Skip to main content
SpringerLink
Log in

Obfustopia Built on Secret-Key Functional Encryption

  • Research Article
  • Published:
Journal of Cryptology Aims and scope Submit manuscript

Abstract

We show that indistinguishability obfuscation (IO) for all circuits can be constructed solely from secret-key functional encryption (SKFE). In the construction, SKFE needs to be secure against an unbounded number of functional key queries, that is, collusion-resistant. Our strategy is to replace public-key functional encryption (PKFE) in the construction of IO proposed by Bitansky and Vaikuntanathan (FOCS 2015) with puncturable SKFE. Bitansky and Vaikuntanathan introduced the notion of puncturable SKFE and observed that the strategy works. However, it has not been clear whether we can construct puncturable SKFE without assuming PKFE. In particular, it has not been known whether puncturable SKFE can be constructed from standard SKFE. In this work, we show that a relaxed variant of puncturable SKFE can be constructed from collusion-resistant SKFE. Moreover, we show that the relaxed variant of puncturable SKFE is sufficient for constructing IO. Ananth and Jain (CRYPTO 2015) also proposed an IO construction from PKFE. However, their strategy is different from that of Biransky and Vaikuntanathan. In addition, we also study the relation of collusion-resistance and succinctness for SKFE. Functional encryption is said to be weakly succinct if the size of its encryption circuit is sub-linear in the size of functions. We show that collusion-resistant SKFE can be constructed from weakly succinct SKFE supporting only one functional key. By combining the above two results, we show that IO for all circuits can be constructed from weakly succinct SKFE supporting only one functional key.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18
Fig. 19
Fig. 20
Fig. 21

Similar content being viewed by others

Notes

  1. More precisely, Asharov and Segev [13] introduced an extended model for black-box reductions to include a limited class of non-black-box reductions into their impossibility results. We will explain more on this impossibility result later.

  2. Komargodski, Moran, Naor, Pass, Rosen, and Yogev [64] proved that IO implies one-way functions under a mild complexity theoretic assumption. See the reference for the detail.

  3. Strictly speaking, it was known that there are stronger primitives (such as identity-based encryption) than public-key encryption before the candidate of obfuscation appeared [28, 71]. Moreover, it is not clear whether public-key encryption implies fully homomorphic encryption or not so far.

  4. For example, in some works [8, 25, 27, 34, 53, 65, 70, 74], we use a functional encryption scheme and generate a functional decryption key for a circuit that computes the encryption circuit of the functional encryption scheme.

  5. Bitansky and Vaikuntanathan showed how to construct single-key succinct PKFE from a bounded collusion-resistant and weakly succinct PKFE [34].

  6. Before their results, it was known that a single-key weakly succinct PKFE scheme implies a collusion-resistant and succinct one via IO [33, 46, 88] though it incurs sub-exponential security loss.

  7. When transforming a sub-exponentially secure scheme, our transformation incurs sub-exponentially security loss. However, we can transform any sub-exponentially secure single-key scheme into a sub-exponentially secure collusion-resistant one.

  8. Strictly speaking, the domain of PRF is [q], and thus the size of \({{\mathsf {E}}}_{{\textsf {1Key}}}\) depends on q in logarithmic. However, it does not matter since logarithmic factor is absorbed by sub-linear factor. We ignore this issue here for simplicity.

  9. Li and Micciancio proceeded with the above series of transformations via an index-based variant of PKFE, where each functional key is indexed by a number, and thus the resulting collusion-resistant scheme is also a index-based scheme. Therefore, after achieving collusion-resistance, they converted the index-based PKFE scheme into a standard PKFE scheme. For simplicity, we ignore the issue of index-based constructions in this overview.

  10. Each pair of labels is shuffled by a random masking.

  11. Their goal is to construct an adaptively secure scheme. They used adaptively secure single-ciphertext functional encryption that is non-succinct as data encapsulation mechanism.

