Indistinguishability Obfuscation from Functional Encryption

Indistinguishability obfuscation (IO) is a tremendous notion, powerful enough to give rise to almost any known cryptographic object. Prior candidate IO constructions were based on specific assumptions on algebraic objects called multi-linear graded encodings. We present a generic construction of indistinguishability obfuscation from public-key functional encryption with succinct encryption circuits and subexponential security. This shows the equivalence of indistinguishability obfuscation and public-key functional encryption, a primitive that has previously seemed to be much weaker, lacking the power and the staggering range of applications of indistinguishability obfuscation. Our main construction can be based on functional encryption schemes that support a single functional key, and where the encryption circuit grows sub-linearly in the circuit-size of the function. We further show that sublinear succinctness in circuit-size for single-key schemes can be traded with sublinear succinctness in the number of keys (also known as the collusion-size) for multi-key schemes. We also show that, under the Learning with Errors assumption, our techniques imply that any indistinguishability obfuscator can be converted into one where the size of obfuscated circuits is twice that of the original circuit plus an additive overhead that is polynomial in its depth, input length, and the security parameter.

[1]  Brent Waters,et al.  How to use indistinguishability obfuscation: deniable encryption, and more , 2014, IACR Cryptol. ePrint Arch..

[2]  Nir Bitansky,et al.  From Cryptomania to Obfustopia Through Secret-Key Functional Encryption , 2016, Journal of Cryptology.

[3]  Allison Bishop,et al.  Indistinguishability Obfuscation from the Multilinear Subgroup Elimination Assumption , 2015, 2015 IEEE 56th Annual Symposium on Foundations of Computer Science.

[4]  Brent Waters,et al.  Constrained Pseudorandom Functions and Their Applications , 2013, ASIACRYPT.

[5]  Amit Sahai,et al.  On the (im)possibility of obfuscating programs , 2001, JACM.

[6]  Adam O'Neill,et al.  Definitional Issues in Functional Encryption , 2010, IACR Cryptol. ePrint Arch..

[7]  Vinod Vaikuntanathan,et al.  Functional Encryption: New Perspectives and Lower Bounds , 2013, IACR Cryptol. ePrint Arch..

[8]  Alon Rosen,et al.  Pseudorandom Functions: Three Decades Later , 2017, Tutorials on the Foundations of Cryptography.

[9]  Ran Canetti,et al.  Succinct Garbling and Indistinguishability Obfuscation for RAM Programs , 2015, STOC.

[10]  Fuyuki Kitagawa,et al.  Indistinguishability Obfuscation for All Circuits from Secret-Key Functional Encryption , 2017, IACR Cryptol. ePrint Arch..

[11]  Moni Naor,et al.  One-Way Functions and (Im)Perfect Obfuscation , 2014, 2014 IEEE 55th Annual Symposium on Foundations of Computer Science.

[12]  Craig Gentry,et al.  Candidate Multilinear Maps from Ideal Lattices , 2013, EUROCRYPT.

[13]  Huijia Lin,et al.  Indistinguishability Obfuscation from Constant-Degree Graded Encoding Schemes , 2016, EUROCRYPT.

[14]  Abhi Shelat,et al.  Securely Obfuscating Re-Encryption , 2007, Journal of Cryptology.

[15]  Zvika Brakerski,et al.  Obfuscating Circuits via Composite-Order Graded Encoding , 2015, TCC.

[16]  Amit Sahai,et al.  Worry-free encryption: functional encryption with public keys , 2010, CCS '10.

[17]  Ilan Komargodski,et al.  From Single-Input to Multi-Input Functional Encryption in the Private-Key Setting , 2015, IACR Cryptol. ePrint Arch..

[18]  Vinod Vaikuntanathan,et al.  Functional Encryption for Inner Product Predicates from Learning with Errors , 2011, IACR Cryptol. ePrint Arch..

[19]  Adi Shamir,et al.  Zero Knowledge Proofs of Knowledge in Two Rounds , 1989, CRYPTO.

[20]  Andrew Chi-Chih Yao,et al.  How to generate and exchange secrets , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[21]  Guy N. Rothblum,et al.  On Best-Possible Obfuscation , 2007, Journal of Cryptology.

[22]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[23]  Vinod Vaikuntanathan,et al.  Functional Encryption with Bounded Collusions via Multi-party Computation , 2012, CRYPTO.

[24]  Dennis Hofheinz,et al.  Obfuscation for Cryptographic Purposes , 2007, TCC.

