Skip to main content
Springer Nature Link
Log in

New Techniques for Obfuscating Conjunctions

  • Conference paper
  • First Online:
Advances in Cryptology – EUROCRYPT 2019 (EUROCRYPT 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11478))

Abstract

A conjunction is a function \(f(x_1,\dots ,x_n) = \bigwedge _{i \in S} l_i\) where \(S \subseteq [n]\) and each \(l_i\) is \(x_i\) or \(\lnot x_i\). Bishop et al. (CRYPTO 2018) recently proposed obfuscating conjunctions by embedding them in the error positions of a noisy Reed-Solomon codeword and placing the codeword in a group exponent. They prove distributional virtual black box (VBB) security in the generic group model for random conjunctions where \(|S| \ge 0.226n\). While conjunction obfuscation is known from LWE [31, 47], these constructions rely on substantial technical machinery.

In this work, we conduct an extensive study of simple conjunction obfuscation techniques.

  • We abstract the Bishop et al. scheme to obtain an equivalent yet more efficient “dual” scheme that can handle conjunctions over exponential size alphabets. This scheme admits a straightforward proof of generic group security, which we combine with a novel combinatorial argument to obtain distributional VBB security for |S| of any size.

  • If we replace the Reed-Solomon code with a random binary linear code, we can prove security from standard LPN and avoid encoding in a group. This addresses an open problem posed by Bishop et al. to prove security of this simple approach in the standard model.

  • We give a new construction that achieves information theoretic distributional VBB security and weak functionality preservation for \(|S| \ge n - n^\delta \) and \(\delta < 1\). Assuming discrete log and \(\delta < 1/2\), we satisfy a stronger notion of functionality preservation for computationally bounded adversaries while still achieving information theoretic security.

J. Bartusek and F. Ma—This work was done while the author was an intern at SRI International.

T. Lepoint—Now at Google.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    Conjunctions over boolean/binary inputs naturally generalize to alphabets \([\ell ]\) for \(\ell \ge 2\). In this setting, each \(x_i \in [\ell ]\), and \(\ell _i\) specifies the setting on the ith character. Positions not fixed by the \(\ell _i\) are the wildcards.

  2. 2.

    If \(w = n - O(\log n)\), the distributional virtual black box security notion is vacuous since an attacker can guess an accepting input and recover \(\mathsf {pat}\) entirely.

  3. 3.

    We note that if we set \(\ell = 2\), this generalization flips the role of 0 and 1, but is functionally equivalent.

  4. 4.

    In the context of LWE this duality/transformation has been observed a number of times, see e.g. [40]. For RLC, this is essentially syndrome decoding.

  5. 5.

    This holds for our generic group model constructions as well.

  6. 6.

    RLC for field size \(q = 2\) is equivalent to LPN.

  7. 7.

    To the best of our knowledge, this scheme had not appeared in the literature before [12]. However, most prior work on point obfuscation considers stronger correctness, security, and functionality requirements (such as multi-bit output) that this scheme falls short of, which may preclude its use in certain settings.

  8. 8.

    This is slightly informal, since it requires a notion of input-hiding obfuscation [6].

  9. 9.

    This was re-named to “perfectly one-way functions” in [22].

  10. 10.

    See the full version [9] for a description of how to do this in \(O(n\log ^2(n))\) time.

  11. 11.

    As noted in [12], we can boost this to strong functionality preservation by setting \(q > 2^{2n}\).

  12. 12.

    Consider for example the distributional point obfuscator that simply outputs the single accepting point in the clear as the “obfuscation.” To evaluate, we simply compare the input point with the accepting point. Notice this trivially insecure obfuscation is perfectly indistinguishable from random for point functions drawn from the uniform distribution. However, we note that in the generic group model, indistinguishability from random does imply distributional VBB.

  13. 13.

