Advertisement

Obfuscation from Low Noise Multilinear Maps

  • Nico Döttling
  • Sanjam Garg
  • Divya Gupta
  • Peihan Miao
  • Pratyay Mukherjee
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11356)

Abstract

Multilinear maps enable homomorphic computation on encoded values and a public procedure to check if the computation on the encoded values results in a zero. Encodings in known candidate constructions of multilinear maps have a (growing) noise component, which is crucial for security. For example, noise in GGH13 multilinear maps grows with the number of levels that need to be supported and must remain below the maximal noise supported by the multilinear map for correctness. A smaller maximal noise, which must be supported, is desirable both for reasons of security and efficiency.

In this work, we put forward new candidate constructions of obfuscation for which the maximal supported noise is polynomial (in the security parameter). Our constructions are obtained by instantiating a modification of Lin’s obfuscation construction (EUROCRYPT 2016) with composite order variants of the GGH13 multilinear maps. For these schemes, we show that the maximal supported noise only needs to grow polynomially in the security parameter. We prove the security of these constructions in the weak multilinear map model that captures all known vulnerabilities of GGH13 maps. Finally, we investigate the security of the considered composite order variants of GGH13 multilinear maps from a cryptanalytic standpoint.

References

  1. 1.
    Agrawal, S., Gentry, C., Halevi, S., Sahai, A.: Discrete Gaussian leftover hash lemma over infinite domains. Cryptology ePrint Archive, Report 2012/714 (2012)Google Scholar
  2. 2.
    Aharonov, D., Regev, O.: Lattice problems in Np cap coNp. J. ACM 52(5), 749–765 (2005)MathSciNetCrossRefGoogle Scholar
  3. 3.
    Albrecht, M., Bai, S., Ducas, L.: A subfield lattice attack on overstretched NTRU assumptions. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 153–178. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53018-4_6CrossRefGoogle Scholar
  4. 4.
    Ananth, P., Sahai, A.: Projective arithmetic functional encryption and indistinguishability obfuscation from degree-5 multilinear maps. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10210, pp. 152–181. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-56620-7_6CrossRefGoogle Scholar
  5. 5.
    Ananth, P.V., Gupta, D., Ishai, Y., Sahai, A.: Optimizing obfuscation: avoiding Barrington’s theorem. In: Ahn, G.-J., Yung, M., Li, N. (eds.) ACM CCS 14, pp. 646–658. ACM Press, November 2014Google Scholar
  6. 6.
    Applebaum, B., Brakerski, Z.: Obfuscating circuits via composite-order graded encoding. In: Dodis, Y., Nielsen, J.B. (eds.) TCC 2015. LNCS, vol. 9015, pp. 528–556. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-46497-7_21CrossRefGoogle Scholar
  7. 7.
    Badrinarayanan, S., Miles, E., Sahai, A., Zhandry, M.: Post-zeroizing obfuscation: new mathematical tools, and the case of evasive circuits. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9666, pp. 764–791. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-49896-5_27CrossRefGoogle Scholar
  8. 8.
    Barak, B., Garg, S., Kalai, Y.T., Paneth, O., Sahai, A.: Protecting obfuscation against algebraic attacks. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 221–238. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-642-55220-5_13CrossRefGoogle Scholar
  9. 9.
    Boneh, D., Freeman, D.M.: Linearly homomorphic signatures over binary fields and new tools for lattice-based signatures. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 1–16. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-19379-8_1CrossRefGoogle Scholar
  10. 10.
    Boneh, D., Silverberg, A.: Applications of multilinear forms to cryptography. Cryptology ePrint Archive, Report 2002/080 (2002). http://eprint.iacr.org/2002/080
  11. 11.
    Brakerski, Z., Dagmi, O.: Shorter circuit obfuscation in challenging security models. Cryptology ePrint Archive, Report 2016/418 (2016). http://eprint.iacr.org/2016/418
  12. 12.
    Brakerski, Z., Rothblum, G.N.: Virtual black-box obfuscation for all circuits via generic graded encoding. In: Lindell, Y. (ed.) TCC 2014. LNCS, vol. 8349, pp. 1–25. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-642-54242-8_1CrossRefGoogle Scholar
  13. 13.
    Canetti, R., Lin, H., Tessaro, S., Vaikuntanathan, V.: Obfuscation of probabilistic circuits and applications. In: Dodis, Y., Nielsen, J.B. (eds.) TCC 2015. LNCS, vol. 9015, pp. 468–497. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-46497-7_19CrossRefzbMATHGoogle Scholar
