Hoeteck Wee
ABSTRACT
We investigate the possibility of obfuscating point functions in the framework of Barak et al. from Crypto '01. A point function is a Boolean function that assumes the value 1 at exactly one point. Our main results are as follows:We provide a simple construction of efficient obfuscators for point functions for a slightly relaxed notion of obfuscation, for which obfuscating general circuits is nonetheless impossible. Our construction relies on the existence of a very strong one-way permutation, and yields the first non-trivial obfuscator under general assumptions in the standard model. We also obtain obfuscators for point functions with multi-bit output and for prefix matching.Our assumption is that there is a one-way permutation wherein any polynomial-sized circuit inverts the permutation on at most a polynomial number of inputs. We show that a similar assumption is in fact necessary, and that our assumption holds relative to a random permutation oracle.Finally, we establish two impossibility results which indicate that the limitations on our construction, namely simulating only adversaries with single-bit output and using nonuniform advice in our simulator, are in some sense inherent.Previous work gave negative results for the general class of circuits (Barak et al., Crypto '01) and positive results in the random oracle model (Lynn et al., Eurocrypt '04) or under non-standard number-theoretic assumptions (Canetti, Crypto '97). This work represents the first effort to bridge the gap between the two for a natural class of functionalities.
- B. Barak, O. Goldreich, R. Impagliazzo, S. Rudich, A. Sahai, S. Vadhan, and K. Yang. On the (im)possibility of obfuscating programs. In Proc. Crypto '01, 2001.]] Google Scholar
Digital Library
- M. Blum and S. Micali. How to generate cryptographically strong sequences of pseudo-random bits. SIAM Journal of Computing, 13(4):850--864, 1984.]] Google ScholarDigital Library
- R. Canetti. Towards realizing random oracles: Hash functions that hide all partial information. In Proc. Crypto '97, 1997.]] Google ScholarDigital Library
- R. Canetti, O. Goldreich, and S. Halevi. The random oracle methodology, revisited. In Proc. 30th STOC, 1998.]] Google ScholarDigital Library
- R. Canetti, D. Micciancio, and O. Reingold. Perfectly one-way probabilistic hash functions. In Proc. 30th STOC, 1998.]] Google ScholarDigital Library
- Y. Dodis and A. Smith. Correcting errors without leaking partial information. In these proceedings, 2005.]] Google ScholarDigital Library
- C. Dwork, M. Naor, and A. Sahai. Concurrent zero-knowledge. In Proc. 30th STOC, 1998.]] Google ScholarDigital Library
- R. Gennaro and L. Trevisan. Lower bounds on efficiency of generic cryptographic constructions. In Proc. 41st FOCS, 2000.]] Google ScholarDigital Library
- O. Goldreich. Foundations of Cryptography: Basic Tools. Cambridge University Press, 2001.]] Google ScholarDigital Library
- O. Goldreich and H. Krawczyk. On the composition of zero-knowledge proof systems. SIAM Journal on Computing, 25(1):169--192, 1996.]] Google ScholarDigital Library
- O. Goldreich and L. Levin. Hard-core predicates for any one-way function. In Proc. 21st STOC, 1989.]] Google ScholarDigital Library
- N. Linial, Y. Mansour, and N. Nissan. Constant depth circuits, fourier transform, and learnability. Journal of the ACM, 40(3):607--620, 1993.]] Google ScholarDigital Library
- A. Lubotzky, R. Philips, and P. Sarnak. Ramanujan graphs. Combinatorica, 8(3):261--277, 1988.]]Google ScholarCross Ref
- M. Luby. Pseudorandomness and Cryptographic Applications. Princeton University Press, 1996.]] Google ScholarDigital Library
- B. Lynn, M. Prabhakaran, and A. Sahai. Positive results and techniques for obfuscation. In Proc. Eurocrypt '04, 2004.]]Google ScholarCross Ref
- J. B. Nielsen. Separating random oracle proofs from complexity theoretic proofs: The non-committing encryption case. In Proc. Crypto '02, 2002.]] Google ScholarDigital Library
- D. Wagner and I. Goldberg. Proofs of security for the unix password hashing algorithm. In Proc. Asiacrypt '00, 2000.]] Google ScholarDigital Library
- A. Yao. Theory and applications of trapdoor functions. In Proc. 23rd FOCS, 1982.]]Google ScholarCross Ref
Index Terms
- On obfuscating point functions
Recommendations
Obfuscating point functions with multibit output
EUROCRYPT'08: Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptologyWe construct obfuscators of point functions with multibit output and other related functions. A point function with multibit output returns a fixed string on a single input point and zero everywhere else. Obfuscation of such functions has a useful ...
Lattice-based obfuscation for re-encryption functions
Program obfuscation is a compiler that transfers a program into an unintelligible form while preserving the original functionality. Secure obfuscation for several particular function families has been raised out despite the general impossibility result ...
Verifiably encrypted signatures with short keys based on the decisional linear problem and obfuscation for encrypted VES
Verifiably encrypted signatures (VES) are encrypted signatures under a public key of a trusted third party. We can verify their validity without decryption. VES has useful applications such as online contract signing and optimistic fair exchange. We ...
Comments