  12. We ignore the issue of the randomness for the key generation. We use a PRF to solve this issue in the actual scheme.

  13. While we can reduce the blow-up of the encryption time, we cannot reduce the security loss caused by each iteration step. As a result, \(\lambda ^{\omega (1)}\) security loss occurs after \(\omega (1)\) times iterations. This is the reason our transformation incurs quasi-polynomial security loss.

  14. Collusion-resistance generally does not require function privacy. Not only function private schemes but also message private schemes are referred to as collusion-resistant if they are secure against a-priori unbounded polynomial number of functional key queries.

  15. We assume that \(n \ge \lambda \) and \(K_{j,\alpha }\) is the first \(\lambda \) bit of \({\textsf {F}}_S(j\Vert \alpha )\) for every \(j \in [n]\) and \(\alpha \in \{0,1\}\).

  16. Precisely speaking, the time is bounded by \(\lambda |m|^c+O(\lambda ^c)\) due to the parallel construction. However, the factor \(\lambda \) (coefficient of \(|m|^c\)) is not a dominant factor, so we omit here. It is easy to see that the construction works even if we consider the factor. See Sect. 10.3.

  17. Analogously, we see that if the underlying single-key SKFE is succinct, then so does \({{\textsf {HYBRD}}_{\eta }}\).

  18. We can slightly generalize the result. By setting \(\eta =\zeta ^{1/c}\) in the construction for any constant \(c > 1\), we can achieve \(\delta '(\lambda )=\lambda ^{-\zeta ^{1/c}}\).

References

  1. B. Applebaum, Z. Brakerski, Obfuscating circuits via composite-order graded encoding. J. Cryptol. 34(2), 14 (2021)

    Article  MathSciNet  Google Scholar 

  2. P. Ananth, Z. Brakerski, G. Segev, V. Vaikuntanathan, From selective to adaptive security in functional encryption, in R. Gennaro, M.J.B. Robshaw, editors, CRYPTO 2015, Part II, vol. 9216 of LNCS (Springer, Heidelberg, 2015), pp. 657–677

  3. D. Apon, N. Döttling, S. Garg, P. Mukherjee, Cryptanalysis of indistinguishability obfuscations of circuits over GGH13, in I. Chatzigiannakis, P. Indyk, F. Kuhn, A. Muscholl, editors, ICALP 2017, vol. 80 of LIPIcs (Schloss Dagstuhl, 2017), pp. 38:1–38:16

  4. P.V. Ananth, D. Gupta, Y. Ishai, A. Sahai, Optimizing obfuscation: Avoiding Barrington’s theorem, in G.-J. Ahn, M. Yung, N. Li, editors, ACM CCS 2014 (ACM Press, 2014), pp. 646–658

  5. S. Agrawal, Stronger security for reusable garbled circuits, general definitions and attacks, in J. Katz, H. Shacham, editors, CRYPTO 2017, Part I, vol. 10401 of LNCS (Springer, Heidelberg, 2017), pp. 3–35

  6. S. Agrawal, Indistinguishability obfuscation without multilinear maps: New methods for bootstrapping and instantiation, in Y. Ishai, V. Rijmen, editors, EUROCRYPT 2019, Part I, vol. 11476 of LNCS (Springer, Heidelberg, 2019), pp. 191–225

  7. B. Applebaum, Y. Ishai, E. Kushilevitz, Computationally private randomizing polynomials and their applications. Comput. Complex. 15(2), 115–162 (2006)

    Article  MathSciNet  Google Scholar 

  8. P. Ananth, A. Jain, Indistinguishability obfuscation from compact functional encryption, in R. Gennaro, M.J.B. Robshaw, editors, CRYPTO 2015, Part I, vol. 9215 of LNCS (Springer, Heidelberg, 2015), pp. 308–326

  9. P. Ananth, A. Jain, H. Lin, C. Matt, A. Sahai, Indistinguishability obfuscation without multilinear maps: New paradigms via low degree weak pseudorandomness and security amplification, in A. Boldyreva, D. Micciancio, editors, CRYPTO 2019, Part III, vol. 11694 of LNCS (Springer, Heidelberg, 2019), pp. 284–332

