Paper 2024/1742

Pseudorandom Obfuscation and Applications

Pedro Branco, Bocconi University
Nico Döttling, Helmholtz Center for Information Security
Abhishek Jain, NTT Research, John Hopkins University
Giulio Malavolta, Bocconi University
Surya Mathialagan, Massachusetts Institute of Technology
Spencer Peters, Cornell University
Vinod Vaikuntanathan, Massachusetts Institute of Technology
Abstract

We introduce the notion of pseudorandom obfuscation (PRO), a way to obfuscate (keyed) pseudorandom functions $f_K$ in an average-case sense. We introduce several variants of pseudorandom obfuscation and show constructions and applications. For some of our applications that can be achieved using full-fledged indistinguishability obfuscation (iO), we show constructions using lattice-based assumptions alone; the other applications we enable using PRO are simply not known even assuming iO. We briefly summarize our contributions below. - Constructions of PRO: We show how to construct the strongest version of PRO, assuming the sub-exponential hardness of the learning with errors (LWE) problem, and of the evasive LWE problem (Wee, EUROCRYPT 2022; Tsabary, CRYPTO 2022). - Applications outside the iO World: We show how to construct a succinct witness encryption scheme from PRO, where the size of the ciphertext is independent of the witness size. Such a witness encryption scheme is not known to exist even assuming iO. - Applications in the iO World: Our weakest variant of pseudorandom obfuscation, named obfuscation for identical pseudorandom functions (iPRO), is weaker than iO: rather than obfuscating arbitrary circuits as in iO, iPRO only obfuscates circuits computing pseudorandom functions. We show that iPRO already enables several applications of iO, such as unleveled fully homomorphic encryption (without assuming circular security) and succinct randomized encodings. - From iPRO to iO: Despite being a seemingly weaker notion than iO, we show two pathways to constructing full-fledged iO from iPRO. Our first construction builds iO from iPRO and (standard assumptions on) cryptographic bilinear maps. Combined with our construction of iPRO, this gives us a construction of iO from a new combination of assumptions, namely LWE, evasive LWE and bilinear maps. Our second construction builds iO (and even ideal obfuscation) from iPRO in the pseudorandom oracle model (Jain, Lin, Luo and Wichs, CRYPTO 2023). To our knowledge, this is the first purely lattice-based, and hence plausibly post-quantum secure, construction of iO with a proof of security from LWE and evasive LWE. Finally, we highlight some barriers in achieving the strongest version of pseudorandom obfuscation.

Metadata
Available format(s)
PDF
Category
Foundations
Publication info
Preprint.
Contact author(s)
pedrodemelobranco @ gmail com
nico doettling @ gmail com
abhishek jain @ ntt-research com
giulio malavolta @ hotmail it
smathi @ mit edu
sp2473 @ cornell edu
vinodv @ mit edu
History
2024-10-28: approved
2024-10-25: received
See all versions
Short URL
https://ia.cr/2024/1742
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2024/1742,
      author = {Pedro Branco and Nico Döttling and Abhishek Jain and Giulio Malavolta and Surya Mathialagan and Spencer Peters and Vinod Vaikuntanathan},
      title = {Pseudorandom Obfuscation and Applications},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/1742},
      year = {2024},
      url = {https://eprint.iacr.org/2024/1742}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.