, Volume 79, Issue 4, pp 1286–1317 | Cite as

Self-Bilinear Map on Unknown Order Groups from Indistinguishability Obfuscation and Its Applications

  • Takashi YamakawaEmail author
  • Shota Yamada
  • Goichiro Hanaoka
  • Noboru Kunihiro


A self-bilinear map is a bilinear map where the domain and target groups are identical. In this paper, we introduce a self-bilinear map with auxiliary information which is a weaker variant of a self-bilinear map, construct it based on indistinguishability obfuscation and prove that a useful hardness assumption holds with respect to our construction under the factoring assumption. From our construction, we obtain a multilinear map with interesting properties: the level of multilinearity is not bounded in the setup phase, and representations of group elements are compact, i.e., their size is independent of the level of multilinearity. This is the first construction of a multilinear map with these properties. Note, however, that to evaluate the multilinear map, auxiliary information is required. As applications of our multilinear map, we construct multiparty non-interactive key-exchange and distributed broadcast encryption schemes where the maximum number of users is not fixed in the setup phase. Besides direct applications of our self-bilinear map, we show that our technique can also be used for constructing somewhat homomorphic encryption based on indistinguishability obfuscation and the \(\varPhi \)-hiding assumption.


Self-bilinear map Indistinguishability obfuscation Multilinear map Factoring assumption 



We would like to thank the anonymous reviewers of CRYPTO 2014 and Algorithmica. We thank members of the study group “Shin-Akarui-Angou-Benkyou-Kai” for their helpful comments. Especially, we would like to thank Satsuya Ohata for his instructive comment on self-bilinear maps, and Takahiro Matsuda and Jacob Schuldt for their detailed proofreading. We also thank Kenny Paterson for his valuable comments. The second author was supported by a JSPS Fellowship for Young Scientists during this work.


