29 research outputs found
Indistinguishability Obfuscation from Functional Encryption
Indistinguishability obfuscation (IO) is a tremendous notion, powerful enough to give
rise to almost any known cryptographic object. Prior candidate IO constructions were
based on specific assumptions on algebraic objects called multi-linear graded encodings.
We present a generic construction of indistinguishability obfuscation from public-key
functional encryption with succinct encryption circuits and subexponential security. This
shows the equivalence of indistinguishability obfuscation and public-key functional en-
cryption, a primitive that has previously seemed to be much weaker, lacking the power
and the staggering range of applications of indistinguishability obfuscation.
Our main construction can be based on functional encryption schemes that support a
single functional key, and where the encryption circuit grows sub-linearly in the circuit-size
of the function. We further show that sublinear succinctness in circuit-size for single-key
schemes can be traded with sublinear succinctness in the number of keys (also known
as the collusion-size) for multi-key schemes. We also show that, under the Learning with
Errors assumption, our techniques imply that any indistinguishability obfuscator can be
converted into one where the size of obfuscated circuits is twice that of the original circuit
plus an additive overhead that is polynomial in its depth, input length, and the security
parameter
Indistinguishability Obfuscation from Functional Encryption for Simple Functions
We show how to construct indistinguishability obfuscation (iO) for circuits from any non-compact functional encryption (FE) scheme with sub-exponential security against unbounded collusions. We accomplish this by giving a generic transformation from any such FE scheme into a compact FE scheme. By composing this with the transformation from sub-exponentially secure compact FE to iO (Ananth and Jain [CRYPTO\u2715], Bitansky and Vaikuntanathan [FOCS\u2715]), we obtain our main result.
Our result provides a new pathway to iO.
We use our technique to identify a simple function family for FE that suffices for our general result. We show that the function family F is complete, where every f in F consists of three evaluations of a Weak PRF followed by finite operations. We believe that this may be useful for realizing iO from weaker assumptions in the future
Achieving Obfuscation Through Self-Modifying Code: A Theoretical Model
With the extreme amount of data and software available on networks, the protection of online information is one of the most important tasks of this technological age. There is no such thing as safe computing, and it is inevitable that security breaches will occur. Thus, security professionals and practices focus on two areas: security, preventing a breach from occurring, and resiliency, minimizing the damages once a breach has occurred. One of the most important practices for adding resiliency to source code is through obfuscation, a method of re-writing the code to a form that is virtually unreadable. This makes the code incredibly hard to decipher by attackers, protecting intellectual property and reducing the amount of information gained by the malicious actor. Achieving obfuscation through the use of self-modifying code, code that mutates during runtime, is a complicated but impressive undertaking that creates an incredibly robust obfuscating system. While there is a great amount of research that is still ongoing, the preliminary results of this subject suggest that the application of self-modifying code to obfuscation may yield self-maintaining software capable of healing itself following an attack
Compactness vs Collusion Resistance in Functional Encryption
We present two general constructions that can be used to combine any
two functional
encryption (FE) schemes (supporting a bounded number of key queries)
into a new functional encryption scheme supporting
a larger number of key queries.
By using these constructions iteratively,
we transform any primitive FE scheme supporting a single
functional key query (from a sufficiently general class of functions)
and has certain weak compactness properties to a collusion-resistant
FE scheme with the same or slightly weaker compactness properties.
Together with previously known reductions, this
shows that the compact, weakly compact, collusion-resistant, and
weakly collusion-resistant versions of FE are all equivalent
under polynomial time reductions.
These are all FE variants known to imply the existence of indistinguishability
obfuscation, and were previously thought to offer slightly different avenues toward
the realization of obfuscation from general assumptions.
Our results show that they are indeed all equivalent, improving our
understanding of the minimal assumptions on
functional encryption required to instantiate
indistinguishability obfuscation
LiS: Lightweight Signature Schemes for continuous message authentication in cyber-physical systems
Agency for Science, Technology and Research (A*STAR) RIE 202
Time-Lock Puzzles from Randomized Encodings
Time-lock puzzles are a mechanism for sending messages "to the future". A sender can quickly generate a puzzle with a solution s that remains hidden until a moderately large amount of time t has elapsed. The solution s should be hidden from any adversary that runs in time significantly less than t, including resourceful parallel adversaries with polynomially many processors.
