Paper 2016/1070

Preventing CLT Attacks on Obfuscation with Linear Overhead

Rex Fernando, Peter M. R. Rasmussen, and Amit Sahai

Abstract

We describe a defense against zeroizing attacks on indistinguishability obfuscation (iO) over the CLT13 multilinear map construction that only causes an additive blowup in the size of the branching program. This defense even applies to the most recent extension of the attack by Coron et al. (ePrint 2016), under which a much larger class of branching programs is vulnerable. To accomplish this, we describe an attack model for the current attacks on iO over CLT13 by distilling an essential common component of all previous attacks. This leads to the notion of a function being input partionable, meaning that the bits of the function’s input can be partitioned into somewhat independent subsets. We find a way to thwart these attacks by requiring a “stamp” to be added to the input of every function. The stamp is a function of the original input and eliminates the possibility of finding the independent subsets of the input necessary for a zeroizing attack. We give three different constructions of such “stamping functions” and prove formally that they each prevent any input partition. We also give details on how to instantiate one of the three functions efficiently in order to secure any branching program against this type of attack. The technique presented alters any branching program obfuscated over CLT13 to be secure against zeroizing attacks with only an additive blowup of the size of the branching program that is linear in the input size and security parameter. We can also apply our defense to a recent extension of annihilation attacks by Chen et al. (EUROCRYPT 2017) on obfuscation over the GGH13 multilinear map construction.

Note: This is a significant revision with a a new construction that dramatically improves the efficiency of our defense along with a lower bound result. Additionally, most of the introduction and the main sections have been rewritten.

Metadata
Available format(s)
PDF
Category
Foundations
Publication info
Preprint. MINOR revision.
Keywords
Multilinear MapsCLT13Indistinguishability ObfuscationZeroizing Attacks
Contact author(s)
rasmussen @ cs ucla edu
History
2017-03-18: revised
2016-11-17: received
See all versions
Short URL
https://ia.cr/2016/1070
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2016/1070,
      author = {Rex Fernando and Peter M.  R.  Rasmussen and Amit Sahai},
      title = {Preventing CLT Attacks on Obfuscation with Linear Overhead},
      howpublished = {Cryptology ePrint Archive, Paper 2016/1070},
      year = {2016},
      note = {\url{https://eprint.iacr.org/2016/1070}},
      url = {https://eprint.iacr.org/2016/1070}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.