  1. 1.
    Ananth, P.V., Gupta, D., Ishai, Y., Sahai, A.: Optimizing obfuscation: avoiding Barrington’s theorem. In: ACM SIGSAC 2014, pp. 646–658 (2014)Google Scholar
  2. 2.
    Barak, B., Garg, S., Kalai, Y.T., Paneth, O., Sahai, A.: Protecting obfuscation against algebraic attacks. In: EUROCRYPT, pp. 221–238 (2014)Google Scholar
  3. 3.
    Barak, B., Goldreich, O., Impagliazzo, R., Rudich, S., Sahai, A., Vadhan, S.P., Yang, K.: On the (im)possibility of obfuscating programs. In: CRYPTO, pp. 1–18 (2001)Google Scholar
  4. 4.
    Bellare, M., Hoang, V.T., Rogaway, P.: Foundations of garbled circuits. In: ACM CCS’12, pp. 784–796 (2012)Google Scholar
  5. 5.
    Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: IEEE Symposium on Security and Privacy, pp. 321–334 (2007)Google Scholar
  6. 6.
    Blum, L., Blum, M., Shub, M.: A simple unpredictable pseudo-random number generator. SIAM J. Comput. 15(2), 364–383 (1986)MathSciNetCrossRefzbMATHGoogle Scholar
  7. 7.
    Boneh, D., Boyen, X.: Efficient selective-ID secure identity-based encryption without random oracles. In: EUROCRYPT, pp. 223–238 (2004)Google Scholar
  8. 8.
    Boneh, D., Franklin, M.K.: Identity-based encryption from the Weil pairing. In: CRYPTO, pp. 213–229 (2001)Google Scholar
  9. 9.
    Boneh, D., Silverberg, A.: Applications of multilinear forms to cryptography. Contemp. Math. 324, 71–90 (2002)MathSciNetCrossRefzbMATHGoogle Scholar
  10. 10.
    Boneh, D., Zhandry, M.: Multiparty key exchange, efficient traitor tracing, and more from indistinguishability obfuscation. In: CRYPTO (2014)Google Scholar
  11. 11.
    Brakerski, Z., Rothblum, G.N.: Virtual black-box obfuscation for all circuits via generic graded encoding. In: TCC, pp. 1–25 (2014)Google Scholar
  12. 12.
    Cheon, J.H., Fouque, P.-A., Lee, C., Minaud, B., Ryu, H.: Cryptanalysis of the new CLT multilinear map over the integers. In: EUROCRYPT 2016 Part I, pp. 509–536 (2016)Google Scholar
  13. 13.
    Cheon, J.H., Han, K., Lee, C., Ryu, H., Stehlé, D.: Cryptanalysis of the multilinear map over the integers. In: EUROCRYPT 2015 Part I, pp. 3–12 (2015)Google Scholar
  14. 14.
    Cheon, J.H., Lee, D.H.: A note on self-bilinear maps. Bull. Korean Math. Soc. 46(2), 303–309 (2009)MathSciNetCrossRefzbMATHGoogle Scholar
  15. 15.
    Coron, J.-S., Lee, M.S., Lepoint, T., Tibouchi, M.: Cryptanalysis of GGH15 multilinear maps. In: CRYPTO 2016 Part II, pp. 607–628 (2016)Google Scholar
  16. 16.
    Coron, J.-S., Lepoint, T., Tibouchi, M.: Practical multilinear maps over the integers. In: CRYPTO (1), pp. 476–493 (2013)Google Scholar
  17. 17.
    Coron, J.-S., Lepoint, T., Tibouchi, M.: New multilinear maps over the integers. In: CRYPTO 2015 Part I, pp. 267–286 (2015)Google Scholar
  18. 18.
    Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644–654 (1976)MathSciNetCrossRefzbMATHGoogle Scholar
  19. 19.
    Garg, S., Gentry, C., Halevi, S.: Candidate multilinear maps from ideal lattices. In: EUROCRYPT, pp. 1–17 (2013)Google Scholar
  20. 20.
    Garg, S., Gentry, C., Halevi, S., Raykova, M.: Two-round secure MPC from indistinguishability obfuscation. In: TCC, pp. 74–94 (2014)Google Scholar
  21. 21.
    Garg, S., Gentry, C., Halevi, S., Raykova, M., Sahai, A., Waters, B.: Candidate indistinguishability obfuscation and functional encryption for all circuits. In: FOCS, pp. 40–49 (2013)Google Scholar
  22. 22.
    Garg, S., Gentry, C., Halevi, S., Sahai, A., Waters, B.: Attribute-based encryption for circuits from multilinear maps. In: CRYPTO (2), pp. 479–499 (2013)Google Scholar
  23. 23.
    Garg, S., Gentry, C., Sahai, A., Waters, B.: Witness encryption and its applications. In: STOC, pp. 467–476 (2013)Google Scholar
  24. 24.
    Garg, S., Miles, E., Mukherjee, P., Sahai, A., Srinivasan, A., Zhandry, M.: Secure obfuscation in a weak multilinear map model. Cryptology ePrint Archive, Report 2016/817. (2016)
  25. 25.
    Gentry, C., Gorbunov, S., Halevi, S.: Graph-induced multilinear maps from lattices. In: TCC 2015 Part II, pp. 498–527 (2015)Google Scholar