  10. P. Ananth, A. Jain, A. Sahai, Indistinguishability obfuscation from functional encryption for simple functions. Cryptology ePrint Archive, Report 2015/730 (2015). https://eprint.iacr.org/2015/730

  11. P. Ananth, A. Jain, A. Sahai. Indistinguishability obfuscation without multilinear maps: iO from LWE, bilinear maps, and weak pseudorandomness. Cryptology ePrint Archive, Report 2018/615 (2018). https://eprint.iacr.org/2018/615

  12. S. Agrawal, A. Rosen, Functional encryption for bounded collusions, revisited. in Y. Kalai, L. Reyzin, editors, TCC 2017, Part I, vol. 10677 of LNCS (Springer, Heidelberg, 2017), pp. 173–205.

  13. G. Asharov, G. Segev, Limits on the power of indistinguishability obfuscation and functional encryption. SIAM J. Comput. 45(6), 2117–2176 (2016)

    Article  MathSciNet  Google Scholar 

  14. P. Ananth, A. Sahai, Projective arithmetic functional encryption and indistinguishability obfuscation from degree-5 multilinear maps, in J.-S. Coron, J.B. Nielsen, editors, EUROCRYPT 2017, Part I, vol. 10210 of LNCS (Springer, Heidelberg, 2017), pp. 152–181

  15. P. Ananth, V. Vaikuntanathan, Optimal bounded-collusion secure functional encryption, in D. Hofheinz, A. Rosen, editors, TCC 2019, Part I, vol. 11891 of LNCS (Springer, Heidelberg, 2019), pp. 174–198

  16. N. Bitansky, R. Canetti, S. Garg, J. Holmgren, A. Jain, H. Lin, R. Pass, S. Telang, V. Vaikuntanathan, Indistinguishability obfuscation for RAM programs and succinct randomized encodings. SIAM J. Comput. 47(3), 1123–1210 (2018)

    Article  MathSciNet  Google Scholar 

  17. Z. Brakerski, N. Döttling, S. Garg, G. Malavolta, Candidate iO from homomorphic encryption schemes, in Anne Canteaut, Yuval Ishai, editors, EUROCRYPT 2020, Part I, vol. 12105 of LNCS (Springer, Heidelberg, 2020), pp. 79–109

  18. Z. Brakerski, N. Döttling, S. Garg, G. Malavolta, Factoring and pairings are not necessary for iO: Circular-secure LWE suffices. Cryptology ePrint Archive, Report 2020/1024 (2020). https://eprint.iacr.org/2020/1024

  19. B. Barak, O. Goldreich, R. Impagliazzo, S. Rudich, A. Sahai, S.P. Vadhan, K. Yang, On the (im)possibility of obfuscating programs. J. ACM 59(2), 6:1–6:48 (2012)

  20. E. Boyle, S. Goldwasser, I. Ivan, Functional signatures and pseudorandom functions, in H. Krawczyk, editor, PKC 2014, vol. 8383 of LNCS (Springer, Heidelberg, 2014), pp. 501–519

  21. B. Barak, S. Garg, Y.T. Kalai, O. Paneth, A. Sahai, Protecting obfuscation against algebraic attacks, in P.Q. Nguyen, E. Oswald, editors, EUROCRYPT 2014, vol. 8441 of LNCS (Springer, Heidelberg, 2014), pp. 221–238

  22. D. Boneh, D. Gupta, I. Mironov, A. Sahai, Hosting services on an untrusted cloud, in E. Oswald, M. Fischlin, editors, EUROCRYPT 2015, Part II, vol. 9057 of LNCS (Springer, Heidelberg, 2015), pp. 404–436

  23. J. Bartusek, J. Guan, F. Ma, M. Zhandry, Return of GGH15: provable security against zeroizing attacks, in A. Beimel, S. Dziembowski, editors, TCC 2018, Part II, vol. 11240 of LNCS (Springer, Heidelberg, 2018), pp. 544–574

