Adaptive Garbled RAM from Laconic Oblivious Transfer

We give a construction of an adaptive garbled RAM scheme. In the adaptive setting, a client first garbles a “large” persistent database which is stored on a server. Next, the client can provide garbling of multiple adaptively and adversarially chosen RAM programs that execute and modify the stored database arbitrarily. The garbled database and the garbled program should reveal nothing more than the running time and the output of the computation. Furthermore, the sizes of the garbled database and the garbled program grow only linearly in the size of the database and the running time of the executed program respectively (up to poly logarithmic factors). The security of our construction is based on the assumption that laconic oblivious transfer (Cho et al., CRYPTO 2017) exists. Previously, such adaptive garbled RAM constructions were only known using indistinguishability obfuscation or in random oracle model. As an additional application, we note that this work yields the first constant round secure computation protocol for persistent RAM programs in the malicious setting from standard assumptions. Prior works did not support persistence in the malicious setting.

[1]  Andrew Chi-Chih Yao,et al.  How to generate and exchange secrets , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[2]  Silvio Micali,et al.  The round complexity of secure protocols , 1990, STOC '90.

[3]  Mihir Bellare,et al.  Foundations of garbled circuits , 2012, CCS.

[4]  Allison Bishop,et al.  Indistinguishability Obfuscation for Turing Machines with Unbounded Memory , 2015, IACR Cryptol. ePrint Arch..

[5]  Carmit Hazay,et al.  Constant-Round Maliciously Secure Two-Party Computation in the RAM Model , 2019, Journal of Cryptology.

[6]  Brent Waters,et al.  How to use indistinguishability obfuscation: deniable encryption, and more , 2014, IACR Cryptol. ePrint Arch..

[7]  Nico Döttling,et al.  Identity-Based Encryption from the Diffie-Hellman Assumption , 2017, CRYPTO.

[8]  Jonathan Katz,et al.  Secure two-party computation in sublinear (amortized) time , 2012, CCS.

[9]  Rafail Ostrovsky,et al.  Garbled RAM Revisited , 2014, EUROCRYPT.

[10]  Oded Goldreich,et al.  Towards a theory of software protection and simulation by oblivious RAMs , 1987, STOC.

[11]  Yuval Ishai,et al.  Computationally Private Randomizing Polynomials and Their Applications , 2005, Computational Complexity Conference.

[12]  Vinod Vaikuntanathan,et al.  Anonymous IBE, Leakage Resilience and Circular Security from New Assumptions , 2018, IACR Cryptol. ePrint Arch..

[13]  Yael Tauman Kalai,et al.  Reusable garbled circuits and succinct functional encryption , 2013, STOC '13.

[14]  Amit Sahai,et al.  On the (im)possibility of obfuscating programs , 2001, JACM.

[15]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[16]  Ran Canetti,et al.  Succinct Garbling and Indistinguishability Obfuscation for RAM Programs , 2015, STOC.

[17]  Abhi Shelat,et al.  SCORAM: Oblivious RAM for Secure Computation , 2014, IACR Cryptol. ePrint Arch..

[18]  Craig Gentry,et al.  Succinct Randomized Encodings and their Applications. , 2014 .

[19]  Yehuda Lindell,et al.  A Proof of Security of Yao’s Protocol for Two-Party Computation , 2009, Journal of Cryptology.

[20]  Brent Waters,et al.  Constrained Pseudorandom Functions and Their Applications , 2013, ASIACRYPT.

[21]  Peihan Miao Cut-and-Choose for Garbled RAM , 2016, IACR Cryptol. ePrint Arch..

[22]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[23]  Aggelos Kiayias,et al.  Delegatable pseudorandom functions and applications , 2013, IACR Cryptol. ePrint Arch..

[24]  Silvio Micali,et al.  The Round Complexity of Secure Protocols (Extended Abstract) , 1990, STOC 1990.

[25]  Rafail Ostrovsky,et al.  Black-Box Garbled RAM , 2015, 2015 IEEE 56th Annual Symposium on Foundations of Computer Science.

