论文信息 - Indistinguishability Obfuscation: From Approximate to Exact

Indistinguishability Obfuscation: From Approximate to Exact

We show general transformations from subexponentially-secure approximate indistinguishability obfuscation IO where the obfuscated circuit agrees with the original circuit on a $$1/2+\epsilon $$ fraction of inputs on a certain samplable distribution, into exact indistinguishability obfuscation where the obfuscated circuit and the original circuit agree on all inputs. As a step towards our results, which is of independent interest, we also obtain an approximate-to-exact transformation for functional encryption. At the core of our techniques is a method for "fooling" the obfuscator into giving us the correct answer, while preserving the indistinguishability-based security. This is achieved based on various types of secure computation protocols that can be obtained from different standard assumptions. Put together with the recent results of Canetti, Kalai and Paneth TCC 2015, Pass and Shelat TCC 2016, and Mahmoody, Mohammed and Nemathaji TCC 2016, we show how to convert indistinguishability obfuscation schemes in various ideal models into exact obfuscation schemes in the plain model.

Nir Bitansky | Vinod Vaikuntanathan | V. Vaikuntanathan | Nir Bitansky

[1] Adi Shamir,et al. Multiple NonInteractive Zero Knowledge Proofs Under General Assumptions , 1999, SIAM J. Comput..

[2] Silvio Micali,et al. How to construct random functions , 1986, JACM.

[3] Brice Minaud,et al. Cryptanalysis of the New CLT Multilinear Map over the Integers , 2016, EUROCRYPT.

[4] Craig Gentry,et al. Candidate Multilinear Maps from Ideal Lattices , 2013, EUROCRYPT.

[5] Yupu Hu,et al. Cryptanalysis of GGH Map , 2016, EUROCRYPT.

[6] Moni Naor,et al. Bit commitment using pseudorandomness , 1989, Journal of Cryptology.

[7] Jae Hong Seo,et al. Security Analysis of Multilinear Maps over the Integers , 2014, IACR Cryptol. ePrint Arch..

[8] Yuval Ishai,et al. Perfect Constant-Round Secure Computation via Perfect Randomizing Polynomials , 2002, ICALP.

[9] Brent Waters,et al. A Framework for Efficient and Composable Oblivious Transfer , 2008, CRYPTO.

[10] Mihir Bellare,et al. Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[11] Craig Gentry,et al. Fully Secure Functional Encryption without Obfuscation , 2014, IACR Cryptol. ePrint Arch..

[12] Leonid A. Levin,et al. A Pseudorandom Generator from any One-way Function , 1999, SIAM J. Comput..

[13] Mohammad Mahmoody,et al. More on Impossibility of Virtual Black-Box Obfuscation in Idealized Models , 2015, IACR Cryptol. ePrint Arch..

[14] Rafael Pass,et al. Indistinguishability Obfuscation from Semantically-Secure Multilinear Encodings , 2014, CRYPTO.

[15] Moni Naor,et al. Zaps and Their Applications , 2007, SIAM J. Comput..

[16] Martín Abadi,et al. On Hiding Information from an Oracle , 1987, Proceeding Structure in Complexity Theory.

[17] Brent Waters,et al. How to use indistinguishability obfuscation: deniable encryption, and more , 2014, IACR Cryptol. ePrint Arch..

[18] Abhi Shelat,et al. Impossibility of VBB Obfuscation with Ideal Constant-Degree Graded Encodings , 2016, TCC.

[19] Abhishek Jain,et al. Indistinguishability Obfuscation from Compact Functional Encryption , 2015, CRYPTO.

[20] Brent Waters,et al. Functional encryption: a new vision for public-key cryptography , 2012, CACM.

[21] Moni Naor,et al. Efficient oblivious transfer protocols , 2001, SODA '01.

[22] Allison Bishop,et al. Indistinguishability Obfuscation from the Multilinear Subgroup Elimination Assumption , 2015, 2015 IEEE 56th Annual Symposium on Foundations of Computer Science.

[23] Aggelos Kiayias,et al. Delegatable pseudorandom functions and applications , 2013, IACR Cryptol. ePrint Arch..

[24] Craig Gentry,et al. Graph-Induced Multilinear Maps from Lattices , 2015, TCC.

[25] Nir Bitansky,et al. Time-Lock Puzzles from Randomized Encodings , 2016, IACR Cryptol. ePrint Arch..

[26] Yuval Ishai,et al. Computationally Private Randomizing Polynomials and Their Applications , 2005, Computational Complexity Conference.

[27] Yehuda Lindell,et al. A Full Proof of the BGW Protocol for Perfectly Secure Multiparty Computation , 2015, Journal of Cryptology.

[28] Guy N. Rothblum,et al. Virtual Black-Box Obfuscation for All Circuits via Generic Graded Encoding , 2014, TCC.

[29] Joe Zimmerman,et al. How to Obfuscate Programs Directly , 2015, EUROCRYPT.

[30] Aggelos Kiayias,et al. A Little Honesty Goes a Long Way - The Two-Tier Model for Secure Multiparty Computation , 2015, TCC.

[31] Victor Shoup,et al. Lower Bounds for Discrete Logarithms and Related Problems , 1997, EUROCRYPT.