[25]  Amit Sahai,et al.  Achieving Compactness Generically: Indistinguishability Obfuscation from Non-Compact Functional Encryption , 2015, IACR Cryptol. ePrint Arch..

[26]  Ran Canetti,et al.  Obfuscation of Probabilistic Circuits and Applications , 2015, TCC.

[27]  Rafael Pass,et al.  Indistinguishability Obfuscation with Non-trivial Efficiency , 2016, Public Key Cryptography.

[28]  Yuval Ishai,et al.  Cryptography in NC0 , 2004, FOCS.

[29]  Rafael Pass,et al.  Output-Compressing Randomized Encodings and Applications , 2016, TCC.

[30]  Satoshi Hada,et al.  Zero-Knowledge and Code Obfuscation , 2000, ASIACRYPT.

[31]  Jean-Sébastien Coron,et al.  New Multilinear Maps Over the Integers , 2015, CRYPTO.

[32]  Yael Tauman Kalai,et al.  The Impossibility of Obfuscation with Auxiliary Input or a Universal Simulator , 2014, CRYPTO.

[33]  Stefano Tessaro,et al.  Indistinguishability Obfuscation from Trilinear Maps and Block-Wise Local PRGs , 2017, CRYPTO.

[34]  Nir Bitansky,et al.  Succinct Randomized Encodings and their Applications , 2015, IACR Cryptol. ePrint Arch..

[35]  Oded Goldreich Foundations of Cryptography: Volume 1 , 2006 .

[36]  Oded Goldreich,et al.  Foundations of Cryptography: List of Figures , 2001 .

[37]  Brent Waters,et al.  Functional encryption: a new vision for public-key cryptography , 2012, CACM.

[38]  Craig Gentry,et al.  Candidate Multilinear Maps from Ideal Lattices and Applications , 2012, IACR Cryptol. ePrint Arch..

[39]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[40]  Daniele Micciancio,et al.  Compactness vs Collusion Resistance in Functional Encryption , 2016, IACR Cryptol. ePrint Arch..

[41]  Yael Tauman Kalai,et al.  On the impossibility of obfuscation with auxiliary input , 2005, 46th Annual IEEE Symposium on Foundations of Computer Science (FOCS'05).

[42]  Yael Tauman Kalai,et al.  Protecting Obfuscation against Algebraic Attacks , 2014, EUROCRYPT.

[43]  Sanjam Garg,et al.  Revisiting the Cryptographic Hardness of Finding a Nash Equilibrium , 2016, CRYPTO.

[44]  Amit Sahai,et al.  Multi-Input Functional Encryption , 2014, IACR Cryptol. ePrint Arch..

[45]  Abhishek Jain,et al.  Indistinguishability Obfuscation from Compact Functional Encryption , 2015, CRYPTO.

[46]  Ran Canetti,et al.  Towards Realizing Random Oracles: Hash Functions That Hide All Partial Information , 1997, CRYPTO.

[47]  Amit Sahai,et al.  Positive Results and Techniques for Obfuscation , 2004, EUROCRYPT.

[48]  Jonathan Katz,et al.  Predicate Encryption Supporting Disjunctions, Polynomial Equations, and Inner Products , 2008, Journal of Cryptology.

[49]  Vinod Vaikuntanathan,et al.  The Trojan Method in Functional Encryption: From Selective to Adaptive Security, Generically , 2014, IACR Cryptol. ePrint Arch..

[50]  Ran Canetti,et al.  Obfuscation of Hyperplane Membership , 2010, TCC.

[51]  Leslie G. Valiant,et al.  Universal circuits (Preliminary Report) , 1976, STOC '76.

[52]  Oded Goldreich,et al.  The Foundations of Cryptography - Volume 1: Basic Techniques , 2001 .

[53]  Allison Bishop,et al.  Indistinguishability Obfuscation for Turing Machines with Unbounded Memory , 2015, IACR Cryptol. ePrint Arch..

[54]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[55]  Yael Tauman Kalai,et al.  Reusable garbled circuits and succinct functional encryption , 2013, STOC '13.

[56]  S. Rajsbaum Foundations of Cryptography , 2014 .

[57]  Ilan Komargodski,et al.  Multi-input Functional Encryption in the Private-Key Setting: Stronger Security from Weaker Assumptions , 2016, Journal of Cryptology.

[58]  Yuval Ishai,et al.  COMPUTATIONALLY PRIVATE RANDOMIZING POLYNOMIALS AND THEIR APPLICATIONS , 2005, 20th Annual IEEE Conference on Computational Complexity (CCC'05).