  24. M. Bellare, V.T. Hoang, P. Rogaway, Foundations of garbled circuits, in T. Yu, G. Danezis, V.D. Gligor, editors, ACM CCS 2012 (ACM Press, 2012), pp. 784–796

  25. Z. Brakerski, I. Komargodski, G. Segev, Multi-input functional encryption in the private-key setting: Stronger security from weaker assumptions. J. Cryptol. 31(2), 434–520 (2018)

    Article  MathSciNet  Google Scholar 

  26. S. Badrinarayanan, E. Miles, A. Sahai, M. Zhandry, Post-zeroizing obfuscation: New mathematical tools, and the case of evasive circuits, in M. Fischlin, J.-S. Coron, editors, EUROCRYPT 2016, Part II, vol. 9666 of LNCS, (Springer, Heidelberg, 2016), pp. 764–791

  27. N. Bitansky, R. Nishimaki, A. Passelègue, D. Wichs, From cryptomania to obfustopia through secret-key functional encryption. J. Cryptol 33(2), 357–405 (2020)

    Article  MathSciNet  Google Scholar 

  28. D. Boneh, P.A. Papakonstantinou, C. Rackoff, Y. Vahlis, B. Waters, On the impossibility of basing identity based encryption on trapdoor permutations, in 49th FOCS (IEEE Computer Society Press, 2008), pp. 283–292

  29. N. Bitansky, O. Paneth, D. Wichs, Perfect structure on the edge of chaos-trapdoor permutations from indistinguishability obfuscation, in E. Kushilevitz, T. Malkin, editors, TCC 2016-A, Part I, vol. 9562 of LNCS (Springer, Heidelberg, 2016), pp. 474–502

  30. Z. Brakerski, G.N. Rothblum, Virtual black-box obfuscation for all circuits via generic graded encoding, in Y. Lindell, editor, TCC 2014, vol. 8349 of LNCS (Springer, Heidelberg, 2014), pp. 1–25

  31. Z. Brakerski, G. Segev, Function-private functional encryption in the private-key setting. J. Cryptol. 31(1), 202–225 (2018)

    Article  MathSciNet  Google Scholar 

  32. D. Boneh, A. Sahai, B. Waters, Functional encryption: Definitions and challenges, in Y. Ishai, editor, TCC 2011, vol. 6597 of LNCS (Springer, Heidelberg, 2011), pp. 253–273

  33. N. Bitansky, V. Vaikuntanathan, Indistinguishability obfuscation from functional encryption, in V. Guruswami, editor, 56th FOCS (IEEE Computer Society Press, 2015), pp. 171–190

  34. N. Bitansky, V. Vaikuntanathan, Indistinguishability obfuscation from functional encryption. J. ACM 65(6), 391–3937 (2018)

    Article  MathSciNet  Google Scholar 

  35. D. Boneh, B. Waters, Constrained pseudorandom functions and their applications, in K. Sako, P. Sarkar, editors, ASIACRYPT 2013, Part II, vol. 8270 of LNCS (Springer, Heidelberg, 2013), pp. 280–300

  36. J.-S. Coron, C. Gentry, S. Halevi, T. Lepoint, H.K. Maji, E. Miles, M. Raykova, A. Sahai, M. Tibouchi, Zeroizing without low-level zeroes: New MMAP attacks and their limitations, in R. Gennaro, M.J.B. Robshaw, editors, CRYPTO 2015, Part I, vol. 9215 of LNCS (Springer, Heidelberg, 2015), pp. 247–266

  37. Y. Chen, C. Gentry, S. Halevi, Cryptanalyses of candidate branching program obfuscators, in J.-S. Coron, J.B. Nielsen, editors, EUROCRYPT 2017, Part III, vol. 10212 of LNCS (Springer, Heidelberg, 2017), pp. 278–307

