i}\mathcal {O}\)) create obfuscated programs where the size of the obfuscated program is at least a multiplicative factor of security parameter larger than the size of the original program. In this work, we construct the first \(\mathsf {i}\mathcal {O}\) scheme for (bounded-input) Turing machines that achieves only a constant multiplicative overhead in size. The constant in our scheme is, in fact, 2. Amortization: Suppose we want to obfuscate an arbitrary polynomial number of (bounded-input) Turing machines \(M_1,\ldots ,M_n\). We ask whether it is possible to obfuscate \(M_1,\ldots ,M_n\) using a single application of an \(\mathsf {i}\mathcal {O}\) scheme for a circuit family where the size of any circuit is independent of n as well the size of any Turing machine \(M_i\). In this work, we resolve this question in the affirmative, obtaining a new bootstrapping theorem for obfuscating arbitrarily many Turing machines.

[1]  Yael Tauman Kalai,et al.  Protecting Obfuscation against Algebraic Attacks , 2014, EUROCRYPT.

[2]  Michael J. Fischer,et al.  Relations Among Complexity Measures , 1979, JACM.

[3]  Brent Waters,et al.  How to use indistinguishability obfuscation: deniable encryption, and more , 2014, IACR Cryptol. ePrint Arch..

[4]  Michael O. Rabin,et al.  How To Exchange Secrets with Oblivious Transfer , 2005, IACR Cryptol. ePrint Arch..

[5]  Yuval Ishai,et al.  Public-Coin Differing-Inputs Obfuscation and Its Applications , 2015, TCC.

[6]  Jean-Sébastien Coron,et al.  Practical Multilinear Maps over the Integers , 2013, CRYPTO.

[7]  Yuval Ishai,et al.  Optimizing Obfuscation: Avoiding Barrington's Theorem , 2014, CCS.

[8]  Allison Bishop,et al.  Indistinguishability Obfuscation from the Multilinear Subgroup Elimination Assumption , 2015, 2015 IEEE 56th Annual Symposium on Foundations of Computer Science.

[9]  Brent Waters,et al.  Constrained Pseudorandom Functions and Their Applications , 2013, ASIACRYPT.

[10]  Allison Bishop,et al.  Witness Encryption from Instance Independent Assumptions , 2014, IACR Cryptol. ePrint Arch..

[11]  Rafail Ostrovsky,et al.  Cryptography with constant computational overhead , 2008, STOC.

[12]  Craig Gentry,et al.  Zeroizing without zeroes: Cryptanalyzing multilinear maps without encodings of zero , 2014, IACR Cryptol. ePrint Arch..

[13]  Shafi Goldwasser,et al.  Functional Signatures and Pseudorandom Functions , 2014, Public Key Cryptography.

[14]  Yuval Ishai,et al.  Randomizing polynomials: A new representation with applications to round-efficient secure computation , 2000, Proceedings 41st Annual Symposium on Foundations of Computer Science.

[15]  Jean-Sébastien Coron,et al.  New Multilinear Maps Over the Integers , 2015, CRYPTO.

[16]  Amit Sahai,et al.  On the (im)possibility of obfuscating programs , 2001, JACM.

[17]  Kai-Min Chung,et al.  Delegating RAM Computations with Adaptive Soundness and Privacy , 2016, TCC.

[18]  Brice Minaud,et al.  Cryptanalysis of the New CLT Multilinear Map over the Integers , 2016, EUROCRYPT.

[19]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[20]  Craig Gentry,et al.  Candidate Multilinear Maps from Ideal Lattices , 2013, EUROCRYPT.

[21]  Huijia Lin,et al.  Indistinguishability Obfuscation from Constant-Degree Graded Encoding Schemes , 2016, EUROCRYPT.

[22]  Craig Gentry,et al.  Fully Key-Homomorphic Encryption, Arithmetic Circuit ABE and Compact Garbled Circuits , 2014, EUROCRYPT.

[23]  Oded Goldreich,et al.  Foundations of Cryptography: Volume 2, Basic Applications , 2004 .

[24]  Ran Canetti,et al.  Indistinguishability Obfuscation of Iterated Circuits and RAM Programs , 2014, IACR Cryptol. ePrint Arch..

[25]  Yuval Ishai,et al.  COMPUTATIONALLY PRIVATE RANDOMIZING POLYNOMIALS AND THEIR APPLICATIONS , 2005, 20th Annual IEEE Conference on Computational Complexity (CCC'05).

[26]  Craig Gentry,et al.  On the Implausibility of Differing-Inputs Obfuscation and Extractable Witness Encryption with Auxiliary Input , 2014, CRYPTO.

[27]  Nir Bitansky,et al.  Indistinguishability Obfuscation from Functional Encryption , 2018, J. ACM.

[28]  Kai-Min Chung,et al.  Computation-Trace Indistinguishability Obfuscation and its Applications , 2015, IACR Cryptol. ePrint Arch..

[29]  A. Yao,et al.  Fair exchange with a semi-trusted third party (extended abstract) , 1997, CCS '97.

[30]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[31]  Yael Tauman Kalai,et al.  Reusable garbled circuits and succinct functional encryption , 2013, STOC '13.

[32]  Kai-Min Chung,et al.  On Extractability Obfuscation , 2014, IACR Cryptol. ePrint Arch..

[33]  Dan Boneh,et al.  Immunizing Multilinear Maps Against Zeroizing Attacks , 2014, IACR Cryptol. ePrint Arch..

