Book ChapterDOI
Universal Constructions and Robust Combiners for Indistinguishability Obfuscation and Witness Encryption
Prabhanjan Ananth,Aayush Jain,Moni Naor,Amit Sahai,Eylon Yogev +4 more
- pp 491-520
Reads0
Chats0
TLDR
This work constructs universal schemes for IO, and for witness encryption, and also resolves the existence of combiners for these primitives along the way, where one wishes to find "one construction to rule them all": an explicit construction that is secure if any construction of the primitive exists.Abstract:
Over the last few years a new breed of cryptographic primitives has arisen: on one hand they have previously unimagined utility and on the other hand they are not based on simple to state and tried out assumptions. With the on-going study of these primitives, we are left with several different candidate constructions each based on a different, not easy to express, mathematical assumptions, where some even turn out to be insecure.
A combiner for a cryptographic primitive takes several candidate constructions of the primitive and outputs one construction that is as good as any of the input constructions. Furthermore, this combiner must be efficient: the resulting construction should remain polynomial-time even when combining polynomially many candidate. Combiners are especially important for a primitive where there are several competing constructions whose security is hard to evaluate, as is the case for indistinguishability obfuscation IO and witness encryption WE.
One place where the need for combiners appears is in design of a universal construction, where one wishes to find "one construction to rule them all": an explicit construction that is secure if any construction of the primitive exists.
In a recent paper, Goldwasser and Kalai posed as a challenge finding universal constructions for indistinguishability obfuscation and witness encryption. In this work we resolve this issue: we construct universal schemes for IO, and for witness encryption, and also resolve the existence of combiners for these primitives along the way. For IO, our universal construction and combiners can be built based on either assuming DDH, or assuming LWE, with security against subexponential adversaries. For witness encryption, we need only one-way functions secure against polynomial time adversaries.read more
Citations
More filters
Book ChapterDOI
Secure Obfuscation in a Weak Multilinear Map Model
TL;DR: Gentry et al. as discussed by the authors proposed a weak multilinear map model that is provably secure against all known polynomial-time attacks on GGH13 and proved its security in the weak multi-linear map model.
Posted Content
Cryptanalysis of Indistinguishability Obfuscations of Circuits over GGH13.
TL;DR: In this paper, the authors provide a general efficiently testable property for two single-input branching programs, called partial inequivalence, which is sufficient for their variant of annihilation attacks on several obfuscation constructions based on GGH13 multilinear maps.
Book ChapterDOI
Delegating RAM Computations with Adaptive Soundness and Privacy
TL;DR: In this paper, Chen et al. presented the first RAM delegation scheme that provides both soundness and privacy guarantees in the adaptive setting, where the sequence of delegated RAM programs are chosen adaptively, depending potentially on the encodings of the database and previously chosen programs.
Book ChapterDOI
From Minicrypt to Obfustopia via Private-Key Functional Encryption
Ilan Komargodski,Gil Segev +1 more
TL;DR: Private-key functional encryption enables fine-grained access to symmetrically-encrypted data and up until recently was not known to imply any public-key primitive, demonstrating poor understanding of this extremely-useful primitive.
White-Box vs. Black-Box Complexity of Search Problems: Ramsey and Graph Property Testing.
TL;DR: In this article, the authors examined the relationship between black box complexity and white box complexity for search problems with guaranteed solution such as the above Ramsey problem and showed that the white-box Ramsey problem is hard and this is true even if one is looking for a much smaller clique or independent set than the theorem guarantees.
References
More filters
Proceedings ArticleDOI
How to play ANY mental game
TL;DR: This work presents a polynomial-time algorithm that, given as a input the description of a game with incomplete information and any number of players, produces a protocol for playing the game that leaks no partial information, provided the majority of the players is honest.
Proceedings ArticleDOI
How to generate and exchange secrets
TL;DR: A new tool for controlling the knowledge transfer process in cryptographic protocol design is introduced and it is applied to solve a general class of problems which include most of the two-party cryptographic problems in the literature.
Journal ArticleDOI
Über formal unentscheidbare Sätze der Principia Mathematica und verwandter Systeme I
MonographDOI
Foundations of Cryptography
TL;DR: In this paper, the authors present a list of figures in the context of digital signatures and message authentication for general cryptographic protocols, including encryption, digital signatures, message authentication, and digital signatures.
Journal ArticleDOI
A Pseudorandom Generator from any One-way Function
TL;DR: It is shown how to construct a pseudorandom generator from any one-way function, and it is shown that there is a Pseudorandom Generator if and only ifthere is a one- way function.
Related Papers (5)
Indistinguishability Obfuscation from Compact Functional Encryption
Prabhanjan Ananth,Abhishek Jain +1 more