  38. A. Cohen, J. Holmgren, R. Nishimaki, V. Vaikuntanathan, D. Wichs, Watermarking cryptographic capabilities. SIAM J. Comput. 47(6), 2157–2202 (2018)

    Article  MathSciNet  Google Scholar 

  39. Y. Chen, M. Hhan, V. Vaikuntanathan, H. Wee, Matrix PRFs: Constructions, attacks, and applications to obfuscation, in D. Hofheinz, A. Rosen, editors, TCC 2019, Part I, vol. 11891 of LNCS (Springer, Heidelberg, 2019), pp. 55–80

  40. J.-S. Coron, M.S. Lee, T. Lepoint, M. Tibouchi, Zeroizing attacks on indistinguishability obfuscation over CLT13, in S. Fehr, editor, PKC 2017, Part I, vol. 10174 of LNCS (Springer, Heidelberg, 2017), pp. 41–58

  41. R. Canetti, H. Lin, S. Tessaro, V. Vaikuntanathan, Obfuscation of probabilistic circuits and applications, in Y. Dodis, J.B. Nielsen, editors, TCC 2015, Part II, vol. 9015 of LNCS (Springer, Heidelberg, 2015), pp. 468–497

  42. Y. Chen, V. Vaikuntanathan, H. Wee, GGH15 beyond permutation branching programs: Proofs, attacks, and candidates, in H. Shacham, A. Boldyreva, editors, CRYPTO 2018, Part II, vol. 10992 of LNCS (Springer, Heidelberg, 2018), pp. 577–607

  43. R. Fernando, P.M.R. Rasmussen, A. Sahai, Preventing CLT attacks on obfuscation with linear overhead, in T. Takagi, T. Peyrin, editors, ASIACRYPT 2017, Part III, vol. 10626 of LNCS (Springer, Heidelberg, 2017), pp. 242–271

  44. S. Goldwasser, S. Dov Gordon, V. Goyal, A. Jain, J. Katz, F.-H. Liu, A. Sahai, E. Shi, H.-S. Zhou, Multi-input functional encryption, in P.Q. Nguyen, E. Oswald, editors, EUROCRYPT 2014, vol. 8441 of LNCS (Springer, Heidelberg, 2014), pp. 578–602

  45. C. Gentry, S. Gorbunov, S. Halevi, Graph-induced multilinear maps from lattices, in Y. Dodis, J. Nielsen, editors, TCC 2015, Part II, vol. 9015 of LNCS (Springer, Heidelberg, 2015), pp. 498–527

  46. S. Garg, C. Gentry, S. Halevi, M. Raykova, A. Sahai, B. Waters, Candidate indistinguishability obfuscation and functional encryption for all circuits. SIAM J. Comput. 45(3), 882–929 (2016)

    Article  MathSciNet  Google Scholar 

  47. O. Goldreich, S. Goldwasser, S. Micali, How to construct random functions. J. ACM 33(4), 792–807 (1986)

    Article  MathSciNet  Google Scholar 

  48. S. Goldwasser, Y.T. Kalai, R.A. Popa, V. Vaikuntanathan, N. Zeldovich, Reusable garbled circuits and succinct functional encryption, in D. Boneh, T. Roughgarden, J. Feigenbaum, editors, 45th ACM STOC (ACM Press, UK, 2013), pp. 555–564

    Google Scholar 

  49. S. Garg, E. Miles, P. Mukherjee, A. Sahai, A. Srinivasan, M. Zhandry, Secure obfuscation in a weak multilinear map model, in M. Hirt, A.D. Smith, editors, TCC 2016-B, Part II, vol. 9986 of LNCS (Springer, Heidelberg, 2016), pp. 241–268

  50. S. Garg, M. Mahmoody, A. Mohammed, Lower bounds on obfuscation from all-or-nothing encryption primitives, in J. Katz, H. Shacham, editors, CRYPTO 2017, Part I, vol. 10401 of LNCS (Springer, Heidelberg, 2017)

