Advertisement

From Minicrypt to Obfustopia via Private-Key Functional Encryption

  • Ilan KomargodskiEmail author
  • Gil Segev
Article
  • 15 Downloads

Abstract

Private-key functional encryption enables fine-grained access to symmetrically encrypted data. Although private-key functional encryption (supporting an unbounded number of keys and ciphertexts) seems significantly weaker than its public-key variant, its known realizations all rely on public-key functional encryption. At the same time, however, up until recently it was not known to imply any public-key primitive, demonstrating our poor understanding of this primitive. Bitansky et al. (Theory of cryptography—14th international conference, TCC 2016-B, 2016) showed that sub-exponentially secure private-key function encryption bridges from nearly exponential security in Minicrypt to slightly super-polynomial security in Cryptomania, and from sub-exponential security in Cryptomania to Obfustopia. Specifically, given any sub-exponentially secure private-key functional encryption scheme and a nearly exponentially secure one-way function, they constructed a public-key encryption scheme with slightly super-polynomial security. Assuming, in addition, a sub-exponentially secure public-key encryption scheme, they then constructed an indistinguishability obfuscator (or a public-key functional encryption scheme if the given building blocks are polynomially secure).

We show that quasi-polynomially secure private-key functional encryption bridges from sub-exponential security in Minicrypt all the way to Cryptomania. First, given any quasi-polynomially secure private-key functional encryption scheme, we construct an indistinguishability obfuscator for circuits with inputs of poly-logarithmic length. Then, we observe that such an obfuscator can be used to instantiate many natural applications of indistinguishability obfuscation. Specifically, relying on sub-exponentially secure one-way functions, we show that quasi-polynomially secure private-key functional encryption implies not just public-key encryption but leads all the way to public-key functional encryption for circuits with inputs of poly-logarithmic length. Moreover, relying on sub-exponentially secure injective one-way functions, we show that quasi-polynomially secure private-key functional encryption implies a hard-on-average distribution over instances of a PPAD-complete problem. Underlying our constructions is a new transformation from single-input functional encryption to multi-input functional encryption in the private-key setting. The previously known such transformation (Brakerski et al. J Cryptol 31(2):434–520, 2018) required a sub-exponentially secure single-input scheme, and obtained a scheme supporting only a slightly super-constant number of inputs. Our transformation both relaxes the underlying assumption and supports more inputs: Given any quasi-polynomially secure single-input scheme, we obtain a scheme supporting a poly-logarithmic number of inputs.

Keywords

Private-key functional encryption Multi-input functional encryption PPAD hardness Indistinguishability obfuscation 

Notes

Acknowledgements

We thank Zvika Brakerski and the anonymous referees for many valuable comments. The first author thanks his advisor Moni Naor for his support and guidance.

