In this work, we show that the existence of general-purpose diO with general auxiliary input has a surprising consequence: it implies that a specific circuit $C^*$ with specific auxiliary input $\aux^*$ cannot be obfuscated in a way that hides some specific information. In other words, under the conjecture that such special-purpose obfuscation exists, we show that general-purpose diO cannot exist. We do not know if this special-purpose obfuscation assumption is implied by diO itself, and hence we do not get an unconditional impossibility result. However, the special-purpose obfuscation assumption is a falsifiable assumption which we do not know how to break for candidate obfuscation schemes. Showing the existence of general-purpose diO with general auxiliary input would necessitate showing how to break this assumption.
We also show that the special-purpose obfuscation assumption implies the impossibility of extractable witness encryption with auxiliary input, a notion proposed by Goldwasser et al. (CRYPTO 2013). A variant of this assumption also implies the impossibility of ``output-only dependent'' hardcore bits for general one-way functions, as recently constructed by Bellare and Tessaro (ePrint 2013) using diO.
Category / Keywords: foundations / Original Publication (with minor differences): IACR-CRYPTO-2014 Date: received 22 Dec 2013, last revised 13 Jun 2014 Contact author: wichs at ccs neu edu Available format(s): PDF | BibTeX Citation Version: 20140613:174001 (All versions of this report) Short URL: ia.cr/2013/860 Discussion forum: Show discussion | Start new discussion