[59]  Brent Waters,et al.  Candidate Indistinguishability Obfuscation and Functional Encryption for all Circuits , 2013, 2013 IEEE 54th Annual Symposium on Foundations of Computer Science.

[60]  Mark Zhandry,et al.  Decomposable Obfuscation: A Framework for Building Applications of Obfuscation from Polynomial Hardness , 2017, TCC.

[61]  Vinod Vaikuntanathan,et al.  Attribute-based encryption for circuits , 2013, STOC '13.

[62]  Aggelos Kiayias,et al.  Delegatable pseudorandom functions and applications , 2013, IACR Cryptol. ePrint Arch..

[63]  Zvika Brakerski,et al.  Function-Private Functional Encryption in the Private-Key Setting , 2015, TCC.

[64]  Huijia Lin,et al.  Indistinguishability Obfuscation from SXDH on 5-Linear Maps and Locality-5 PRGs , 2017, CRYPTO.

[65]  Oded Goldreich Foundations of Cryptography: Index , 2001 .

[66]  Hoeteck Wee,et al.  On obfuscating point functions , 2005, STOC '05.

[67]  Shafi Goldwasser,et al.  Functional Signatures and Pseudorandom Functions , 2014, Public Key Cryptography.

[68]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[69]  Leonid A. Levin,et al.  A Pseudorandom Generator from any One-way Function , 1999, SIAM J. Comput..

[70]  Joe Zimmerman,et al.  How to Obfuscate Programs Directly , 2015, EUROCRYPT.

[71]  Brent Waters,et al.  Encoding Functions with Constant Online Rate or How to Compress Garbled Circuits Keys , 2013, CRYPTO.

[72]  Vinod Vaikuntanathan,et al.  Indistinguishability Obfuscation from DDH-Like Assumptions on Constant-Degree Graded Encodings , 2016, 2016 IEEE 57th Annual Symposium on Foundations of Computer Science (FOCS).

[73]  Amit Sahai,et al.  Projective Arithmetic Functional Encryption and Indistinguishability Obfuscation from Degree-5 Multilinear Maps , 2017, EUROCRYPT.

[74]  Craig Gentry,et al.  Functional Encryption Without Obfuscation , 2016, TCC.

[75]  Rafael Pass,et al.  Indistinguishability Obfuscation from Semantically-Secure Multilinear Encodings , 2014, CRYPTO.

[76]  Amit Sahai,et al.  Indistinguishability Obfuscation for Turing Machines: Constant Overhead and Amortization , 2017, CRYPTO.

[77]  Sanjam Garg,et al.  Single-Key to Multi-Key Functional Encryption with Polynomial Loss , 2016, TCC.

[78]  Guy N. Rothblum,et al.  Virtual Black-Box Obfuscation for All Circuits via Generic Graded Encoding , 2014, TCC.

[79]  Moni Naor,et al.  Public-key cryptosystems provably secure against chosen ciphertext attacks , 1990, STOC '90.

[80]  Brent Waters,et al.  A Punctured Programming Approach to Adaptively Secure Functional Encryption , 2015, CRYPTO.

[81]  Mark Zhandry,et al.  Breaking the Sub-Exponential Barrier in Obfustopia , 2017, EUROCRYPT.

[82]  Stephen A. Cook,et al.  A Depth-Universal Circuit , 1985, SIAM J. Comput..

[83]  Kai-Min Chung,et al.  On Extractability Obfuscation , 2014, IACR Cryptol. ePrint Arch..

[84]  Craig Gentry,et al.  Fully Secure Functional Encryption without Obfuscation , 2014, IACR Cryptol. ePrint Arch..

[85]  Omer Paneth,et al.  On the Achievability of Simulation-Based Security for Functional Encryption , 2013, CRYPTO.

[86]  Benny Applebaum,et al.  Bootstrapping Obfuscators via Fast Pseudorandom Functions , 2014, ASIACRYPT.

[87]  Yuval Ishai,et al.  Randomizing polynomials: A new representation with applications to round-efficient secure computation , 2000, Proceedings 41st Annual Symposium on Foundations of Computer Science.

[88]  Craig Gentry,et al.  Fully Key-Homomorphic Encryption, Arithmetic Circuit ABE and Compact Garbled Circuits , 2014, EUROCRYPT.

[89]  Vinod Vaikuntanathan,et al.  Predicate Encryption for Circuits from LWE , 2015, CRYPTO.

[90]  Nir Bitansky,et al.  From Cryptomania to Obfustopia Through Secret-Key Functional Encryption , 2019, Journal of Cryptology.