360 likes | 511 Views
Protecting Obfuscation Against Algebraic Attacks. Boaz Barak Sanjam Garg Yael Tauman Kalai Omer Paneth Amit Sahai. Program Obfuscation . Obfuscation. Public Key. Virtual Black-Box (VBB). [ Barak- Goldreich - Impagliazzo - Rudich - Sahai - Vadhan -Yang 01].
E N D
Protecting Obfuscation Against Algebraic Attacks Boaz Barak SanjamGarg Yael Tauman Kalai Omer Paneth Amit Sahai
Program Obfuscation Obfuscation Public Key
Virtual Black-Box (VBB) [Barak-Goldreich-Impagliazzo-Rudich-Sahai-Vadhan-Yang 01] Algorithm is an obfuscator for a class if: For every PPT adversary there exists a PPT simulator such that for every :
VBB Impossibility [Barak-Goldreich-Impagliazzo-Rudich-Sahai-Vadhan-Yang 01] There exists contrived “unobfuscatable” programs. Code of a program equivalent to Secret Execute on itself Secret
First Candidate Obfuscation [Garg-Gentry-Halevi-Raykova-Sahai-Waters 13] What is the security of the candidate? Assumption: The [GGHRSW13] obfuscator is an Indistingushability Obfuscator. No known attacks except [BGIRSVY01]. Indistinguishability Obfuscation(): For every pair of equivalent circuits :
This Work A variant of the [GGHRSW13] obfuscator is VBB for all circuits in a generic model (underlying algebra is idealized)
Multilinear Maps [Boneh-Silverberg 03, Garg-Gentry-Halevi 13] Encoding of under a set . • iff Idealy: any other operation is hard.
The Generic MM Model Add Multiply ZT ?
Our Result Virtual Black-Box obfuscation in the generic MM model: For . For assuming LWE.
Avoiding VBB Impossibility In the Generic MM Model Code of a program equivalent to Secret Add Mul ZT Execute on itself Secret
Interpretation Secure obfuscation against “algebraic attacks”. Warning:Non-algebraic attacks do exist [BGIRSVY01].
Interpretation II This Work: VBB with Generic MultilinearMaps Multi-Message Semantically-Secure Multilinear Maps [Pass-Seth-Telang 13] for P/Poly (assuming LWE) [Pass-Seth-Telang 13] Virtual gray-box obfuscation for [Bitansky-Canetti-Kalai-P 14].
Previous Works [Canetti-Vaikuntanathan13] [GGHRSW13] VBB from Black-Box Pseudo-Free Groups in the Generic Colored Matrix Model [Brakerski-Rothblum13] This Work in the Generic MM Model VBB in the Generic MM Model [Brakerski-Rothblum13] Assuming BSH
The Construction • Construction for via branching programs • Bootstrap to P/Poly assuming LWE (leveled-FHE with decryption in )
Branching Programs Program: Input:
BP Evaluation Program: or Input: Output:
Obfuscating BP • Randomizing [Kilian 88] • Encoding
Step 1: Randomizing Program: or Input: Output:
Step 1: Randomizing Program: or Input: Output:
Step 2: Encoding Program: Obfuscation includes the encodings:
Simulation Outline Test every monomial separately: By querying
Problems 1. Inconsistent monomials: 2. Too many monomials:
Straddling Set System -matrices -matrices
Dual-Input BP Input: