Cryptology ePrint Archive: Report 2020/1024

Factoring and Pairings are not Necessary for iO: Circular-Secure LWE Suffices

Zvika Brakerski and Nico Döttling and Sanjam Garg and Giulio Malavolta

Abstract: We construct indistinguishability obfuscation (iO) solely under circular-security properties of encryption schemes based on the Learning with Errors (LWE) problem. Circular-security assumptions were used before to construct (non-leveled) fully-homomorphic encryption (FHE), but our assumption is stronger and requires circular randomness-leakage-resilience. In contrast with prior works, this assumption can be conjectured to be post-quantum secure; yielding the first provably secure iO construction that is (plausibly) post-quantum secure.

Our work follows the high-level outline of the recent work of Gay and Pass [ePrint 2020], who showed a way to remove the heuristic step from the homomorphic-encryption based iO approach of Brakerski, D\"ottling, Garg, and Malavolta [EUROCRYPT 2020]. They thus obtain a construction proved secure under circular security assumption of natural homomorphic encryption schemes --- specifically, they use homomorphic encryption schemes based on LWE and DCR, respectively. In this work we show how to remove the DCR assumption and remain with a scheme based on the circular security of LWE alone. Along the way we relax some of the requirements in the Gay-Pass blueprint and thus obtain a scheme that is secure under a relaxed assumption. Specifically, we do not require security in the presence of a key-cycle, but rather only in the presence of a key-randomness cycle.

Category / Keywords: foundations / obfuscation, LWE

Date: received 25 Aug 2020, last revised 10 Oct 2020

Contact author: giulio malavolta at hotmail it

Available format(s): PDF | BibTeX Citation

Version: 20201010:062504 (All versions of this report)

Short URL: ia.cr/2020/1024