  14. 14.
    Cheon, J.H., Han, K., Lee, C., Ryu, H., Stehlé, D.: Cryptanalysis of the multilinear map over the integers. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 3–12. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-46800-5_1CrossRefGoogle Scholar
  15. 15.
    Coron, J.-S., et al.: Zeroizing without low-level zeroes: new MMAP attacks and their limitations. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9215, pp. 247–266. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-47989-6_12CrossRefGoogle Scholar
  16. 16.
    Coron, J.-S., Lee, M.S., Lepoint, T., Tibouchi, M.: Cryptanalysis of GGH15 multilinear maps. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9815, pp. 607–628. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53008-5_21CrossRefGoogle Scholar
  17. 17.
    Coron, J.-S., Lepoint, T., Tibouchi, M.: Practical multilinear maps over the integers. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 476–493. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-40041-4_26CrossRefGoogle Scholar
  18. 18.
    Coron, J.-S., Lepoint, T., Tibouchi, M.: New multilinear maps over the integers. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9215, pp. 267–286. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-47989-6_13CrossRefGoogle Scholar
  19. 19.
    Döttling, N., Garg, S., Gupta, D., Miao, P., Mukherjee, P.: Obfuscation from low noise multilinear maps. Cryptology ePrint Archive, Report 2016/599 (2016). http://eprint.iacr.org/2016/599
  20. 20.
    Ducas, L., Nguyen, P.Q.: Learning a zonotope and more: cryptanalysis of NTRUSign countermeasures. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 433–450. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-34961-4_27CrossRefGoogle Scholar
  21. 21.
    Ducas, L., Pellet-Mary, A.: On the statistical leak of the GGH13 multilinear map and some variants. IACR Cryptology ePrint Archive, 2017:482 (2017). http://eprint.iacr.org/2017/482
  22. 22.
    Gama, N., Nguyen, P.Q., Regev, O.: Lattice enumeration using extreme pruning. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 257–278. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-13190-5_13CrossRefGoogle Scholar
  23. 23.
    Sanjam Garg. Candidate Multilinear Maps. Association for Computing Machinery and Morgan & Claypool, New York, NY, USA (2015)Google Scholar
  24. 24.
    Garg, S., Gentry, C., Halevi, S.: Candidate multilinear maps from ideal lattices. Cryptology ePrint Archive, Report 2012/610 (2012). http://eprint.iacr.org/2012/610
  25. 25.
    Garg, S., Gentry, C., Halevi, S.: Candidate multilinear maps from ideal lattices. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 1–17. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-38348-9_1CrossRefGoogle Scholar
  26. 26.
    Garg, S., Gentry, C., Halevi, S., Raykova, M., Sahai, A., Waters, B.: Candidate indistinguishability obfuscation and functional encryption for all circuits. In: 54th FOCS, pp. 40–49. IEEE Computer Society Press, October 2013Google Scholar
  27. 27.
    Garg, S., Miles, E., Mukherjee, P., Sahai, A., Srinivasan, A., Zhandry, M.: Secure obfuscation in a weak multilinear map model. In: Hirt, M., Smith, A. (eds.) TCC 2016. LNCS, vol. 9986, pp. 241–268. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53644-5_10CrossRefGoogle Scholar
  28. 28.
    Gentry, C., Gorbunov, S., Halevi, S.: Graph-induced multilinear maps from lattices. In: Dodis, Y., Nielsen, J.B. (eds.) TCC 2015. LNCS, vol. 9015, pp. 498–527. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-46497-7_20CrossRefGoogle Scholar
  29. 29.
    Gentry, C., Lewko, A., Waters, B.: Witness encryption from instance independent assumptions. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8616, pp. 426–443. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-44371-2_24CrossRefGoogle Scholar
  30. 30.
    Gentry, C., Lewko, A.B., Sahai, A., Waters, B.: Indistinguishability obfuscation from the multilinear subgroup elimination assumption. In: Guruswami, V. (ed.) 56th FOCS, pp. 151–170. IEEE Computer Society Press, October 2015.  https://doi.org/10.1109/FOCS.2015.19
  31. 31.
    Gentry, C., Lewko, A.B., Waters, B.: Witness encryption from instance independent assumptions. Cryptology ePrint Archive, Report 2014/273 (2014). http://eprint.iacr.org/2014/273
  32. 32.
    Gentry, C., Peikert, C., Vaikuntanathan, V.: Trapdoors for hard lattices and new cryptographic constructions. In: STOC, pp. 197–206 (2008)Google Scholar
  33. 33.