  51. R. Gay, R. Pass, Indistinguishability obfuscation from circular security, in S. Khuller, V.V. Williams, editors, STOC ’21: 53rd Annual ACM SIGACT Symposium on Theory of Computing, Virtual Event, Italy, June 21-25, 2021 (ACM, 2021), pp. 736–749

  52. S. Garg, O. Pandey, A. Srinivasan, M. Zhandry, Breaking the sub-exponential barrier in obfustopia. In J.-S. Coron, J. Nielsen, editors, EUROCRYPT 2017, Part III, vol. 10212 of LNCS (Springer, Heidelberg, 2017), pp. 156–181

  53. S. Garg, A. Srinivasan, Single-key to multi-key functional encryption with polynomial loss, in M. Hirt, A.D. Smith, editors, TCC 2016-B, Part II, vol. 9986 of LNCS (Springer, Heidelberg, 2016), pp. 419–442

  54. S. Gorbunov, V. Vaikuntanathan, H. Wee, Functional encryption with bounded collusions via multi-party computation, in R. Safavi-Naini, R. Canetti, editors, CRYPTO 2012, vol. 7417 of LNCS (Springer, Heidelberg, 2012), pp. 162–179

  55. D. Hofheinz, T. Jager, D. Khurana, A. Sahai, B. Waters, M. Zhandry, How to generate and use universal samplers, in J.H. Cheon, T. Takagi, editors, ASIACRYPT 2016, Part II, vol. 10032 of LNCS (Springer, Heidelberg, 2016), pp. 715–744

  56. S.B. Hopkins, A. Jain, H. Lin, Counterexamples to new circular security assumptions underlying iO, in T. Malkin, C. Peikert, editors, CRYPTO 2021, Part II, vol. 12826 of LNCS, Virtual Event (Springer, Heidelberg, 2021), pp. 673–700

  57. S. Hohenberger, A. Sahai, B. Waters, Replacing a random oracle: Full domain hash from indistinguishability obfuscation, in P.Q. Nguyen, E. Oswald, editors, EUROCRYPT 2014, vol. 8441 of LNCS (Springer, Heidelberg, 2014), pp. 201–220

  58. R. Impagliazzo, A personal view of average-case complexity, in Proceedings of the Tenth Annual Structure in Complexity Theory Conference, Minneapolis, Minnesota, USA, June 19–22, 1995 (IEEE Computer Society, 1995), pp. 134–147

  59. R. Impagliazzo, S. Rudich, Limits on the provable consequences of one-way permutations, in 21st ACM STOC (ACM Press, 1989), pp. 44–61

  60. A. Jain, H. Lin, C. Matt, A. Sahai, How to leverage hardness of constant-degree expanding polynomials overa \({\mathbb{R}}\) to build \(i{\cal{O}}\), in Y. Ishai, V. Rijmen, editors, EUROCRYPT 2019, Part I, vol. 11476 of LNCS (Springer, Heidelberg, 2019), pp. 251–281

  61. A. Jain, H. Lin, A. Sahai, Simplifying constructions and assumptions for \(i{\cal{O}}\). Cryptology ePrint Archive, Report 2019/1252 (2019). https://eprint.iacr.org/2019/1252

  62. A. Jain, H. Lin, A. Sahai, Indistinguishability obfuscation from well-founded assumptions, in S. Khuller, V. Vassilevska Williams, editors, STOC 2021 (ACM, 2021), pp. 60–73

  63. V. Koppula, A.B. Lewko, B. Waters, Indistinguishability obfuscation for turing machines with unbounded memory, in R.A. Servedio, R. Rubinfeld, editors, 47th ACM STOC (ACM Press, UK, 2015), pp. 419–428

    Google Scholar 

  64. I. Komargodski, T. Moran, M. Naor, R. Pass, A. Rosen, E. Yogev, One-way functions and (im)perfect obfuscation, in 55th FOCS (IEEE Computer Society Press, 2014), pp. 374–383