    To see this informally, consider any obfuscation scheme for an evasive functionality given by \((\mathsf {Obf},\mathsf {Eval})\) that achieves weak functionality preservation. Now define \((\mathsf {Obf}',\mathsf {Eval}')\) where \(\mathsf {Obf}'(C)\) samples a random y from the input space and then outputs \(\mathsf {Obf}(C),y\). Then \(\mathsf {Eval}(\mathsf {Obf}',x)\) returns \(\mathsf {Eval}(\mathsf {Obf},x)\) if \(x \ne y\), but returns 1 if \(x = y\). It is not hard to see that this scheme still satisfies weak functionality preservation, but now an adversary can easily tell that functionality preservation is violated at y, so computational functionality preservation is violated.

  14. 14.

    This is reminiscent of the notion of input-hiding obfuscation [6], but different in that we require that the adversary cannot find an accepting input for the obfuscated circuit rather than the original circuit.

References

  1. Ananth, P., Jain, A.: Indistinguishability obfuscation from compact functional encryption. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9215, pp. 308–326. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-47989-6_15

    Chapter  Google Scholar 

  2. Ananth, P., Sahai, A.: Projective arithmetic functional encryption and indistinguishability obfuscation from degree-5 multilinear maps. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10210, pp. 152–181. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-56620-7_6

    Chapter  Google Scholar 

  3. Applebaum, B., Avron, J., Brzuska, C.: Arithmetic cryptography: extended abstract. In: Roughgarden, T. (ed.) ITCS 2015, pp. 143–151. ACM (2015)

    Google Scholar 

  4. Applebaum, B., Ishai, Y., Kushilevitz, E.: Cryptography with constant input locality. J. Cryptol. 22(4), 429–469 (2009)

    Article  MathSciNet  Google Scholar 

  5. Arora, S., Ge, R.: New algorithms for learning in presence of errors. In: Aceto, L., Henzinger, M., Sgall, J. (eds.) ICALP 2011. LNCS, vol. 6755, pp. 403–415. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-22006-7_34

    Chapter  Google Scholar 

  6. Barak, B., Bitansky, N., Canetti, R., Kalai, Y.T., Paneth, O., Sahai, A.: Obfuscation for evasive functions. In: Lindell, Y. (ed.) TCC 2014. LNCS, vol. 8349, pp. 26–51. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-54242-8_2

    Chapter  Google Scholar 

  7. Barak, B., et al.: On the (im)possibility of obfuscating programs. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 1–18. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44647-8_1

    Chapter  Google Scholar 

  8. Bartusek, J., Guan, J., Ma, F., Zhandry, M.: Return of GGH15: provable security against zeroizing attacks. In: Beimel, A., Dziembowski, S. (eds.) TCC 2018. LNCS, vol. 11240, pp. 544–574. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-03810-6_20

    Chapter  MATH  Google Scholar 

  9. Bartusek, J., Ma, F., Lepoint, T., Zhandry, M.: New techniques for obfuscating conjunctions. Cryptology ePrint Archive, Report 2018/936 (2018). https://eprint.iacr.org/2018/936

  10. Bellare, M., Stepanovs, I.: Point-function obfuscation: a framework and generic constructions. In: Kushilevitz, E., Malkin, T. (eds.) TCC 2016. LNCS, vol. 9563, pp. 565–594. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49099-0_21

    Chapter  Google Scholar 

  11. Beullens, W., Wee, H.: Obfuscating simple functionalities from knowledge assumptions. In: PKC. LNCS. Springer (2019)

    Google Scholar 

  12. Bishop, A., Kowalczyk, L., Malkin, T., Pastro, V., Raykova, M., Shi, K.: A simple obfuscation scheme for pattern-matching with wildcards. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10993, pp. 731–752. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96878-0_25

    Chapter  Google Scholar 

  13. Boneh, D., Ishai, Y., Sahai, A., Wu, D.J.: Lattice-based SNARGs and their application to more efficient obfuscation. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10212, pp. 247–277. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-56617-7_9

    Chapter  Google Scholar 

  14. Boneh, D., Waters, B.: Constrained pseudorandom functions and their applications. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013. LNCS, vol. 8270, pp. 280–300. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-42045-0_15

    Chapter  Google Scholar 

  15. Boneh, D., Zhandry, M.: Multiparty key exchange, efficient traitor tracing, and more from indistinguishability obfuscation. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8616, pp. 480–499. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-44371-2_27

    Chapter  Google Scholar 

  16. Brakerski, Z., Rothblum, G.N.: Obfuscating conjunctions. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8043, pp. 416–434. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40084-1_24

    Chapter  Google Scholar 

  17. Brakerski, Z., Rothblum, G.N.: Obfuscating conjunctions. J. Cryptol. 30(1), 289–320 (2017)

    Article  MathSciNet  Google Scholar 

  18. Brakerski, Z., Vaikuntanathan, V.: Constrained key-homomorphic PRFs from standard lattice assumptions. In: Dodis, Y., Nielsen, J.B. (eds.) TCC 2015. LNCS, vol. 9015, pp. 1–30. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46497-7_1

    Chapter  Google Scholar 

  19. Brakerski, Z., Vaikuntanathan, V., Wee, H., Wichs, D.: Obfuscating conjunctions under entropic ring LWE. In: Sudan, M. (ed.) ITCS 2016, pp. 147–156. ACM (2016)

    Google Scholar 

  20. Brands, S.: Untraceable off-line cash in wallet with observers. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 302–318. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48329-2_26

    Chapter  MATH  Google Scholar 

  21. Canetti, R.: Towards realizing random oracles: Hash functions that hide all partial information. In: Kaliski, B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 455–469. Springer, Heidelberg (1997). https://doi.org/10.1007/BFb0052255

    Chapter  Google Scholar 

  22. Canetti, R., Micciancio, D., Reingold, O.: Perfectly one-way probabilistic hash functions (preliminary version). In: 30th ACM STOC, pp. 131–140. ACM Press (1998)

    Google Scholar 

  23. Coron, J.-S., Lepoint, T., Tibouchi, M.: Practical multilinear maps over the integers. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 476–493. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40041-4_26

    Chapter  Google Scholar 

  24. Dodis, Y., Kalai, Y.T., Lovett, S.: On cryptography with auxiliary input. In: Mitzenmacher, M. (ed.) 41st ACM STOC, pp. 621–630. ACM Press (2009)

    Google Scholar 

  25. Dodis, Y., Smith, A.: Correcting errors without leaking partial information. In: Gabow, H.N., Fagin, R. (eds.) 37th ACM STOC, pp. 654–663. ACM Press (2005)

    Google Scholar 

  26. Döttling, N.: Low noise LPN: key dependent message secure public key encryption an sample amplification. IET Inf. Secur. 10(6), 372–385 (2016)

    Article  Google Scholar 

  27. Garg, S., Gentry, C., Halevi, S.: Candidate multilinear maps from ideal lattices. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 1–17. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38348-9_1

    Chapter  Google Scholar 

  28. Garg, S., Miles, E., Mukherjee, P., Sahai, A., Srinivasan, A., Zhandry, M.: Secure obfuscation in a weak multilinear map model. In: Hirt, M., Smith, A. (eds.) TCC 2016. LNCS, vol. 9986, pp. 241–268. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53644-5_10

    Chapter  Google Scholar 

  29. Gentry, C., Gorbunov, S., Halevi, S.: Graph-induced multilinear maps from lattices. In: Dodis, Y., Nielsen, J.B. (eds.) TCC 2015. LNCS, vol. 9015, pp. 498–527. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46497-7_20

    Chapter  Google Scholar 

  30. Gentry, C., Wichs, D.: Separating succinct non-interactive arguments from all falsifiable assumptions. In: Fortnow, L., Vadhan, S.P. (eds.) 43rd ACM STOC, pp. 99–108. ACM Press (2011)

    Google Scholar 

  31. Goyal, R., Koppula, V., Waters, B.: Lockable obfuscation. In: 58th FOCS, pp. 612–621. IEEE Computer Society Press (2017)

    Google Scholar 

  32. Hazay, C., Orsini, E., Scholl, P., Soria-Vazquez, E.: TinyKeys: a new approach to efficient multi-party computation. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10993, pp. 3–33. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96878-0_1

    Chapter  Google Scholar 

  33. Ishai, Y., Prabhakaran, M., Sahai, A.: Secure arithmetic computation with no honest majority. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 294–314. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-00457-5_18

