# Multi-party Key Exchange for Unbounded Parties from Indistinguishability Obfuscation

Conference paper

First Online:

## Abstract

Existing protocols for non-interactive multi-party key exchange either (1) support a bounded number of users, (2) require a trusted setup, or (3) rely on knowledge-type assumptions.

We construct the first non-interactive key exchange protocols which support an unbounded number of parties and have a security proof that does not rely on knowledge assumptions. Our non-interactive key-exchange protocol does not require a trusted setup and extends easily to the identity-based setting. Our protocols suffer only a polynomial loss to the underlying hardness assumptions.

## References

- 1.Abusalah, H., Fuchsbauer, G., Pietrzak, K.: Constrained prfs for unbounded inputs. IACR Cryptology ePrint Archive 2014, p. 840 (2014). http://eprint.iacr.org/2014/840
- 2.Ananth, P., Boneh, D., Garg, S., Sahai, A., Zhandry, M.: Differing-inputs obfuscation and applications. IACR Cryptology ePrint Archive 2013, p. 689 (2013). http://eprint.iacr.org/2013/689
- 3.Barak, B., Goldreich, O., Impagliazzo, R., Rudich, S., Sahai, A., Vadhan, S.P., Yang, K.: On the (im)possibility of obfuscating programs. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, p. 1. Springer, Heidelberg (2001). http://dx.doi.org/10.1007/3-540-44647-8_1 CrossRefGoogle Scholar
- 4.Boneh, D., Silverberg, A.: Applications of multilinear forms to cryptography. IACR Cryptology ePrint Archive 2002, p. 80 (2002). http://eprint.iacr.org/2002/080
- 5.Boneh, D., Waters, B.: Constrained pseudorandom functions and their applications. IACR Cryptology ePrint Archive 2013, p. 352 (2013)Google Scholar
- 6.Boneh, D., Zhandry, M.: Multiparty key exchange, efficient traitor tracing, and more from indistinguishability obfuscation. In: Garay and Gennaro [21], pp. 480–499. http://dx.doi.org/10.1007/978-3-662-44371-2_27
- 7.Boyle, E., Chung, K.-M., Pass, R.: On extractability obfuscation. In: Lindell, Y. (ed.) TCC 2014. LNCS, vol. 8349, pp. 52–73. Springer, Heidelberg (2014). http://dx.doi.org/10.1007/978-3-642-54242-8_3 CrossRefGoogle Scholar
- 8.Boyle, E., Goldwasser, S., Ivan, I.: Functional signatures and pseudorandom functions. IACR Cryptology ePrint Archive 2013, p. 401 (2013)Google Scholar
- 9.Boyle, E., Pass, R.: Limits of extractability assumptions with distributional auxiliary input. IACR Cryptology ePrint Archive 2013, p. 703 (2013). http://eprint.iacr.org/2013/703
- 10.Brakerski, Z., Vaikuntanathan, V.: Efficient fully homomorphic encryption from (standard) LWE. SIAM J. Comput.
**43**(2), 831–871 (2014). http://dx.doi.org/10.1137/120868669 CrossRefzbMATHGoogle Scholar - 11.Canetti, R., Garay, J.A. (eds.): CRYPTO 2013, Part I. LNCS, vol. 8042. Springer, Heidelberg (2013). http://dx.doi.org/10.1007/978-3-642-40041-4 zbMATHGoogle Scholar
- 12.Canetti, R., Lin, H., Tessaro, S., Vaikuntanathan, V.: Obfuscation of probabilistic circuits and applications. In: Dodis and Nielsen [17], pp. 468–497. http://dx.doi.org/10.1007/978-3-662-46497-7_19
- 13.Cash, D., Kiltz, E., Shoup, V.: The twin diffie-hellman problem and applications. J. Cryptol.
**22**(4), 470–504 (2009). http://dx.doi.org/10.1007/s00145-009-9041-6 MathSciNetCrossRefzbMATHGoogle Scholar - 14.Coron, J., Lepoint, T., Tibouchi, M.: Practical multilinear maps over the integers. In: Canetti and Garay [11], pp. 476–493. http://dx.doi.org/10.1007/978-3-642-40041-4_26
- 15.Coron, J., Lepoint, T., Tibouchi, M.: New multilinear maps over the integers. IACR Cryptology ePrint Archive 2015, p. 162 (2015). http://eprint.iacr.org/2015/162
- 16.Diffie, W., Hellman, M.E.: New directions in cryptography. J. IEEE Trans. Inf. Theor.
**22**(6), 644–654 (1976)MathSciNetCrossRefzbMATHGoogle Scholar - 17.Dodis, Y., Nielsen, J.B. (eds.): TCC 2015, Part II. LNCS, vol. 9015. Springer, Heidelberg (2015). http://dx.doi.org/10.1007/978-3-662-46497-7 zbMATHGoogle Scholar
- 18.Dupont, R., Enge, A.: Provably secure non-interactive key distribution based on pairings. Discrete Appl. Math.
**154**(2), 270–276 (2006). http://www.sciencedirect.com/science/article/pii/S0166218X05002337, Coding and CryptographyMathSciNetCrossRefzbMATHGoogle Scholar - 19.Freire, E.S.V., Hofheinz, D., Kiltz, E., Paterson, K.G.: Non-interactive key exchange. IACR Cryptology ePrint Archive 2012, p. 732 (2012). http://eprint.iacr.org/2012/732
- 20.Freire, E.S.V., Hofheinz, D., Paterson, K.G., Striecks, C.: Programmable hash functions in the multilinear setting. In: Canetti and Garay [11], pp. 513–530. http://dx.doi.org/10.1007/978-3-642-40041-4_28
