AI helps you reading Science

AI generates interpretation videos

AI extracts and analyses the key points of the paper to generate videos automatically


pub
Go Generating

AI Traceability

AI parses the academic lineage of this thesis


Master Reading Tree
Generate MRT

AI Insight

AI extracts a summary of this paper


Weibo:
Work done while the author was an intern at Microsoft Research New England

Protecting Obfuscation Against Algebraic Attacks.

ADVANCES IN CRYPTOLOGY - EUROCRYPT 2014, (2014): 221-238

Cited: 269|Views72
EI

Abstract

Recently, Garg, Gentry, Halevi, Raykova, Sahai, and Waters (FOCS 2013) constructed a general-purpose obfuscating compiler for NC1 circuits. We describe a simplified variant of this compiler, and prove that it is a virtual black box obfuscator in a generic multilinear map model. This improves on Brakerski and Rothblum (eprint 2013) who gav...More

Code:

Data:

Introduction
  • The goal of general-purpose program obfuscation is to make an arbitrary computer program “unintelligible” while preserving its functionality.
  • The work of Goyal et al [10] shows that there exists an oracle that can be implemented with trusted hardware of size that is only a fixed polynomial in the security parameter, with respect to which virtual black-box obfuscation is possible.
  • Once again, the focus of the paper is to consider oracles that abstract the natural algebraic functionality underlying actual plain-model candidates for general-purpose obfuscation.
Highlights
  • The goal of general-purpose program obfuscation is to make an arbitrary computer program “unintelligible” while preserving its functionality
  • Work done while the author was an intern at Microsoft Research New England
  • Work done in part while visiting Microsoft Research, New England
  • Research supported in part from a DARPA/ONR PROCEED award, NSF grants 1228984, 1136174, 1118096, and 1065276, a Xerox Faculty Research Award, a Google Faculty Research Award, an equipment grant from Intel, and an Okawa Foundation Research Grant
  • We prove that the obfuscator O described in Section 5 is a good Virtual Black Box obfuscator for NC1 in the ideal graded encoding model
Results
  • A branching program of width w and length n for -bit inputs is given by a permutation matrix Preject ∈ {0, 1}w×w such that Preject = Iw×w, and by a sequence: BP =
  • Note that by the way the authors defined the set ind(j) for input bit j ∈ [ ], and by the way the elements of Sj are indexed, Siin,bp11(i) ∈ Sinp1(i) and Siin,bp22(i) ∈ Sinp2(i).
  • To show that the zero testing call to the oracle M does not fail the authors need to show that the index set of the elements corresponding to h and h is the entire universe.
  • It follows from Theorem 2.1 that there exist polynomial functions n and w such that on input circuit C ∈ C , the branching program BP computed by O is of size n(|C|), width w(|C|), and computes on (|C|)-bit inputs.
  • To prove that O satisfies the virtual black-box property, the authors construct a simulator Sim that is given 1|C|, the description of an adversary A, and oracle access to the circuit C.
  • Instead the authors show how Sim can efficiently simulate the zero-test queries given oracle access to the circuit C.
  • Each single-input element has a value that depends on a subset of the formal variables that correspond to a specific input to the branching program.
Conclusion
  • Since the values of the α variables are chosen at random by the obfuscation, it is unlikely that the adversary makes a query where the value of two single-input elements “cancel each other” and result in a zero.
  • If the authors think of e as an intermediate element in the evaluation of the branching program on some input x, the input-profile prof(e) represents the partial information that can be inferred about x based on the formal variables that appear in the value of e.
  • Given an input element e, D outputs a set of single-input elements with distinct input-profiles such that e = s∈D(e) s, where the equality between the elements means that their values compute the same function.
Related work
  • Our work deals with analyzing candidate generalpurpose obfuscators in an idealized mathematical model (the generic multilinear model). There has also been recent work suggesting general-purpose obfuscators in idealized mathematical models which currently do not have candidate instantiations in the standard model: the work of [5] describes a general-purpose obfuscator for NC1 in a generic group setting with a group G = G1×G2×G3×G4, where G1 is a pseudo-free Abelian group, G2 and G3 are pseudo-free non-Abelian groups, and G4 is a group supporting Barrington’s theorem, such as S5. In this generic setting, obfuscator described by [5] achieves Virtual Black-Box security. However, no candidate methods for heuristically implementing such a group G are known, and therefore, the work of [5] does not describe a candidate generalpurpose obfuscator at this time, though this may change with future work10.