References

  1. 1.
    S. Agrawal, S. Agrawal, S. Badrinarayanan, A. Kumarasubramanian, M. Prabhakaran, A. Sahai, Function private functional encryption and property preserving encryption: new definitions and positive results. Cryptology ePrint Archive, Report 2013/744 (2013)Google Scholar
  2. 2.
    P. Ananth, D. Boneh, S. Garg, A. Sahai, M. Zhandry, Differing-inputs obfuscation and applications. Cryptology ePrint Archive, Report 2013/689 (2013)Google Scholar
  3. 3.
    P. Ananth, Z. Brakerski, G. Segev, V. Vaikuntanathan, From selective to adaptive security in functional encryption, in Advances in Cryptology—CRYPTO ’15 (2015), pp. 657–677Google Scholar
  4. 4.
    P. Ananth, A. Jain, Indistinguishability obfuscation from compact functional encryption, in Advances in Cryptology—CRYPTO ’15 (2015), pp. 308–326Google Scholar
  5. 5.
    P. Ananth, A. Jain, M. Naor, A. Sahai, E. Yogev, Universal constructions and robust combiners for indistinguishability obfuscation and witness encryption, in Advances in Cryptology—CRYPTO ’16 (2016), pp. 491–520Google Scholar
  6. 6.
    P. Ananth, A. Jain, A. Sahai, Achieving compactness generically: indistinguishability obfuscation from non-compact functional encryption. Cryptology ePrint Archive, Report 2015/730 (2015)Google Scholar
  7. 7.
    T. Abbot, D. Kane, P. Valiant, On algorithms for Nash equilibria (2004)Google Scholar
  8. 8.
    G. Asharov, G. Segev, Limits on the power of indistinguishability obfuscation and functional encryption. SIAM J. Comput., 45(6), 2117–2176 (2016)MathSciNetCrossRefzbMATHGoogle Scholar
  9. 9.
    E. Boyle, K. Chung, R. Pass, On extractability obfuscation, in Proceedings of the 11th Theory of Cryptography Conference, TCC (2014), pp. 52–73Google Scholar
  10. 10.
    Z. Brakerski, C. Gentry, S. Halevi, T. Lepoint, A. Sahai, M. Tibouchi, Cryptanalysis of the quadratic zero-testing of GGH. Cryptology ePrint Archive, Report 2015/845 (2015)Google Scholar
  11. 11.
    B. Barak, O. Goldreich, R. Impagliazzo, S. Rudich, A. Sahai, S. P. Vadhan, K. Yang, On the (im)possibility of obfuscating programs. J. ACM, 59(2), 6 (2012)MathSciNetCrossRefzbMATHGoogle Scholar
  12. 12.
    E. Boyle, S. Goldwasser, I. Ivan, Functional signatures and pseudorandom functions, in Proceedings of the 17th International Conference on Practice and Theory in Public-Key Cryptography (2014), pp. 501–519Google Scholar
  13. 13.
    Z. Brakerski, I. Komargodski, G. Segev, Multi-input functional encryption in the private-key setting: stronger security from weaker assumptions. J. Cryptol., 31(2), 434–520 (2018)MathSciNetCrossRefzbMATHGoogle Scholar
  14. 14.
    D. Boneh, K. Lewi, M. Raykova, A. Sahai, M. Zhandry, J. Zimmerman, Semantically secure order-revealing encryption: Multi-input functional encryption without obfuscation, in Advances in Cryptology—EUROCRYPT ’15 (2015), pp. 563–594Google Scholar
  15. 15.
    N. Bitansky, R. Nishimaki, A. Passelègue, D. Wichs, From Cryptomania to Obfustopia through secret-key functional encryption, in Theory of Cryptography—14th International Conference, TCC 2016-B (2016), pp. 391–418Google Scholar
  16. 16.
    N. Bitansky, O. Paneth, A. Rosen, On the cryptographic hardness of finding a Nash equilibrium, in Proceedings of the 56th Annual IEEE Symposium on Foundations of Computer Science (2015), pp. 1480–1498Google Scholar
  17. 17.
    D. Boneh, A. Raghunathan, G. Segev, Function-private identity-based encryption: hiding the function in functional encryption, in Advances in Cryptology—CRYPTO ’13 (2013), pp. 461–478Google Scholar
  18. 18.
    D. Boneh, A. Raghunathan, G. Segev, Function-private subspace-membership encryption and its applications, in Advances in Cryptology—ASIACRYPT ’13 (2013), pp. 255–275Google Scholar
  19. 19.
    Z. Brakerski, G. Segev, Function-private functional encryption in the private-key setting, in Proceedings of the 12th Theory of Cryptography Conference, TCC (2015), pp. 306–324Google Scholar
  20. 20.
    D. Boneh, A. Sahai, B. Waters, Functional encryption: definitions and challenges, in Proceedings of the 8th Theory of Cryptography Conference, TCC (2011), pp. 253–273Google Scholar
  21. 21.
    D. Boneh, A. Sahai, B. Waters, Functional encryption: a new vision for public-key cryptography. Commun. ACM, 55(11), 56–64 (2012)CrossRefGoogle Scholar
  22. 22.
    N. Bitansky, V. Vaikuntanathan, Indistinguishability obfuscation from functional encryption, in Proceedings of the 56th Annual IEEE Symposium on Foundations of Computer Science (2015), pp. 171–190Google Scholar
  23. 23.
    D. Boneh, B. Waters, Constrained pseudorandom functions and their applications, in Advances in Cryptology—ASIACRYPT ’13 (2013), pp. 280–300Google Scholar
  24. 24.
    X. Chen, X. Deng, S. Teng, Settling the complexity of computing two-player Nash equilibria. J. ACM, 56(3), 14 (2009)MathSciNetCrossRefzbMATHGoogle Scholar
  25. 25.
    J.H. Cheon, P. Fouque, C. Lee, B. Minaud, H. Ryu, Cryptanalysis of the new CLT multilinear map over the integers, in Advances in Cryptology—EUROCRYPT (2016), pp. 509–536Google Scholar
  26. 26.
    J. Coron, C. Gentry, S. Halevi, T. Lepoint, H.K. Maji, E. Miles, M. Raykova, A. Sahai, M. Tibouchi, Zeroizing without low-level zeroes: new MMAP attacks and their limitations, in Advances in Cryptology—CRYPTO ’15 (2015), pp. 247–266Google Scholar
  27. 27.
    J.H. Cheon, K. Han, C. Lee, H. Ryu, D. Stehlé, Cryptanalysis of the multilinear map over the integers, in Advances in Cryptology—EUROCRYPT ’15 (2015), pp. 3–12Google Scholar
  28. 28.
    J.H. Cheon, J. Jeong, C. Lee, An algorithm for NTRU problems and cryptanalysis of the GGH multilinear map without an encoding of zero. Cryptology ePrint Archive, Report 2016/139 (2016)Google Scholar
  29. 29.
    C. Daskalakis, P. W. Goldberg, C.H. Papadimitriou, The complexity of computing a Nash equilibrium. Commun. ACM, 52(2), 89–97 (2009)CrossRefzbMATHGoogle Scholar
  30. 30.
    C. Daskalakis, P.W. Goldberg, C.H. Papadimitriou, The complexity of computing a Nash equilibrium. SIAM J. Comput., 39(1), 195—259 (2009)MathSciNetCrossRefzbMATHGoogle Scholar
  31. 31.
    C. Daskalakis, C.H. Papadimitriou, Continuous local search, in Proceedings of the 22nd Annual ACM-SIAM Symposium on Discrete Algorithms (2011), pp. 790–804Google Scholar
  32. 32.
    S. Goldwasser, S.D. Gordon, V. Goyal, A. Jain, J. Katz, F.-H. Liu, A. Sahai, E. Shi, H.-S. Zhou, Multi-input functional encryption, in Advances in Cryptology—EUROCRYPT ’14 (2014), pp. 578–602Google Scholar
  33. 33.
    S. Garg, C. Gentry, S. Halevi, M. Raykova, A. Sahai, B. Waters, Candidate indistinguishability obfuscation and functional encryption for all circuits, in Proceedings of the 54th Annual IEEE Symposium on Foundations of Computer Science (2013), pp. 40–49Google Scholar
  34. 34.
    S. Garg, C. Gentry, S. Halevi, M. Zhandry, Functional encryption without obfuscation, in Proceedings of the 13th Theory of Cryptography Conference, TCC (2016), pp. 480–511Google Scholar
  35. 35.
    O. Goldreich, S. Goldwasser, S. Micali, How to construct random functions. J. ACM, 33(4), 792-807 (1986)MathSciNetCrossRefzbMATHGoogle Scholar
  36. 36.
    S. Goldwasser, Y. Kalai, R.A. Popa, V. Vaikuntanathan, N. Zeldovich, Reusable garbled circuits and succinct functional encryption, in Proceedings of the 45th Annual ACM Symposium on Theory of Computing (2013), pp. 555–564Google Scholar
  37. 37.
