Zeroizing Attacks on Indistinguishability Obfuscation over CLT13
- Cite this paper as:
- Coron JS., Lee M.S., Lepoint T., Tibouchi M. (2017) Zeroizing Attacks on Indistinguishability Obfuscation over CLT13. In: Fehr S. (eds) Public-Key Cryptography – PKC 2017. PKC 2017. Lecture Notes in Computer Science, vol 10174. Springer, Berlin, Heidelberg
In this work, we describe a new polynomial-time attack on the multilinear maps of Coron, Lepoint, and Tibouchi (CLT13), when used in candidate indistinguishability obfuscation (iO) schemes. More specifically, we show that given the obfuscation of the simple branching program that computes the always zero functionality previously considered by Miles, Sahai and Zhandry (Crypto 2016), one can recover the secret parameters of CLT13 in polynomial time via an extension of the zeroizing attack of Coron et al. (Crypto 2015). Our attack is generalizable to arbitrary oblivious branching programs for arbitrary functionality, and allows (1) to recover the secret parameters of CLT13, and then (2) to recover the randomized branching program entirely. Our analysis thus shows that almost all single-input variants of iO over CLT13 are insecure.