Cryptology ePrint Archive: Report 2015/627

On Necessary Padding with IO

Justin Holmgren

Abstract: We show that the common proof technique of padding a circuit before IO obfuscation is sometimes necessary. That is, assuming indistinguishability obfuscation (IO) and one-way functions exist, we define samplers Sam_0, which outputs (aux_0, C_0), and Sam_1, which outputs (aux_1, C_1) such that:

- The distributions (aux_0, iO(C_0)) and (aux_1, iO(C_1)) are perfectly distinguishable.

- For padding s = poly(lambda)$, the distributions (aux_0, iO(C_0||0^s)) and (aux_1, iO(C_1||0^s)) are computationally indistinguishable.

We note this refutes the recent "Superfluous Padding Assumption" of Brzuska and Mittelbach.

Category / Keywords: indistinguishability obfuscation, padding

Date: received 23 Jun 2015, last revised 14 Aug 2015

Contact author: holmgren at csail mit edu

Available format(s): PDF | BibTeX Citation

Note: updated related work

Version: 20150814:103102 (All versions of this report)

Short URL: ia.cr/2015/627

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]