[34]  Craig Gentry,et al.  Succinct Randomized Encodings and their Applications. , 2014 .

[35]  Yehuda Lindell,et al.  A Proof of Security of Yao’s Protocol for Two-Party Computation , 2009, Journal of Cryptology.

[36]  Zvika Brakerski,et al.  Obfuscating Circuits via Composite-Order Graded Encoding , 2015, TCC.

[37]  Yuval Ishai,et al.  Cryptography in NC0 , 2004, SIAM J. Comput..

[38]  Ran Canetti,et al.  Obfuscation of Probabilistic Circuits and Applications , 2015, TCC.

[39]  Eric Miles,et al.  Secure Obfuscation in a Weak Multilinear Map Model , 2016, TCC.

[40]  Rafael Pass,et al.  Output-Compressing Randomized Encodings and Applications , 2016, TCC.

[41]  Mark Zhandry,et al.  Differing-Inputs Obfuscation and Applications , 2013, IACR Cryptol. ePrint Arch..

[42]  Omer Paneth,et al.  On the Achievability of Simulation-Based Security for Functional Encryption , 2013, CRYPTO.

[43]  Guy N. Rothblum,et al.  Virtual Black-Box Obfuscation for All Circuits via Generic Graded Encoding , 2014, TCC.

[44]  Moni Naor,et al.  Public-key cryptosystems provably secure against chosen ciphertext attacks , 1990, STOC '90.

[45]  Brent Waters,et al.  A Punctured Programming Approach to Adaptively Secure Functional Encryption , 2015, CRYPTO.

[46]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[47]  Ran Canetti,et al.  Adaptive Succinct Garbled RAM or: How to Delegate Your Database , 2016, TCC.

[48]  Amit Sahai,et al.  Achieving Compactness Generically: Indistinguishability Obfuscation from Non-Compact Functional Encryption , 2015, IACR Cryptol. ePrint Arch..

[49]  Mark Zhandry,et al.  Obfuscating Low-Rank Matrix Branching Programs , 2014, IACR Cryptol. ePrint Arch..

[50]  Amit Sahai,et al.  Patchable Indistinguishability Obfuscation: iO for Evolving Software , 2017, EUROCRYPT.

[51]  Craig Gentry,et al.  Outsourcing Private RAM Computation , 2014, 2014 IEEE 55th Annual Symposium on Foundations of Computer Science.

[52]  Ran Canetti,et al.  Succinct Adaptive Garbled RAM , 2015, IACR Cryptol. ePrint Arch..

[53]  Joe Zimmerman,et al.  How to Obfuscate Programs Directly , 2015, EUROCRYPT.

[54]  Aggelos Kiayias,et al.  Delegatable pseudorandom functions and applications , 2013, IACR Cryptol. ePrint Arch..

[55]  Craig Gentry,et al.  Graph-Induced Multilinear Maps from Lattices , 2015, TCC.

[56]  Daniel Wichs,et al.  On the Communication Complexity of Secure Function Evaluation with Long Output , 2015, IACR Cryptol. ePrint Arch..

[57]  Amit Sahai,et al.  Functional Encryption for Turing Machines , 2016, TCC.

[58]  Craig Gentry,et al.  Zeroizing Without Low-Level Zeroes: New MMAP Attacks and their Limitations , 2015, CRYPTO.

[59]  Jung Hee Cheon,et al.  Cryptanalysis of the Multilinear Map over the Integers , 2014, EUROCRYPT.

[60]  Vinod Vaikuntanathan,et al.  Indistinguishability Obfuscation from DDH-Like Assumptions on Constant-Degree Graded Encodings , 2016, 2016 IEEE 57th Annual Symposium on Foundations of Computer Science (FOCS).

[61]  Yael Tauman Kalai,et al.  How to Run Turing Machines on Encrypted Data , 2013, CRYPTO.

[62]  Eric Miles,et al.  Annihilation Attacks for Multilinear Maps: Cryptanalysis of Indistinguishability Obfuscation over GGH13 , 2016, CRYPTO.

[63]  Rafael Pass,et al.  Indistinguishability Obfuscation from Semantically-Secure Multilinear Encodings , 2014, CRYPTO.

[64]  Kai-Min Chung,et al.  Cryptography for Parallel RAM from Indistinguishability Obfuscation , 2016, ITCS.

[65]  Vinod Vaikuntanathan,et al.  Watermarking cryptographic capabilities , 2016, STOC.

[66]  Ran Canetti,et al.  Fully Succinct Garbled RAM , 2016, ITCS.

[67]  Abhishek Jain,et al.  Indistinguishability Obfuscation from Compact Functional Encryption , 2015, CRYPTO.

[68]  Jean-Sébastien Coron,et al.  Cryptanalysis of Two Candidate Fixes of Multilinear Maps over the Integers , 2014, IACR Cryptol. ePrint Arch..

[69]  Allison Bishop,et al.  Indistinguishability Obfuscation for Turing Machines with Unbounded Memory , 2015, IACR Cryptol. ePrint Arch..

[70]  Mihir Bellare,et al.  Foundations of garbled circuits , 2012, CCS.

[71]  Nir Bitansky,et al.  On the Cryptographic Hardness of Finding a Nash Equilibrium , 2015, FOCS.

[72]  Oded Goldreich,et al.  A randomized protocol for signing contracts , 1985, CACM.

[73]  Brent Waters,et al.  New Negative Results on Differing-Inputs Obfuscation , 2016, EUROCRYPT.

[74]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.