[26]  Sanjam Garg,et al.  Two-round Multiparty Secure Computation from Minimal Assumptions , 2018, IACR Cryptol. ePrint Arch..

[27]  Nico Döttling,et al.  New Constructions of Identity-Based and Key-Dependent Message Secure Encryption Schemes , 2018, Public Key Cryptography.

[28]  Andrew Chi-Chih Yao,et al.  Protocols for Secure Computations (Extended Abstract) , 1982, FOCS.

[29]  Daniel Wichs,et al.  Adaptive Security of Yao's Garbled Circuits , 2016, TCC.

[30]  Sanjam Garg,et al.  Adaptively Secure Garbling with Near Optimal Online Complexity , 2018, IACR Cryptol. ePrint Arch..

[31]  Kai-Min Chung,et al.  A Simple ORAM , 2013, IACR Cryptol. ePrint Arch..

[32]  Rafail Ostrovsky,et al.  Adaptively Secure Garbled Circuits from One-Way Functions , 2016, CRYPTO.

[33]  Rafail Ostrovsky,et al.  Garbled RAM From One-Way Functions , 2015, STOC.

[34]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[35]  Rafail Ostrovsky,et al.  Efficient computation on oblivious RAMs , 1990, STOC '90.

[36]  Rafail Ostrovsky,et al.  Round-Optimal Black-Box Two-Party Computation , 2015, CRYPTO.

[37]  Nico Döttling,et al.  Laconic Oblivious Transfer and Its Applications , 2017, CRYPTO.

[38]  Rafail Ostrovsky,et al.  Efficient Non-interactive Secure Computation , 2011, EUROCRYPT.

[39]  Ran Canetti,et al.  Adaptive Succinct Garbled RAM or: How to Delegate Your Database , 2016, TCC.

[40]  Sanjam Garg,et al.  Secure Multiparty RAM Computation in Constant Rounds , 2016, TCC.

[41]  Ran Canetti,et al.  Fully Succinct Garbled RAM , 2016, ITCS.

[42]  Mihir Bellare,et al.  Adaptively Secure Garbling with Applications to One-Time Programs and Secure Outsourcing , 2012, ASIACRYPT.

[43]  Rafail Ostrovsky,et al.  Private information storage (extended abstract) , 1997, STOC '97.

[44]  Ilan Komargodski,et al.  Be Adaptive, Avoid Overcommitting , 2017, CRYPTO.

[45]  Marcel Keller,et al.  Efficient Maliciously Secure Multiparty Computation for RAM , 2018, IACR Cryptol. ePrint Arch..

[46]  Rafail Ostrovsky,et al.  How to Garble RAM Programs , 2013, EUROCRYPT.

[47]  Rafail Ostrovsky,et al.  Software protection and simulation on oblivious RAMs , 1996, JACM.

[48]  Fabrice Benhamouda,et al.  k-Round Multiparty Computation from k-Round Oblivious Transfer via Garbled Interactive Circuits , 2018, EUROCRYPT.

[49]  Rafail Ostrovsky,et al.  Black-Box Parallel Garbled RAM , 2015, CRYPTO.

[50]  Kai-Min Chung,et al.  Delegating RAM Computations with Adaptive Soundness and Privacy , 2016, TCC.

[51]  Shafi Goldwasser,et al.  Functional Signatures and Pseudorandom Functions , 2014, Public Key Cryptography.

[52]  Benny Applebaum,et al.  Garbled Circuits as Randomized Encodings of Functions: a Primer , 2017, Tutorials on the Foundations of Cryptography.

[53]  Yuval Ishai,et al.  Cryptography in NC0 , 2004, SIAM J. Comput..

[54]  Silvio Micali,et al.  A Completeness Theorem for Protocols with Honest Majority , 1987, STOC 1987.

[55]  Craig Gentry,et al.  Outsourcing Private RAM Computation , 2014, 2014 IEEE 55th Annual Symposium on Foundations of Computer Science.