    Chapter  Google Scholar 

  34. Jain, A., Krenn, S., Pietrzak, K., Tentes, A.: Commitments and efficient zero-knowledge proofs from learning parity with noise. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 663–680. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34961-4_40

    Chapter  Google Scholar 

  35. Lin, H.: Indistinguishability obfuscation from constant-degree graded encoding schemes. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9665, pp. 28–57. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49890-3_2

    Chapter  Google Scholar 

  36. Lin, H., Tessaro, S.: Indistinguishability obfuscation from trilinear maps and block-wise local PRGs. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10401, pp. 630–660. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-63688-7_21

    Chapter  Google Scholar 

  37. Lin, H., Vaikuntanathan, V.: Indistinguishability obfuscation from DDH-like assumptions on constant-degree graded encodings. In: Dinur, I. (ed.) 57th FOCS, pp. 11–20. IEEE Computer Society Press (2016)

    Google Scholar 

  38. Lynn, B., Prabhakaran, M., Sahai, A.: Positive results and techniques for obfuscation. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 20–39. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24676-3_2

    Chapter  Google Scholar 

  39. Ma, F., Zhandry, M.: The MMap strikes back: obfuscation and new multilinear maps immune to CLT13 zeroizing attacks. In: Beimel, A., Dziembowski, S. (eds.) TCC 2018. LNCS, vol. 11240, pp. 513–543. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-03810-6_19

    Chapter  Google Scholar 

  40. Micciancio, D., Mol, P.: Pseudorandom Knapsacks and the sample complexity of LWE search-to-decision reductions. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 465–484. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-22792-9_26

    Chapter  Google Scholar 

  41. Naor, M.: On cryptographic assumptions and challenges. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 96–109. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45146-4_6

    Chapter  Google Scholar 

  42. Peikert, C.: On error correction in the exponent. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 167–183. Springer, Heidelberg (2006). https://doi.org/10.1007/11681878_9

    Chapter  Google Scholar 

  43. Sahai, A., Waters, B.: How to use indistinguishability obfuscation: deniable encryption, and more. In: Shmoys, D.B. (ed.) 46th ACM STOC, pp. 475–484. ACM Press (2014)

    Google Scholar 

  44. Shoup, V.: Lower bounds for discrete logarithms and related problems. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 256–266. Springer, Heidelberg (1997). https://doi.org/10.1007/3-540-69053-0_18

    Chapter  Google Scholar 

  45. Skala, M.: Hypergeometric tail inequalities: ending the insanity. arXiv preprint arXiv:1311.5939 (2013)

  46. Wee, H.: On obfuscating point functions. In: Gabow, H.N., Fagin, R. (eds.) 37th ACM STOC, pp. 523–532. ACM Press (2005)

    Google Scholar 

  47. Wichs, D., Zirdelis, G.: Obfuscating compute-and-compare programs under LWE. In: 58th FOCS, pp. 600–611. IEEE Computer Society Press (2017)

    Google Scholar 

  48. Yu, Y., Zhang, J.: Cryptography with auxiliary input and trapdoor from constant-noise LPN. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 214–243. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53018-4_9

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Princeton University, Princeton, USA

    James Bartusek, Fermi Ma & Mark Zhandry

  2. SRI International, New York, NY, USA

    Tancrède Lepoint

Authors
  1. James Bartusek
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Tancrède Lepoint
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Fermi Ma
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Mark Zhandry
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to James Bartusek .

Editor information

Editors and Affiliations

  1. Technion, Haifa, Israel

    Yuval Ishai

  2. COSIC Group, KU Leuven, Heverlee, Belgium

    Vincent Rijmen

Rights and permissions

Reprints and permissions

Copyright information

© 2019 International Association for Cryptologic Research

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Bartusek, J., Lepoint, T., Ma, F., Zhandry, M. (2019). New Techniques for Obfuscating Conjunctions. In: Ishai, Y., Rijmen, V. (eds) Advances in Cryptology – EUROCRYPT 2019. EUROCRYPT 2019. Lecture Notes in Computer Science(), vol 11478. Springer, Cham. https://doi.org/10.1007/978-3-030-17659-4_22

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-17659-4_22

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-17658-7

  • Online ISBN: 978-3-030-17659-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Societies and partnerships