    We note that question of whether there exists any oracle with respect to which virtual black-box obfuscation for general circuits is possible is a trivial question: one can consider a universal oracle that (1) provides secure encryptions eC for any circuit C to be obfuscated, and (2) given an encrypted circuit

    10 Indeed, one way to obtain a heuristic generic group G is by building it using a general-purpose obfuscator, but this would not be useful for the work of [5], since their goal is a general-purpose obfuscator.

    eC and an input x outputs C(x). The only way we can see this “solution” as being interesting is if one considers implementing this oracle with trusted hardware. The work of Goyal et al [10] shows that there exists an oracle that can be implemented with trusted hardware of size that is only a fixed polynomial in the security parameter, with respect to which virtual black-box obfuscation is possible. However, once again, the focus of our paper is to consider oracles that abstract the natural algebraic functionality underlying actual plain-model candidates for general-purpose obfuscation.
Funding
  • Research conducted while at the IBM Research, T.J.Watson funded by NSF Grant No.1017660
  • This material is based upon work supported by the Defense Advanced Research Projects Agency through the U.S Office of Naval Research under Contract N00014-11-1-0389
Reference
  • Barak, B., Garg, S., Kalai, Y.T., Paneth, O., Sahai, A.: Protecting obfuscation against algebraic attacks. Cryptology ePrint Archive, Report 2013/631 (2013), http://eprint.iacr.org/
    Locate open access versionFindings
  • Barak, B., Goldreich, O., Impagliazzo, R., Rudich, S., Sahai, A., Vadhan, S.P., Yang, K.: On the (im)possibility of obfuscating programs. IACR Cryptology ePrint Archive 2001, 69 (2001)
    Google ScholarLocate open access versionFindings
  • Barrington, D.A.: Bounded-width polynomial-size branching programs recognize exactly those languages in nc1. In: STOC (1986)
    Google ScholarFindings
  • Brakerski, Z., Rothblum, G.N.: Virtual black-box obfuscation for all circuits via generic graded encoding. Cryptology ePrint Archive, Report 2013/563 (2013), http://eprint.iacr.org/
    Locate open access versionFindings
  • Canetti, R., Vaikuntanathan, V.: Obfuscating branching programs using black-box pseudo-free groups. Cryptology ePrint Archive (2013)
    Google ScholarLocate open access versionFindings
  • Coron, J.-S., Lepoint, T., Tibouchi, M.: Practical multilinear maps over the integers. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part I. LNCS, vol. 8042, pp. 476–493. Springer, Heidelberg (2013)
    Google ScholarLocate open access versionFindings
  • Diffie, W., Hellman, M.E.: Multiuser cryptographic techniques. In: AFIPS National Computer Conference, pp. 109–112 (1976)
    Google ScholarLocate open access versionFindings
  • Garg, S., Gentry, C., Halevi, S.: Candidate multilinear maps from ideal lattices. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 1–17.
    Google ScholarLocate open access versionFindings
  • Garg, S., Gentry, C., Halevi, S., Raykova, M., Sahai, A., Waters, B.: Candidate indistinguishability obfuscation and functional encryption for all circuits. Cryptology ePrint Archive, Report 2013/451 (2013), http://eprint.iacr.org/
    Locate open access versionFindings
  • Goyal, V., Ishai, Y., Sahai, A., Venkatesan, R., Wadia, A.: Founding cryptography on tamper-proof hardware tokens. In: Micciancio, D. (ed.) TCC 20LNCS, vol. 5978, pp. 308–326. Springer, Heidelberg (2010)
    Google ScholarLocate open access versionFindings
  • Hada, S.: Zero-knowledge and code obfuscation. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 443–457. Springer, Heidelberg (2000)
    Google ScholarLocate open access versionFindings
  • Kilian, J.: Founding cryptography on oblivious transfer. In: Simon, J. (ed.) STOC, pp. 20–31. ACM (1988)
    Google ScholarLocate open access versionFindings
0
Your rating :

No Ratings

Tags
Comments
数据免责声明
页面数据均来自互联网公开来源、合作出版商和通过AI技术自动分析结果,我们不对页面数据的有效性、准确性、正确性、可靠性、完整性和及时性做出任何承诺和保证。若有疑问,可以通过电子邮件方式联系我们:report@aminer.cn