Papers
Topics
Authors
Recent
Search
2000 character limit reached

Indistinguishability Obfuscation from Well-Founded Assumptions

Published 21 Aug 2020 in cs.CR and cs.CC | (2008.09317v1)

Abstract: In this work, we show how to construct indistinguishability obfuscation from subexponential hardness of four well-founded assumptions. We prove: Let $\tau \in (0,\infty), \delta \in (0,1), \epsilon \in (0,1)$ be arbitrary constants. Assume sub-exponential security of the following assumptions, where $\lambda$ is a security parameter, and the parameters $\ell,k,n$ below are large enough polynomials in $\lambda$: - The SXDH assumption on asymmetric bilinear groups of a prime order $p = O(2\lambda)$, - The LWE assumption over $\mathbb{Z}_{p}$ with subexponential modulus-to-noise ratio $2{k\epsilon}$, where $k$ is the dimension of the LWE secret, - The LPN assumption over $\mathbb{Z}_p$ with polynomially many LPN samples and error rate $1/\ell\delta$, where $\ell$ is the dimension of the LPN secret, - The existence of a Boolean PRG in $\mathsf{NC}0$ with stretch $n{1+\tau}$, Then, (subexponentially secure) indistinguishability obfuscation for all polynomial-size circuits exists.

Authors (3)
Citations (178)

Summary

An Analysis of "Indistinguishability Obfuscation from Well-Founded Assumptions"

This paper by Aayush Jain, Huijia Lin, and Amit Sahai presents a construction of indistinguishability obfuscation (iO) from four foundational computational assumptions, employing subexponential hardness. This construction marks a significant departure from previous efforts, which necessitated novel hardness assumptions of questionable stability. The authors posit that indistinguishability obfuscation for all polynomial-size circuits exists under the subexponential security of the following assumptions: the Subgroup Decision Diffie-Hellman (SXDH) assumption on asymmetric bilinear groups, the Learning With Errors (LWE) assumption over Zp\mathbb{Z}_p, the Learning Parity with Noise (LPN) assumption over Zp\mathbb{Z}_p, and the existence of a Boolean Pseudo-Random Generator (PRG) in NC0^0 with certain stretch characteristics.

Summary of Assumptions and Results

  • SXDH Assumption: This assumption pertains to the indistinguishability of random tuples within certain groups, assuming a bilinear map. This has a history of use in various cryptographic constructs, notably identity-based encryption.
  • LWE Assumption: As initially proposed by Regev, the LWE assumption's challenge involves distinguishing noisy linear equations from random ones. Its applicability spans numerous cryptographic schemes, from fully homomorphic encryption to public key encryption systems.
  • LPN Assumption: This assumption over large fields is akin to a decoding problem, asserting the indistinguishability of linear equations perturbed by sparse noise. Originally outlined for use in secure two-party protocols, LPN also underlies complex identification schemes and encryption strategies.
  • Boolean PRGs in NC0^0: These generators form the core of this paper's pseudorandom assurances, possessing vast cryptographic applications. Intriguingly, the authors leverage the sparsity of LPN errors to construct a structured-seed PRG, culminating in a novel means of constructing an indistinguishable output even under constrained complexity settings.

The main theorem insists that if these assumptions hold under subexponential security, then indistinguishability obfuscation also enjoys such robust security levels. Practically speaking, these assumptions derive from longstanding computational challenges, well-documented and exhaustively analyzed, which offers reassurance regarding the fidelity and rigor of the constructions.

Implications and Prospects

The construction of iO posited by this paper rests on multiple well-vetted complexity-theoretic bases, potentially moving this cryptographic goal from speculative territories to more established grounds. Theoretically, it provides a roadmap for securely encasing computation in a manner resistant to reverse-engineering—a goal that eluded prior cryptographic models tethered to uncertain assumptions.

Additionally, the authors allude to the paper's results serving as the foundation for achieving collusion-resistant functional encryption under the same polynomial security assumptions. This dual achievement in functional encryption and iO expands the functional array of cryptographic utilities, enhancing patterns of secure computation.

Future Directions

Future research might pivot towards refining these constructs, shedding efficiency constraints or reducing the reliance on specific assumptions. There could also be an exploration into leveraging advances in lattice-based cryptography or probing other areas where these foundational assumptions could interplay for further cryptographic applications. Moreover, nuances in the security landscape might spur reevaluation or refinement of these models, foregrounding iO's practical and theoretical potential.

In summary, this paper offers a novel and promising trajectory for indistinguishability obfuscation, situated upon a foundation of well-understood and credible assumptions. It elegantly bridges the gaps left by previous ailing constructions tethered to assumptions hitherto difficult to justify or articulate comprehensively. Such strides can potentially ripple across cryptography, influencing diverse applications and reshaping their underpinnings.

Paper to Video (Beta)

No one has generated a video about this paper yet.

Whiteboard

No one has generated a whiteboard explanation for this paper yet.

Open Problems

We haven't generated a list of open problems mentioned in this paper yet.

Continue Learning

We haven't generated follow-up questions for this paper yet.

Collections

Sign up for free to add this paper to one or more collections.

Tweets

Sign up for free to view the 1 tweet with 1 like about this paper.