Zeroizing Attacks on Indistinguishability Obfuscation over CLT13

  • Jean-Sébastien Coron
  • Moon Sung Lee
  • Tancrède Lepoint
  • Mehdi Tibouchi
Conference paper

DOI: 10.1007/978-3-662-54365-8_3

Part of the Lecture Notes in Computer Science book series (LNCS, volume 10174)
Cite this paper as:
Coron JS., Lee M.S., Lepoint T., Tibouchi M. (2017) Zeroizing Attacks on Indistinguishability Obfuscation over CLT13. In: Fehr S. (eds) Public-Key Cryptography – PKC 2017. PKC 2017. Lecture Notes in Computer Science, vol 10174. Springer, Berlin, Heidelberg

Abstract

In this work, we describe a new polynomial-time attack on the multilinear maps of Coron, Lepoint, and Tibouchi (CLT13), when used in candidate indistinguishability obfuscation (iO) schemes. More specifically, we show that given the obfuscation of the simple branching program that computes the always zero functionality previously considered by Miles, Sahai and Zhandry (Crypto 2016), one can recover the secret parameters of CLT13 in polynomial time via an extension of the zeroizing attack of Coron et al. (Crypto 2015). Our attack is generalizable to arbitrary oblivious branching programs for arbitrary functionality, and allows (1) to recover the secret parameters of CLT13, and then (2) to recover the randomized branching program entirely. Our analysis thus shows that almost all single-input variants of iO over CLT13 are insecure.

Copyright information

© International Association for Cryptologic Research 2017

Authors and Affiliations

  • Jean-Sébastien Coron
    • 1
  • Moon Sung Lee
    • 1
  • Tancrède Lepoint
    • 2
  • Mehdi Tibouchi
    • 3
  1. 1.University of LuxembourgLuxembourg CityLuxembourg
  2. 2.SRI InternationalNew York CityUSA
  3. 3.NTT Secure Platform LaboratoriesTokyoJapan

Personalised recommendations