skip to main content
10.1145/3133956.3133976acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
research-article
Public Access

Implementing BP-Obfuscation Using Graph-Induced Encoding

Published: 30 October 2017 Publication History

Abstract

We implemented (a simplified version of) the branching-program obfuscator due to Gentry et al. (GGH15), which is itself a variation of the first obfuscation candidate by Garg et al. (GGHRSW13). To keep within the realm of feasibility, we had to give up on some aspects of the construction, specifically the "multiplicative bundling" factors that protect against mixed-input attacks. Hence our implementation can only support read-once branching programs.
To be able to handle anything more than just toy problems, we developed a host of algorithmic and code-level optimizations. These include new variants of discrete Gaussian sampler and lattice trapdoor sampler, efficient matrix-manipulation routines, and many tradeoffs. We expect that these optimizations will find other uses in lattice-based cryptography beyond just obfuscation.
Our implementation is the first obfuscation attempt using the GGH15 graded encoding scheme, offering performance advantages over other graded encoding methods when obfuscating finite-state machines with many states. In out most demanding setting, we were able to obfuscate programs with input length of 20 nibbles (80 bits) and over 100 states, which seems out of reach for prior implementations. Although further optimizations are surely possible, we do not expect any implementation of current schemes to be able to handle much larger parameters.

Supplemental Material

MP4 File

References

[1]
M. R. Albrecht. Private communications, 2016.
[2]
M. R. Albrecht, C. Cocis, F. LaguillAumie, and A. Langlois. Implementing candidate graded encoding schemes from ideal lattices. In Progress in Cryptology - Asia CRYPT'15, Lecture Notes in Computer Science. Springer, 2015.
[3]
M. R. Albrecht, R. Player, and S. Scott. On the concrete hardness of learning with errors. J. Mathematical Cryptology, 9(3):169--203, 2015.
[4]
D. Apon, Y. Huang, J. Katz, and A. J. Malozemoff. Implementing cryptographic program obfuscation. Cryptology ePrint Archive, Report 2014/779, 2014. http://eprint.iacr.org/.
[5]
S. Arora and R. Ge. New algorithms for learning in presence of errors. In ICALP, volume 6755 of Lecture Notes in Computer Science, pages 403--415. Springer, 2011.
[6]
Y. Chen, C. Gentry, and S. Halevi. Cryptanalyses of candidate branching program obfuscators. Cryptology ePrint Archive, Report 2016/998, 2016. http://eprint.iacr.org/2016/998.
[7]
J. Coron, T. Lepoint, and M. Tibouchi. Practical multilinear maps over the integers. In R. Canetti and J. A. Garay, editors, CRYPTO 2013, volume 8042 of Lecture Notes in Computer Science, pages 476--493. Springer, 2013.
[8]
J.-S. Coron, M. S. Lee, T. Lepoint, and M. Tibouchi. Cryptanalysis of ggh15 multilinear maps. Cryptology ePrint Archive, Report 2015/1037, 2015. http://eprint.iacr.org/2015/1037.
[9]
S. Garg, C. Gentry, and S. Halevi. Candidate multilinear maps from ideal lattices. In Advances in Cryptology - EUROCRYPT'13, volume 7881 of Lecture Notes in Computer Science, pages 1--17. Springer, 2013.
[10]
S. Garg, C. Gentry, S. Halevi, M. Raykova, A. Sahai, and B. Waters. Candidate indistinguishability obfuscation and functional encryption for all circuits. SIAM J. Comput., 45(3):882--929, 2016.
[11]
C. Gentry, S. Gorbunov, and S. Halevi. Graph-induced multilinear maps from lattices. In Y. Dodis and J. B. Nielsen, editors, Theory of Cryptography - 12th Theory of Cryptography Conference, TCC 2015, Warsaw, Poland, March 23-25, 2015, Proceedings, Part II, volume 9015 of Lecture Notes in Computer Science, pages 498--527. Springer, 2015. https://eprint.iacr.org/2014/645.
[12]
C. Gentry, S. Halevi, and N. Smart. Homomorphic evaluation of the AES circuit. In "Advances in Cryptology - CRYPTO 2012", volume 7417 of Lecture Notes in Computer Science, pages 850--867. Springer, 2012. Full version at http://eprint. iacr.org/2012/099.
[13]
C. Gentry, C. Peikert, and V. Vaikuntanathan. Trapdoors for hard lattices and new cryptographic constructions. In STOC'08, pages 197--206, 2008.
[14]
J. Kilian. Founding cryptography on oblivious transfer. In J. Simon, editor, STOC, pages 20--31. ACM, 1988.
[15]
A. Langlois, D. Stehlé, and R. Steinfeld. Gghlite: More efficient multilinear maps from ideal lattices. In P. Q. Nguyen and E. Oswald, editors, EUROCRYPT, volume 8441 of Lecture Notes in Computer Science, pages 239--256. Springer, 2014.
[16]
K. Lewi, A. J. Malozemoff, D. Apon, B. Carmer, A. Foltzer, D. Wagner, D. W. Archer, D. Boneh, J. Katz, and M. Raykova. 5gen: A framework for prototyping applications using multilinear maps and matrix branching programs. In ACM Conference on Computer and Communications Security, pages 981--992. ACM, 2016.
[17]
J. Liu. Eigenvalue and Singular Value Inequalities of Schur Complements, pages 47--82. Springer US, Boston, MA, 2005.
[18]
D. Micciancio and C. Peikert. Trapdoors for lattices: Simpler, tighter, faster, smaller. In EUROCRYPT, volume 7237 of Lecture Notes in Computer Science, pages 700--718. Springer, 2012. Full version at http://ia.cr/2011/501.
[19]
C. Peikert. An efficient and parallel gaussian sampler for lattices. In T. Rabin, editor, Advances in Cryptology - CRYPTO 2010, 30th Annual Cryptology Conference, Santa Barbara, CA, USA, August 15-19, 2010. Proceedings, volume 6223 of Lecture Notes in Computer Science, pages 80--97. Springer, 2010.
[20]
V. Shoup. NTL: A Library for doing Number Theory. http://shoup.net/ntl/, Version 9.11.0, 2016.
[21]
F. Zhang. The Schur Complement and Its Applications. Numerical Methods and Algorithms. Springer, 2005.

Cited By

View all

Index Terms

  1. Implementing BP-Obfuscation Using Graph-Induced Encoding

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Conferences
    CCS '17: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security
    October 2017
    2682 pages
    ISBN:9781450349468
    DOI:10.1145/3133956
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

    Sponsors

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 30 October 2017

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. implementation
    2. multilinear maps
    3. obfuscation
    4. trapdoor lattice sampling

    Qualifiers

    • Research-article

    Funding Sources

    Conference

    CCS '17
    Sponsor:

    Acceptance Rates

    CCS '17 Paper Acceptance Rate 151 of 836 submissions, 18%;
    Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

    Upcoming Conference

    CCS '25

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)59
    • Downloads (Last 6 weeks)10
    Reflects downloads up to 16 Feb 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2023)Use of cryptography in malware obfuscationJournal of Computer Virology and Hacking Techniques10.1007/s11416-023-00504-y20:1(135-152)Online publication date: 25-Sep-2023
    • (2022)Witness Encryption and Null-IO from Evasive LWEAdvances in Cryptology – ASIACRYPT 202210.1007/978-3-031-22963-3_7(195-221)Online publication date: 5-Dec-2022
    • (2022)Optimal Broadcast Encryption and CP-ABE from Evasive Lattice AssumptionsAdvances in Cryptology – EUROCRYPT 202210.1007/978-3-031-07085-3_8(217-241)Online publication date: 30-May-2022
    • (2022)Towards a Simpler Lattice Gadget ToolkitPublic-Key Cryptography – PKC 202210.1007/978-3-030-97121-2_18(498-520)Online publication date: 8-Mar-2022
    • (2021)Efficient Lattice Gadget Decomposition Algorithm With Bounded Uniform DistributionIEEE Access10.1109/ACCESS.2021.30532889(17429-17437)Online publication date: 2021
    • (2019)Matrix PRFs: Constructions, Attacks, and Applications to ObfuscationTheory of Cryptography10.1007/978-3-030-36030-6_3(55-80)Online publication date: 1-Dec-2019
    • (2019)Approximate Trapdoors for Lattices and Smaller Hash-and-Sign SignaturesAdvances in Cryptology – ASIACRYPT 201910.1007/978-3-030-34618-8_1(3-32)Online publication date: 8-Dec-2019
    • (2019)Statistical Zeroizing Attack: Cryptanalysis of Candidates of BP Obfuscation over GGH15 Multilinear MapAdvances in Cryptology – CRYPTO 201910.1007/978-3-030-26954-8_9(253-283)Online publication date: 18-Aug-2019
    • (2019)Building an Efficient Lattice Gadget Toolkit: Subgaussian Sampling and MoreAdvances in Cryptology – EUROCRYPT 201910.1007/978-3-030-17656-3_23(655-684)Online publication date: 19-May-2019
    • (2018)Cryptanalysis on the HHSS Obfuscation Arising From Absence of SafeguardsIEEE Access10.1109/ACCESS.2018.28503616(40096-40104)Online publication date: 2018
    • Show More Cited By

    View Options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Login options

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media