Preventing CLT Zeroizing Attacks on Obfuscation

We describe a defense against zeroizing attacks on indistinguishability obfuscation (iO) over the CLT13 multilinear map construction. This defense applies to the most recent extension of the attack by Coron et al. (ePrint 2016), under which a much larger class of branching programs is vulnerable. To accomplish this, we distill an essential common component of all previous zeroizing attacks on iO over CLT13. This leads to the notion of a function being “input partionable”, meaning that the bits of the function’s input can be partitioned into somewhat independent subsets. We find a way to thwart these attacks by requiring a signature structure to be added to the input of every function. The signature eliminates the possibility of finding independent subsets of the input that still leads to more than one valid input, and thus, stops this line of attack. Finally, two concrete instantiations of such signatures are suggested. We can also apply our defense to a recent extension of attacks by Chen et al (ePrint 2016) on obfuscation in the context of GGH13 construction. UCLA and Center for Encrypted Functionalities. {rex, rasmussen, sahai}@cs.ucla.edu. Research supported in part from a DARPA/ARL SAFEWARE award, NSF Frontier Award 1413955, NSF grants 1619348, 1228984, 1136174, and 1065276, a Xerox Faculty Research Award, a Google Faculty Research Award, an equipment grant from Intel, and an Okawa Foundation Research Grant. This material is based upon work supported by the Defense Advanced Research Projects Agency through the ARL under Contract W911NF-15-C-0205. The views expressed are those of the author and do not reflect the official policy or position of the Department of Defense, the National Science Foundation, or the U.S. Government.