On the Non-Existence of Blockwise 2-Local PRGs with Applications to Indistinguishability Obfuscation

Lin and Tessaro (Eprint 2017/250) recently proposed indistinguishability obfuscation and functional encryption candidates and proved their security based on a standard assumption on bilinear maps and a non-standard assumption on “Goldreich-like” pseudorandom generators (PRG). In a nutshell, they require the existence of pseudo-random generatorsG : Σ → {0, 1}m for some poly(n)-size alphabet Σ where each output bit depends on at most two input alphabet symbols, and which achieve sufficiently large stretch. We show a polynomial-time attack against such generators. Our attack uses tools from the literature on two-source extractors (Chor and Goldreich, SICOMP 1988) and efficient refutation of 2-CSPs over large alphabets (Allen, O’Donnell and Witmer, FOCS 2015). Finally, we propose new ways to instantiate the Lin-Tessaro construction that do not immediately fall to our attacks. While we cannot say with any confidence that these modifications are secure, they certainly deserve further cryptanalysis. ∗E-mail: alexjl@mit.edu. Supported by an Akamai Presidential Fellowship. †E-mail: vinodv@mit.edu. Research supported in part by NSF Grants CNS-1350619 and CNS-1414119, Alfred P. Sloan Research Fellowship, Microsoft Faculty Fellowship, the NEC Corporation, a Steven and Renee Finn Career Development Chair from MIT. This work was also sponsored in part by the Defense Advanced Research Projects Agency (DARPA) and the U.S. Army Research Office under contracts W911NF-15-C-0226 and W911NF-15-C-0236.

[1]  Ryan O'Donnell,et al.  How to Refute a Random CSP , 2015, 2015 IEEE 56th Annual Symposium on Foundations of Computer Science.

[2]  Shachar Lovett,et al.  Algebraic Attacks against Random Local Functions and Their Countermeasures , 2015, SIAM J. Comput..

[3]  Huijia Lin,et al.  Indistinguishability Obfuscation from Constant-Degree Graded Encoding Schemes , 2016, EUROCRYPT.

[4]  Abhishek Jain,et al.  Indistinguishability Obfuscation from Compact Functional Encryption , 2015, CRYPTO.

[5]  Elchanan Mossel,et al.  On ε‐biased generators in NC0 , 2006, Random Struct. Algorithms.

[6]  Huijia Lin,et al.  Indistinguishability Obfuscation from SXDH on 5-Linear Maps and Locality-5 PRGs , 2017, CRYPTO.

[7]  Oded Goldreich,et al.  Unbiased Bits from Sources of Weak Randomness and Probabilistic Communication Complexity , 1988, SIAM J. Comput..

[8]  David Witmer,et al.  Goldreich's PRG: Evidence for Near-Optimal Polynomial Stretch , 2014, 2014 IEEE 29th Conference on Computational Complexity (CCC).

[9]  Benny Applebaum,et al.  A Dichotomy for Local Small-Bias Generators , 2012, TCC.

[10]  Oded Goldreich,et al.  Candidate One-Way Functions Based on Expander Graphs , 2011, Studies in Complexity and Cryptography.

[11]  Stefano Tessaro,et al.  Indistinguishability Obfuscation from Trilinear Maps and Block-Wise Local PRGs , 2017, CRYPTO.

[12]  Benny Applebaum Cryptographic Hardness of Random Local Functions , 2015, computational complexity.

[13]  Nir Bitansky,et al.  Indistinguishability Obfuscation from Functional Encryption , 2018, J. ACM.

[14]  Vinod Vaikuntanathan,et al.  Indistinguishability Obfuscation from DDH-Like Assumptions on Constant-Degree Graded Encodings , 2016, 2016 IEEE 57th Annual Symposium on Foundations of Computer Science (FOCS).

[15]  Amit Sahai,et al.  Projective Arithmetic Functional Encryption and Indistinguishability Obfuscation from Degree-5 Multilinear Maps , 2017, EUROCRYPT.

[16]  Youming Qiao,et al.  On the security of Goldreich’s one-way function , 2011, computational complexity.