    S. Garg, O. Pandey, A. Srinivasan, Revisiting the cryptographic hardness of finding a Nash equilibrium, in Advances in Cryptology—CRYPTO ’16 (2016), pp. 579–604Google Scholar
  38. 38.
    S. Garg, A. Srinivasan, Single-key to multi-key functional encryption with polynomial loss, in Theory of Cryptography—14th International Conference, TCC (2016), pp. 419–442Google Scholar
  39. 39.
    S. Gorbunov, V. Vaikuntanathan, H. Wee, Functional encryption with bounded collusions via multi-party computation, in Advances in Cryptology—CRYPTO ’12 (2012), pp. 162–179Google Scholar
  40. 40.
    Y. Hu, H. Jia, Cryptanalysis of GGH map, in Advances in Cryptology—EUROCRYPT (2016), pp. 537–565Google Scholar
  41. 41.
    P. Hubácek, E. Yogev, Hardness of continuous local search: Query complexity and cryptographic lower bounds, in Proceedings of the 28th Annual ACM-SIAM Symposium on Discrete Algorithms, SODA (2017), pp. 1352–1371Google Scholar
  42. 42.
    R. Impagliazzo, A personal view of average-case complexity, in Proceedings of the 10th Annual Structure in Complexity Theory Conference (1995), pp. 134–147Google Scholar
  43. 43.
    I. Komargodski, T. Moran, M. Naor, R. Pass, A. Rosen, E. Yogev, One-way functions and (im)perfect obfuscation, in Proceedings of the 55th Annual IEEE Symposium on Foundations of Computer Science (2014), pp. 374–383Google Scholar
  44. 44.
    F. Kitagawa, R. Nishimaki, K. Tanaka, Obfustopia built on secret-key functional encryption, in Advances in Cryptology—EUROCRYPT (2018), pp. 603–648Google Scholar
  45. 45.
    A. Kiayias, S. Papadopoulos, N. Triandopoulos, T. Zacharias, Delegatable pseudorandom functions and applications, in Proceedings of the 20th Annual ACM Conference on Computer and Communications Security (2013), pp. 669–684Google Scholar
  46. 46.
    I. Komargodski, G. Segev, E. Yogev, Functional encryption for randomized functionalities in the private-key setting from minimal assumptions. J. Cryptol., 31(1), 60–100 (2018)MathSciNetCrossRefzbMATHGoogle Scholar
  47. 47.
    B. Li, D. Micciancio, Compactness vs collusion resistance in functional encryption, in Theory of Cryptography—14th International Conference, TCC (2016), pp. 443–468Google Scholar
  48. 48.
    E. Miles, A. Sahai, M. Zhandry, Annihilation attacks for multilinear maps: cryptanalysis of indistinguishability obfuscation over GGH13, in Advances in Cryptology—CRYPTO (2016), pp. 629–658Google Scholar
  49. 49.
    A. O’Neill, Definitional issues in functional encryption. Cryptology ePrint Archive, Report 2010/556 (2010)Google Scholar
  50. 50.
    C.H. Papadimitriou, On the complexity of the parity argument and other inefficient proofs of existence. J. Comput. Syst. Sci., 48(3), 498-532 (1994)MathSciNetCrossRefzbMATHGoogle Scholar
  51. 51.
    E. Shen, E. Shi, B. Waters, Predicate privacy in encryption systems, in Proceedings of the 6th Theory of Cryptography Conference, TCC (2009), pp. 457–473Google Scholar
  52. 52.
    A. Sahai, B. Waters, Slides on functional encryption (2008). http://www.cs.utexas.edu/~bwaters/presentations/files/functional.ppt
  53. 53.
    A. Sahai, B. Waters, How to use indistinguishability obfuscation: deniable encryption, and more, in Proceedings of the 46th Annual ACM Symposium on Theory of Computing (2014), pp. 475–484Google Scholar
  54. 54.
    B. Waters, A punctured programming approach to adaptively secure functional encryption, in Advances in Cryptology—CRYPTO ’15 (2015), pp. 678–697Google Scholar

Copyright information

© International Association for Cryptologic Research 2019

Authors and Affiliations

  1. 1.Cornell TechNew YorkUSA
  2. 2.School of Computer Science and EngineeringHebrew University of JerusalemJerusalemIsrael

Personalised recommendations