Adaptively Secure Puncturable Pseudorandom Functions in the Standard Model

We study the adaptive security of constrained PRFs in the standard model. We initiate our exploration with puncturable PRFs. A puncturable PRF family is a special class of constrained PRFs, where the constrained key is associated with an element $$x'$$ in the input domain. The key allows evaluation at all points $$x\ne x'$$. We show how to build puncturable PRFs with adaptive security proofs in the standard model that involve only polynomial loss to the underlying assumptions. Prior work had either super-polynomial loss or applied the random oracle heuristic. Our construction uses indistinguishability obfuscation and DDH-hard algebraic groups of composite order. More generally, one can consider a t-puncturable PRF: PRFs that can be punctured at any set of inputs S, provided the size of S is less than a fixed polynomial. We additionally show how to transform any single puncturable PRF family to a t-puncturable PRF family, using indistinguishability obfuscation.

[1]  Brent Waters,et al.  Candidate Indistinguishability Obfuscation and Functional Encryption for all Circuits , 2013, 2013 IEEE 54th Annual Symposium on Foundations of Computer Science.

[2]  Stanislaw Jarecki,et al.  Cryptographic Primitives Enforcing Communication and Storage Complexity , 2002, Financial Cryptography.

[3]  Brent Waters,et al.  Efficient Identity-Based Encryption Without Random Oracles , 2005, EUROCRYPT.

[4]  Silvio Micali,et al.  How to Construct Random Functions (Extended Abstract) , 1984, FOCS.

[5]  Eike Kiltz,et al.  Programmable Hash Functions and Their Applications , 2008, Journal of Cryptology.

[6]  Brent Waters,et al.  How to use indistinguishability obfuscation: deniable encryption, and more , 2014, IACR Cryptol. ePrint Arch..

[7]  S. Micali,et al.  How To Construct Randolli Functions , 1984, FOCS 1984.

[8]  Allison Bishop,et al.  Indistinguishability Obfuscation from the Multilinear Subgroup Elimination Assumption , 2015, 2015 IEEE 56th Annual Symposium on Foundations of Computer Science.

[9]  Brent Waters,et al.  Constrained Pseudorandom Functions and Their Applications , 2013, ASIACRYPT.

[10]  Georg Fuchsbauer Constrained Verifiable Random Functions , 2014, SCN.

[11]  Srinivasan Raghuraman,et al.  Constrained Pseudorandom Functions: Verifiable and Delegatable , 2014, IACR Cryptol. ePrint Arch..

[12]  Dan Boneh,et al.  Efficient Lattice (H)IBE in the Standard Model , 2010, EUROCRYPT.

[13]  Aggelos Kiayias,et al.  Delegatable pseudorandom functions and applications , 2013, IACR Cryptol. ePrint Arch..

[14]  Kenneth G. Paterson,et al.  Programmable Hash Functions in the Multilinear Setting , 2013, CRYPTO.

[15]  Shafi Goldwasser,et al.  Functional Signatures and Pseudorandom Functions , 2014, Public Key Cryptography.

[16]  Melissa Chase,et al.  Deja Q: Using Dual Systems to Revisit q-Type Assumptions , 2014, IACR Cryptol. ePrint Arch..

[17]  Dennis Hofheinz,et al.  Fully secure constrained pseudorandom functions using random oracles , 2014, IACR Cryptol. ePrint Arch..

[18]  Moni Naor,et al.  Number-theoretic constructions of efficient pseudo-random functions , 2004, JACM.

[19]  Brent Waters,et al.  Dual System Encryption: Realizing Fully Secure IBE and HIBE under Simple Assumptions , 2009, IACR Cryptol. ePrint Arch..

[20]  Brent Waters,et al.  Replacing a Random Oracle: Full Domain Hash From Indistinguishability Obfuscation , 2014, IACR Cryptol. ePrint Arch..

[21]  Georg Fuchsbauer,et al.  Adaptive Security of Constrained PRFs , 2014, IACR Cryptol. ePrint Arch..

[22]  Allison Bishop,et al.  New Proof Methods for Attribute-Based Encryption: Achieving Full Security through Selective Techniques , 2012, CRYPTO.

[23]  Brent Waters,et al.  Full Domain Hash from (Leveled) Multilinear Maps and Identity-Based Aggregate Signatures , 2013, CRYPTO.

[24]  Dan Boneh,et al.  Secure Identity Based Encryption Without Random Oracles , 2004, CRYPTO.

[25]  Brent Waters,et al.  Constructing Verifiable Random Functions with Large Input Spaces , 2010, EUROCRYPT.

[26]  Nir Bitansky,et al.  Indistinguishability Obfuscation vs. Auxiliary-Input Extractable Functions: One Must Fall , 2013, IACR Cryptol. ePrint Arch..

[27]  Mark Zhandry,et al.  Multiparty Key Exchange, Efficient Traitor Tracing, and More from Indistinguishability Obfuscation , 2014, Algorithmica.