### Polynomial-Time Cryptanalysis of the Subspace Flooding Assumption for Post-Quantum $i\mathcal{O}$

##### Abstract

Indistinguishability Obfuscation $(i\mathcal{O})$ is a highly versatile primitive implying a myriad advanced cryptographic applications. Up until recently, the state of feasibility of $i\mathcal{O}$ was unclear, which changed with works (Jain-Lin-Sahai STOC 2021, Jain-Lin-Sahai Eurocrypt 2022) showing that $i\mathcal{O}$ can be finally based upon well-studied hardness assumptions. Unfortunately, one of these assumptions is broken in quantum polynomial time. Luckily, the line work of Brakerski et al. Eurocrypt 2020, Gay-Pass STOC 2021, Wichs-Wee Eurocrypt 2021, Brakerski et al. ePrint 2021, Devadas et al. TCC 2021 simultaneously created new pathways to construct $i\mathcal{O}$ with plausible post-quantum security from new assumptions, namely a new form of circular security of LWE in the presence of leakages. At the same time, effective cryptanalysis of this line of work has also begun to emerge (Hopkins et al. Crypto 2021). It is important to identify the simplest possible conjectures that yield post-quantum $i\mathcal{O}$ and can be understood through known cryptanalytic tools. In that spirit, and in light of the cryptanalysis of Hopkins et al., recently Devadas et al. gave an elegant construction of $i\mathcal{O}$ from a fully-specified and simple-to-state assumption along with a thorough initial cryptanalysis. Our work gives a polynomial-time distinguisher on their "final assumption" for their scheme. Our algorithm is extremely simple to describe: Solve a carefully designed linear system arising out of the assumption. The argument of correctness of our algorithm, however, is nontrivial. We also analyze the "T-sum" version of the same assumption described by Devadas et. al. and under a reasonable conjecture rule out the assumption for any value of $T$ that implies $i\mathcal{O}$.

Available format(s)
Category
Attacks and cryptanalysis
Publication info
Preprint.
Keywords
indistinguishability obfuscation cryptanalysis
Contact author(s)
aayushja @ andrew cmu edu
rachel @ cs washington edu
pslou @ cs ucla edu
sahai @ cs ucla edu
History
2022-11-25: approved
See all versions
Short URL
https://ia.cr/2022/1637

CC BY

BibTeX

@misc{cryptoeprint:2022/1637,
author = {Aayush Jain and Huijia Lin and Paul Lou and Amit Sahai},
title = {Polynomial-Time Cryptanalysis of the Subspace Flooding Assumption for Post-Quantum $i\mathcal{O}$},
howpublished = {Cryptology ePrint Archive, Paper 2022/1637},
year = {2022},
note = {\url{https://eprint.iacr.org/2022/1637}},
url = {https://eprint.iacr.org/2022/1637}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.