Cryptology ePrint Archive: Report 2018/533

Quantum Attacks against Indistinguishablility Obfuscators Proved Secure in the Weak Multilinear Map Model

Alice Pellet-Mary

Abstract: We present a quantum polynomial time attack against the GMMSSZ branching program obfuscator of Garg et al. (TCC'16), when instantiated with the GGH13 multilinear map of Garg et al. (EUROCRYPT'13). This candidate obfuscator was proved secure in the weak multilinear map model introduced by Miles et al. (CRYPTO'16). Our attack uses the short principal ideal solver of Cramer et al. (EUROCRYPT'16), to recover a secret element of the GGH13 multilinear map in quantum polynomial time. We then use this secret element to mount a (classical) polynomial time mixed-input attack against the GMMSSZ obfuscator. The main result of this article can hence be seen as a classical reduction from the security of the GMMSSZ obfuscator to the short principal ideal problem (the quantum setting is then only used to solve this problem in polynomial time).

As an additional contribution, we explain how the same ideas can be adapted to mount a quantum polynomial time attack against the DGGMM obfuscator of Döttling et al. (ePrint 2016), which was also proved secure in the weak multilinear map model.

Category / Keywords: Cryptanalysis, Obfuscation

Original Publication (with minor differences): IACR-CRYPTO-2018

Date: received 30 May 2018

Contact author: alice pellet___mary at ens-lyon fr

Available format(s): PDF | BibTeX Citation

Version: 20180604:212500 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]