  26. 26.
    Gentry, C., Lewko, A.B., Sahai, A., Waters, B.: Indistinguishability obfuscation from the multilinear subgroup elimination assumption. In: FOCS 2015, pp. 151–170 (2015)Google Scholar
  27. 27.
    Goldreich, O., Levin, L.A.: A hard-core predicate for all one-way functions. In: STOC, pp. 25–32 (1989)Google Scholar
  28. 28.
    Goldwasser, S., Gordon, S.D., Goyal, V., Jain, A., Katz, J., Liu, F.-H., Sahai, A., Shi, E., Zhou, H.-S.: Multi-input functional encryption. In: Eurocrypt (2014)Google Scholar
  29. 29.
    Gorbunov, S., Vaikuntanathan, V., Wee, H.: Attribute-based encryption for circuits. In: STOC, pp. 545–554 (2013)Google Scholar
  30. 30.
    Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: ACM Conference on Computer and Communications Security, pp. 89–98 (2006)Google Scholar
  31. 31.
    Groth, J., Ostrovsky, R., Sahai, A.: Perfect non-interactive zero knowledge for NP. In: EUROCRYPT, pp. 339–358 (2006)Google Scholar
  32. 32.
    Groth, J., Sahai, A.: Efficient non-interactive proof systems for bilinear groups. In: EUROCRYPT, pp. 415–432 (2008)Google Scholar
  33. 33.
    Hofheinz, D.: Fully secure constrained pseudorandom functions using random oracles. Cryptology ePrint Archive, Report 2014/372. (2014)
  34. 34.
    Hofheinz, D., Kiltz, E.: The group of signed quadratic residues and applications. In: CRYPTO, pp. 637–653 (2009)Google Scholar
  35. 35.
    Hohenberger, S., Sahai, A., Waters, B.: Replacing a random oracle: full domain hash from indistinguishability obfuscation. In: Eurocrypt (2014)Google Scholar
  36. 36.
    Hu, Y., Jia, H.: Cryptanalysis of GGH map. In: EUROCRYPT 2016 Part I, pp. 537–565 (2016)Google Scholar
  37. 37.
    Joux, A.: A one round protocol for tripartite Diffie–Hellman. In: ANTS, pp. 385–394 (2000)Google Scholar
  38. 38.
    Khurana, D., Rao, V., Sahai, A.: Multi-party key exchange for unbounded parties from indistinguishability obfuscation. In: ASIACRYPT 2015 I, pp. 52–75 (2015)Google Scholar
  39. 39.
    Kiltz, E., O’Neill, A., Smith, A.: Instantiability of RSA-OAEP under chosen-plaintext attack. In: CRYPTO, pp. 295–313 (2010)Google Scholar
  40. 40.
    Mei, Q., Li, B., Lu, X., Jia, D.: Chosen ciphertext secure encryption under factoring assumption revisited. In: Public Key Cryptography, pp. 210–227 (2011)Google Scholar
  41. 41.
    Menezes, A., Okamoto, T., Vanstone, S.A.: Reducing elliptic curve logarithms to logarithms in a finite field. IEEE Trans. Inf. Theory 39(5), 1639–1646 (1993)MathSciNetCrossRefzbMATHGoogle Scholar
  42. 42.
    Pandey, O., Prabhakaran, M., Sahai, A.: Obfuscation-based non-black-box simulation and four message concurrent zero knowledge for NP. In: TCC 2015 Part II, pp. 638–667 (2015)Google Scholar
  43. 43.
    Pass, R., Seth, K., Telang, S.: Indistinguishability obfuscation from semantically-secure multilinear encodings. In: CRYPTO 2014 Part I, pp. 500–517 (2014)Google Scholar
  44. 44.
    Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: EUROCRYPT, pp. 457–473 (2005)Google Scholar
  45. 45.
    Sahai, A., Waters, B.: How to use indistinguishability obfuscation: deniable encryption, and more. In: STOC (2014)Google Scholar
  46. 46.
    Sakai, R., Ohgishi, K., Kasahara, M.: Cryptosystems based on pairing (in Japanese). In: SCIS (2000)Google Scholar
  47. 47.
    Seurin, Y.: New constructions and applications of trapdoor DDH groups. In: Public Key Cryptography, pp. 443–460 (2013)Google Scholar
  48. 48.
    Waters, B.: Efficient identity-based encryption without random oracles. In: EUROCRYPT, pp. 114–127 (2005)Google Scholar

Copyright information

© Springer Science+Business Media New York 2016

Authors and Affiliations

  1. 1.Department of Complexity Science and Engineering, Graduate School of Frontier SciencesThe University of TokyoChibaJapan
  2. 2.Advanced Cryptosystems Research Group, Information Technology Research InstituteNational Institute of Advanced Industrial Science and TechnologyTokyoJapan

Personalised recommendations