Paper 2021/889

Counterexamples to New Circular Security Assumptions Underlying iO

Sam Hopkins, Aayush Jain, and Huijia Lin


We study several strengthening of classical circular security assumptions which were recently introduced in four new lattice-based constructions of indistinguishability obfuscation: Brakerski-Döttling-Garg-Malavolta (Eurocrypt 2020), Gay-Pass (STOC 2021), Brakerski-Döttling-Garg-Malavolta (Eprint 2020) and Wee-Wichs (Eprint 2020). We provide explicit counterexamples to the {\em $2$-circular shielded randomness leakage} assumption w.r.t.\ the Gentry-Sahai-Waters fully homomorphic encryption scheme proposed by Gay-Pass, and the {\em homomorphic pseudorandom LWE samples} conjecture proposed by Wee-Wichs. Our work suggests a separation between classical circular security of the kind underlying un-levelled fully-homomorphic encryption from the strengthened versions underlying recent iO constructions, showing that they are not (yet) on the same footing. Our counterexamples exploit the flexibility to choose specific implementations of circuits, which is explicitly allowed in the Gay-Pass assumption and unspecified in the Wee-Wichs assumption. Their indistinguishabilty obfuscation schemes are still unbroken. Our work shows that the assumptions, at least, need refinement. In particular, generic leakage-resilient circular security assumptions are delicate, and their security is sensitive to the specific structure of the leakages involved.

Available format(s)
Public-key cryptography
Publication info
Preprint. MINOR revision.
Indistinguishability Obfuscation
Contact author(s)
sam bkh @ gmail com
aayushjain1728 @ gmail com
rachel @ cs washington edu
2021-06-29: received
Short URL
Creative Commons Attribution


      author = {Sam Hopkins and Aayush Jain and Huijia Lin},
      title = {Counterexamples to New Circular Security Assumptions Underlying iO},
      howpublished = {Cryptology ePrint Archive, Paper 2021/889},
      year = {2021},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.