  65. F. Kitagawa, R. Nishimaki, K. Tanaka, From single-key to collusion-resistant secret-key functional encryption by leveraging succinctness. Cryptology ePrint Archive, Report 2017/638 (2017). https://eprint.iacr.org/2017/638

  66. F. Kitagawa, R. Nishimaki, K. Tanaka, Indistinguishability obfuscation for all circuits from secret-key functional encryption. Cryptology ePrint Archive, Report 2017/361 (2017). https://eprint.iacr.org/2017/361

  67. F. Kitagawa, R. Nishimaki, K. Tanaka, Obfustopia built on secret-key functional encryption, in J.B. Nielsen, V. Rijmen, editors, EUROCRYPT 2018, Part II, vol. 10821 of LNCS (Springer, Heidelberg, 2018), pp. 603–648

  68. F. Kitagawa, R. Nishimaki, K. Tanaka, Simple and generic constructions of succinct functional encryption. J. Cryptol. 34(3), 25 (2021)

    Article  MathSciNet  Google Scholar 

  69. A. Kiayias, S. Papadopoulos, N. Triandopoulos, T. Zacharias, Delegatable pseudorandom functions and applications, in A.-R. Sadeghi, V.D. Gligor, M. Yung, editors, ACM CCS 2013 (ACM Press, 2013), pp. 669–684

  70. I. Komargodski, G. Segev, From minicrypt to obfustopia via private-key functional encryption. J. Cryptol. 33(2), 406–458 (2020)

    Article  MathSciNet  Google Scholar 

  71. J. Katz, A. Yerukhimovich, On black-box constructions of predicate encryption from trapdoor permutations, in M. Matsui, editor, ASIACRYPT 2009, vol. 5912 of LNCS (Springer, Heidelberg, 2009), pp. 197–213

  72. H. Lin, Indistinguishability obfuscation from constant-degree graded encoding schemes, in M. Fischlin, J.-S. Coron, editors, EUROCRYPT 2016, Part I, vol. 9665 of LNCS (Springer, Heidelberg, 2016), pp. 28–57

  73. H. Lin, Indistinguishability obfuscation from SXDH on 5-linear maps and locality-5 PRGs, in J. Katz, H. Shacham, editors, CRYPTO 2017, Part I, vol. 10401 of LNCS (Springer, Heidelberg, 2017), pp. 599–629

  74. B. Li, D. Micciancio, Compactness vs collusion resistance in functional encryption, in M. Hirt, A.D. Smith, editors, TCC 2016-B, Part II, vol. 9986 of LNCS (Springer, Heidelberg, 2016), pp. 443–468

  75. H. Lin, C. Matt, Pseudo flawed-smudging generators and their application to indistinguishability obfuscation. Cryptology ePrint Archive, Report 2018/646 (2018) https://eprint.iacr.org/2018/646

  76. Y. Lindell, B. Pinkas, A proof of security of yao’s protocol for two-party computation. J. Cryptol. 22(2), 161–188 (2009)

    Article  MathSciNet  Google Scholar 

  77. H. Lin, R. Pass, K. Seth, S. Telang, Indistinguishability obfuscation with non-trivial efficiency, in C.-M. Cheng, K.-M. Chung, G. Persiano, B.-Y. Yang, editors, PKC 2016, Part II, vol. 9615 of LNCS (Springer, Heidelberg, 2016), pp. 447–462

  78. M. Luby, C. Rackoff, How to construct pseudorandom permutations from pseudorandom functions. SIAM J. Comput. 17(2), 373–386 (1988)

    Article  MathSciNet  Google Scholar 

  79. H. Lin, V. Vaikuntanathan, Indistinguishability obfuscation from DDH-like assumptions on constant-degree graded encodings, in I. Dinur, editor, 57th FOCS (IEEE Computer Society Press, 2016), pp. 11–20