- 21.Garay, J.A., Gennaro, R. (eds.): CRYPTO 2014, Part I. LNCS, vol. 8616. Springer, Heidelberg (2014). http://dx.doi.org/10.1007/978-3-662-44371-2 zbMATHGoogle Scholar
- 22.Garg, S., Gentry, C., Halevi, S.: Candidate multilinear maps from ideal lattices. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 1–17. Springer, Heidelberg (2013) CrossRefGoogle Scholar
- 23.Garg, S., Gentry, C., Halevi, S., Raykova, M., Sahai, A., Waters, B.: Candidate indistinguishability obfuscation and functional encryption for all circuits. In: 54th Annual IEEE Symposium on Foundations of Computer Science, FOCS 2013, October 2013, Berkeley, CA, USA, pp. 40–49, 26–29. IEEE Computer Society (2013). http://dx.doi.org/10.1109/FOCS.2013.13
- 24.Garg, S., Gentry, C., Halevi, S., Raykova, M., Sahai, A., Waters, B.: Candidate indistinguishability obfuscation and functional encryption for all circuits. In: FOCS (2013)Google Scholar
- 25.Garg, S., Gentry, C., Halevi, S., Wichs, D.: On the implausibility of differing-inputs obfuscation and extractable witness encryption with auxiliary input. In: Garay and Gennaro [21], pp. 518–535. http://dx.doi.org/10.1007/978-3-662-44371-2_29
- 26.Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Mitzenmacher, M. (ed.) Proceedings of the 41st Annual ACM Symposium on Theory of Computing, STOC 2009, Bethesda, MD, USA, May 31 - June 2, 2009, pp. 169–178. ACM (2009). http://doi.acm.org/10.1145/1536414.1536440
- 27.Gentry, C., Gorbunov, S., Halevi, S.: Graph-induced multilinear maps from lattices. In: Dodis and Nielsen [17], pp. 498–527. http://dx.doi.org/10.1007/978-3-662-46497-7_20
- 28.Goldreich, O., Goldwasser, S., Micali, S.: How to construct random functions (extended abstract). In: FOCS, pp. 464–479 (1984)Google Scholar
- 29.Hofheinz, D., Jager, T., Khurana, D., Sahai, A., Waters, B., Zhandry, M.: How to generate and use universal parameters. IACR Cryptology ePrint Archive 2014, p. 507 (2014). http://eprint.iacr.org/2014/507
- 30.Hubacek, P., Wichs, D.: On the communication complexity of secure function evaluation with long output. In: Roughgarden, T. (ed.) Proceedings of the 2015 Conference on Innovations in Theoretical Computer Science, ITCS 2015, Rehovot, Israel, January 11–13, 2015, pp. 163–172. ACM (2015). http://doi.acm.org/10.1145/2688073.2688105
- 31.Ishai, Y., Pandey, O., Sahai, A.: Public-coin differing-inputs obfuscation and its applications. In: Dodis and Nielsen [17], pp. 668–697. http://dx.doi.org/10.1007/978-3-662-46497-7_26
- 32.Joux, A.: Public-coin differing-inputs obfuscation and its applications. In: Bosma, W. (ed.) ANTS 2000. LNCS, vol. 1838. Springer, Heidelberg (2000). http://dx.doi.org/10.1007/10722028_23 CrossRefGoogle Scholar
- 33.Kiayias, A., Papadopoulos, S., Triandopoulos, N., Zacharias, T.: Delegatable pseudorandom functions and applications. IACR Cryptology ePrint Archive 2013, p. 379 (2013)Google Scholar
- 34.Koppula, V., Lewko, A.B., Waters, B.: Indistinguishability obfuscation for turing machines with unbounded memory. IACR Cryptology ePrint Archive 2014, p. 925 (2014). http://eprint.iacr.org/2014/925
- 35.Paterson, K.G., Srinivasan, S.: On the relations between non-interactive key distribution, identity-based encryption and trapdoor discrete log groups. Des. Codes Crypt.
**52**(2), 219–241 (2009). http://dx.doi.org/10.1007/s10623-009-9278-y MathSciNetCrossRefzbMATHGoogle Scholar - 36.Rao, V.: Adaptive multiparty non-interactive key exchange without setup in the standard model. IACR Cryptology ePrint Archive 2014, p. 910 (2014). http://eprint.iacr.org/2014/910
- 37.Sahai, A., Waters, B.: How to use indistinguishability obfuscation: deniable encryption, and more. In: Shmoys, D.B. (ed.) Symposium on Theory of Computing, STOC 2014, New York, NY, USA, May 31 - June 03, 2014, pp. 475–484. ACM (2014). http://doi.acm.org/10.1145/2591796.2591825
- 38.Sakai, R., Ohgishi, K., Kasahara, M.: Cryptosystems based on pairing. In: Symposium on Cryptography and Information Security SCIS (2000)Google Scholar
- 39.Yamakawa, T., Yamada, S., Hanaoka, G., Kunihiro, N.: Self-bilinear map on unknown order groups from indistinguishability obfuscation and its applications. Cryptology ePrint Archive, Report 2015/128 (2015). http://eprint.iacr.org/
- 40.Zhandry, M.: Adaptively secure broadcast encryption with small system parameters. IACR Cryptology ePrint Archive 2014, p.757 (2014). http://eprint.iacr.org/2014/757

## Copyright information

© International Association for Cryptologc Research 2015