While the notion of time-lock puzzles has been around for 22 years, there has only been a single candidate proposed. Fifteen years ago, Rivest, Shamir and Wagner suggested a beautiful candidate time-lock puzzle based on the assumption that exponentiation modulo an RSA integer is an "inherently sequential" computation.
We show that various flavors of randomized encodings give rise to time-lock puzzles of varying strengths, whose security can be shown assuming the mere existence of non-parallelizing languages, which are languages that require circuits of depth at least t to decide, in the worst-case. The existence of such languages is necessary for the existence of time-lock puzzles.
We instantiate the construction with different randomized encodings from the literature, where increasingly better efficiency is obtained based on increasingly stronger cryptographic assumptions, ranging from one-way functions to indistinguishability obfuscation. We also observe that time-lock puzzles imply one-way functions, and thus the reliance on some cryptographic assumption is necessary.
Finally, generalizing the above, we construct other types of puzzles such as proofs of work from randomized encodings and a suitable worst-case hardness assumption (that is necessary for such puzzles to exist)
Hardware Obfuscation for Finite Field Algorithms
With the rise of computing devices, the security robustness of the devices has become of utmost importance. Companies invest huge sums of money, time and effort in security analysis and vulnerability testing of their software products. Bug bounty programs are held which incentivize security researchers for finding security holes in software. Once holes are found, software firms release security patches for their products. The semiconductor industry has flourished with accelerated innovation. Fabless manufacturing has reduced the time-to-market and lowered the cost of production of devices. Fabless paradigm has introduced trust issues among the hardware designers and manufacturers. Increasing dependence on computing devices in personal applications as well as in critical infrastructure has given a rise to hardware attacks on the devices in the last decade. Reverse engineering and IP theft are major challenges that have emerged for the electronics industry. Integrated circuit design companies experience a loss of billions of dollars because of malicious acts by untrustworthy parties involved in the design and fabrication process, and because of attacks by adversaries on the electronic devices in which the chips are embedded. To counter these attacks, researchers have been working extensively towards finding strong countermeasures. Hardware obfuscation techniques make the reverse engineering of device design and functionality difficult for the adversary. The goal is to conceal or lock the underlying intellectual property of the integrated circuit. Obfuscation in hardware circuits can be implemented to hide the gate-level design, layout and the IP cores. Our work presents a novel hardware obfuscation design through reconfigurable finite field arithmetic units, which can be employed in various error correction and cryptographic algorithms. The effectiveness and efficiency of the proposed methods are verified by an obfuscated Reformulated Inversion-less Berlekamp-Massey (RiBM) architecture based Reed-Solomon decoder. Our experimental results show the hardware implementation of RiBM based Reed-Solomon decoder built using reconfigurable field multiplier designs. The proposed design provides only very low overhead with improved security by obfuscating the functionality and the outputs. The design proposed in our work can also be implemented in hardware designs of other algorithms that are based on finite field arithmetic. However, our main motivation was to target encryption and decryption circuits which store and process sensitive data and are used in critical applications
Single-Key to Multi-Key Functional Encryption with Polynomial Loss
Functional encryption (FE) enables fine-grained access to encrypted data. In a FE scheme, the holder of a secret key \SK_f (associated with a function ) and a ciphertext (encrypting plaintext ) can learn but nothing more.
An important parameter in the security model for FE is the number of secret keys that adversary has access to. In this work, we give a transformation from a FE scheme for which the adversary gets access to a single secret key (with ciphertext size sub-linear in the circuit for which this secret key is issued) to one that is secure even if adversary gets access to an {unbounded} number of secret keys. A novel feature of our transformation is that its security proof incurs only a {\em polynomial} loss
Indistinguishability Obfuscation from Well-Founded Assumptions
In this work, we show how to construct indistinguishability obfuscation from
subexponential hardness of four well-founded assumptions. We prove:
Let be arbitrary
constants. Assume sub-exponential security of the following assumptions, where
is a security parameter, and the parameters below are
large enough polynomials in :
- The SXDH assumption on asymmetric bilinear groups of a prime order ,
- The LWE assumption over with subexponential
modulus-to-noise ratio , where is the dimension of the LWE
secret,
- The LPN assumption over with polynomially many LPN samples
and error rate , where is the dimension of the LPN
secret,
- The existence of a Boolean PRG in with stretch
,
Then, (subexponentially secure) indistinguishability obfuscation for all
polynomial-size circuits exists