  80. E. Miles, A. Sahai, M. Zhandry, Annihilation attacks for multilinear maps: Cryptanalysis of indistinguishability obfuscation over GGH13, in M. Robshaw, J. Katz, editors, CRYPTO 2016, Part II, vol. 9815 of LNCS (Springer, Heidelberg, 2016), pp. 629–658

  81. F. Ma, M. Zhandry, The MMap strikes back: Obfuscation and new multilinear maps immune to CLT13 zeroizing attacks, in A. Beimel, S. Dziembowski, editors, TCC 2018, Part II, vol. 11240 of LNCS (Springer, Heidelberg, 2018), pp. 513–543

  82. A. O’Neill, Definitional issues in functional encryption. Cryptology ePrint Archive, Report 2010/556 (2010). https://eprint.iacr.org/2010/556

  83. R. Pass, K. Seth, S. Telang, Indistinguishability obfuscation from semantically-secure multilinear encodings, in J.A. Garay, R. Gennaro, editors, CRYPTO 2014, Part I, vol. 8616 of LNCS (Springer, Heidelberg, 2014), pp. 500–517

  84. A. Sahai, H. Seyalioglu, Worry-free encryption: functional encryption with public keys, in E. Al-Shaer, A.D. Keromytis, V. Shmatikov, editors, ACM CCS 2010 (ACM Press, 2010), pp. 463–472

  85. A. Sahai, B.R. Waters, Fuzzy identity-based encryption, in R. Cramer, editor, EUROCRYPT 2005, vol. 3494 of LNCS (Springer, Heidelberg, 2005), pp. 457–473

  86. A. Sahai, B. Waters, How to use indistinguishability obfuscation: Deniable encryption, and more. SIAM J. Comput. 50(3), 857–908 (2021)

    Article  MathSciNet  Google Scholar 

  87. L.G. Valiant, Universal circuits (preliminary report), in A.K. Chandra, D. Wotschke, E.P. Friedman, M.A. Harrison, editors, Proceedings of the 8th Annual ACM Symposium on Theory of Computing, May 3–5, 1976, Hershey, Pennsylvania, USA (ACM, 1976), pp. 196–203

  88. B. Waters, A punctured programming approach to adaptively secure functional encryption, in R. Gennaro, M.J.B. Robshaw, editors, CRYPTO 2015, Part II, vol. 9216 of LNCS (Springer, Heidelberg, 2015), pp. 678–697

  89. H. Wee, D. Wichs, Candidate obfuscation via oblivious LWE sampling, in A. Canteaut, F.-X. Standaert, editors, EUROCRYPT 2021, Part III, vol. 12698 of LNCS (Springer, Heidelberg, 2021), pp. 127–156

  90. A.C.-C. Yao, How to generate and exchange secrets (extended abstract), in 27th FOCS (IEEE Computer Society Press, 1986), pp. 162–167

  91. J. Zimmerman, How to obfuscate programs directly, in E. Oswald, M. Fischlin, editors, EUROCRYPT 2015, Part II, vol. 9057 of LNCS (Springer, Heidelberg, 2015), pp. 439–467

Download references

Acknowledgements

We would like to thank anonymous reviewers for valuable comments.

Author information

Authors and Affiliations

  1. NTT Corporation, Tokyo, Japan

    Fuyuki Kitagawa & Ryo Nishimaki

  2. Tokyo Institute of Technology, Tokyo, Japan

    Keisuke Tanaka

Authors
  1. Fuyuki Kitagawa
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ryo Nishimaki
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Keisuke Tanaka
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ryo Nishimaki.

Additional information

Communicated by Jonathan Katz.

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

An extended abstract of this paper appears in the proceedings of Eurocrypt 2018 as “Obfustopia Built on Secret-Key Functional Encryption [67]”.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Kitagawa, F., Nishimaki, R. & Tanaka, K. Obfustopia Built on Secret-Key Functional Encryption. J Cryptol 35, 19 (2022). https://doi.org/10.1007/s00145-022-09429-z

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s00145-022-09429-z

Keywords

Search

Navigation