    Gentry, C., Szydlo, M.: Cryptanalysis of the revised NTRU signature scheme. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 299–320. Springer, Heidelberg (2002).  https://doi.org/10.1007/3-540-46035-7_20CrossRefGoogle Scholar
  34. 34.
    Hu, Y., Jia, H.: Cryptanalysis of GGH map. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9665, pp. 537–565. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-49890-3_21CrossRefGoogle Scholar
  35. 35.
    Kirchner, P., Fouque, P.-A.: Comparison between subfield and straightforward attacks on NTRU. IACR Cryptology ePrint Archive 2016:717 (2016)Google Scholar
  36. 36.
    Klein, P.N.: Finding the closest lattice vector when it’s unusually close. In: Shmoys, D.B. (ed.) 11th SODA, pp. 937–941. ACM-SIAM, January 2000Google Scholar
  37. 37.
    Langlois, A., Stehlé, D., Steinfeld, R.: GGHLite: more efficient multilinear maps from ideal lattices. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 239–256. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-642-55220-5_14CrossRefGoogle Scholar
  38. 38.
    Lenstra, A.K., Lenstra, H.W., Lovász, L.: Factoring polynomials with rational coefficients. Mathe. Ann. 261(4), 515–534 (1982)MathSciNetCrossRefGoogle Scholar
  39. 39.
    Lin, H.: Indistinguishability obfuscation from constant-degree graded encoding schemes. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9665, pp. 28–57. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-49890-3_2CrossRefGoogle Scholar
  40. 40.
    Lin, H.: Indistinguishability obfuscation from SXDH on 5-linear maps and locality-5 PRGs. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10401, pp. 599–629. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-63688-7_20CrossRefGoogle Scholar
  41. 41.
    Lin, H., Tessaro, S.: Indistinguishability obfuscation from trilinear maps and block-wise local PRGs. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10401, pp. 630–660. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-63688-7_21CrossRefGoogle Scholar
  42. 42.
    Lin, H., Vaikuntanathan, V.: Indistinguishability obfuscation from DDH-like assumptions on constant-degree graded encodings. Cryptology ePrint Archive, Report 2016/795 (2016). http://eprint.iacr.org/2016/795
  43. 43.
    Micciancio, D., Regev, O.: Worst-case to average-case reductions based on Gaussian measures. In: 45th FOCS, pp. 372–381. IEEE Computer Society Press, October 2004Google Scholar
  44. 44.
    Miles, E., Sahai, A., Zhandry, M.: Annihilation attacks for multilinear maps: cryptanalysis of indistinguishability obfuscation over GGH13. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9815, pp. 629–658. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53008-5_22CrossRefGoogle Scholar
  45. 45.
    Nguyen, P.Q., Regev, O.: Learning a parallelepiped: cryptanalysis of GGH and NTRU signatures. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 271–288. Springer, Heidelberg (2006).  https://doi.org/10.1007/11761679_17CrossRefGoogle Scholar
  46. 46.
    Pass, R., Seth, K., Telang, S.: Indistinguishability obfuscation from semantically-secure multilinear encodings. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8616, pp. 500–517. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-44371-2_28CrossRefGoogle Scholar
  47. 47.
    Peikert, C.: An efficient and parallel gaussian sampler for lattices. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 80–97. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-14623-7_5CrossRefGoogle Scholar
  48. 48.
    Regev, O.: New lattice-based cryptographic constructions. J. ACM 51(6), 899–942 (2004)MathSciNetCrossRefGoogle Scholar
  49. 49.
    Schnorr, C.P., Euchner, M.: Lattice basis reduction: improved practical algorithms and solving subset sum problems. Math. Program., 181–191 (1993)MathSciNetCrossRefGoogle Scholar
  50. 50.
    Stehlé, D., Steinfeld, R.: Making NTRU as secure as worst-case problems over ideal lattices. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 27–47. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-20465-4_4CrossRefGoogle Scholar
  51. 51.
    Zimmerman, J.: How to obfuscate programs directly. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 439–467. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-46803-6_15CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  • Nico Döttling
    • 1
  • Sanjam Garg
    • 2
  • Divya Gupta
    • 3
  • Peihan Miao
    • 2
  • Pratyay Mukherjee
    • 4
  1. 1.Center of IT-Security, Privacy and AccountabilitySaarbrückenGermany
  2. 2.University of CaliforniaBerkeleyUSA
  3. 3.Microsoft Research IndiaBengaluruIndia
  4. 4.Visa ResearchPalo AltoUSA

Personalised recommendations