[32] Nir Bitansky,et al. A Note on Perfect Correctness by Derandomization , 2017, Journal of Cryptology.

[33] Jean-Sébastien Coron,et al. Practical Multilinear Maps over the Integers , 2013, CRYPTO.

[34] Nir Bitansky,et al. Indistinguishability Obfuscation from Functional Encryption , 2015, 2015 IEEE 56th Annual Symposium on Foundations of Computer Science.

[35] Salil P. Vadhan,et al. Derandomization in Cryptography , 2007, SIAM J. Comput..

[36] Shafi Goldwasser,et al. Functional Signatures and Pseudorandom Functions , 2014, Public Key Cryptography.

[37] Jean-Sébastien Coron,et al. New Multilinear Maps Over the Integers , 2015, CRYPTO.

[38] Yael Tauman Kalai,et al. The Impossibility of Obfuscation with Auxiliary Input or a Universal Simulator , 2014, CRYPTO.

[39] Yael Tauman Kalai,et al. On the impossibility of obfuscation with auxiliary input , 2005, 46th Annual IEEE Symposium on Foundations of Computer Science (FOCS'05).

[40] Brent Waters,et al. Constrained Pseudorandom Functions and Their Applications , 2013, ASIACRYPT.

[41] Allison Bishop,et al. Witness Encryption from Instance Independent Assumptions , 2014, IACR Cryptol. ePrint Arch..

[42] Adam O'Neill,et al. Definitional Issues in Functional Encryption , 2010, IACR Cryptol. ePrint Arch..

[43] Zvika Brakerski,et al. Obfuscating Circuits via Composite-Order Graded Encoding , 2015, TCC.

[44] Moni Naor,et al. Immunizing Encryption Schemes from Decryption Errors , 2004, EUROCRYPT.

[45] Craig Gentry,et al. Candidate Multilinear Maps from Ideal Lattices and Applications , 2012, IACR Cryptol. ePrint Arch..

[46] Christopher Umans,et al. Simple extractors for all min-entropies and a new pseudo-random generator , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[47] SahaiAmit,et al. On the (im)possibility of obfuscating programs , 2012 .

[48] Craig Gentry,et al. Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[49] Andrew Chi-Chih Yao,et al. How to generate and exchange secrets , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[50] Craig Gentry,et al. Zeroizing Without Low-Level Zeroes: New MMAP Attacks and their Limitations , 2015, CRYPTO.

[51] Jung Hee Cheon,et al. Cryptanalysis of the Multilinear Map over the Integers , 2014, EUROCRYPT.

[52] Yael Tauman Kalai,et al. Improved Delegation of Computation using Fully Homomorphic Encryption , 2010, IACR Cryptol. ePrint Arch..

[53] Yael Tauman Kalai,et al. On Obfuscation with Random Oracles , 2015, TCC.

[54] Moni Naor,et al. One-Way Functions and (Im)Perfect Obfuscation , 2014, 2014 IEEE 55th Annual Symposium on Foundations of Computer Science.

[55] Nir Bitansky,et al. From the Impossibility of Obfuscation to a New Non-Black-Box Simulation Technique , 2012, 2012 IEEE 53rd Annual Symposium on Foundations of Computer Science.

[56] Vinod Vaikuntanathan,et al. Functional Encryption with Bounded Collusions via Multi-party Computation , 2012, CRYPTO.

[57] Ran Canetti,et al. Obfuscation of Probabilistic Circuits and Applications , 2015, TCC.

[58] Amit Sahai,et al. On the (im)possibility of obfuscating programs , 2001, JACM.

[59] Rafail Ostrovsky,et al. Invariant Signatures and Non-Interactive Zero-Knowledge Proofs are Equivalent (Extended Abstract) , 1992, CRYPTO.

[60] Nir Bitansky,et al. ZAPs and Non-Interactive Witness Indistinguishability from Indistinguishability Obfuscation , 2015, TCC.

[61] Avi Wigderson,et al. Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[62] Tibor Jager,et al. Verifiable Random Functions from Weaker Assumptions , 2015, TCC.

[63] Mohammad Mahmoody,et al. On the Impossibility of Virtual Black-Box Obfuscation in Idealized Models , 2016, TCC.

[64] Dan Boneh,et al. Key Homomorphic PRFs and Their Applications , 2013, CRYPTO.

[65] Vinod Vaikuntanathan,et al. The Trojan Method in Functional Encryption: From Selective to Adaptive Security, Generically , 2014, IACR Cryptol. ePrint Arch..

[66] Noam Nisan,et al. Hardness vs. randomness , 1988, [Proceedings 1988] 29th Annual Symposium on Foundations of Computer Science.

[67] Guy N. Rothblum,et al. Black-box obfuscation for d-CNFs , 2014, ITCS.

[68] Yael Tauman Kalai,et al. Protecting Obfuscation against Algebraic Attacks , 2014, EUROCRYPT.

[69] Martín Abadi,et al. On hiding information from an oracle , 1987, STOC '87.

[70] Dan Boneh,et al. Immunizing Multilinear Maps Against Zeroizing Attacks , 2014, IACR Cryptol. ePrint Arch..