Obfustopia Built on Secret-Key Functional Encryption

IF 2.3 3区计算机科学 Q2 COMPUTER SCIENCE, THEORY & METHODS

Journal of Cryptology Pub Date : 2022-06-03 DOI:10.1007/s00145-022-09429-z

Fuyuki Kitagawa, Ryo Nishimaki, Keisuke Tanaka

{"title":"Obfustopia Built on Secret-Key Functional Encryption","authors":"Fuyuki Kitagawa, Ryo Nishimaki, Keisuke Tanaka","doi":"10.1007/s00145-022-09429-z","DOIUrl":null,"url":null,"abstract":"<p>We show that indistinguishability obfuscation (IO) for all circuits can be constructed solely from secret-key functional encryption (SKFE). In the construction, SKFE needs to be secure against an unbounded number of functional key queries, that is, collusion-resistant. Our strategy is to replace public-key functional encryption (PKFE) in the construction of IO proposed by Bitansky and Vaikuntanathan (FOCS 2015) with <i>puncturable SKFE</i>. Bitansky and Vaikuntanathan introduced the notion of puncturable SKFE and observed that the strategy works. However, it has not been clear whether we can construct puncturable SKFE without assuming PKFE. In particular, it has not been known whether puncturable SKFE can be constructed from standard SKFE. In this work, we show that a relaxed variant of puncturable SKFE can be constructed from collusion-resistant SKFE. Moreover, we show that the relaxed variant of puncturable SKFE is sufficient for constructing IO. Ananth and Jain (CRYPTO 2015) also proposed an IO construction from PKFE. However, their strategy is different from that of Biransky and Vaikuntanathan. In addition, we also study the relation of collusion-resistance and succinctness for SKFE. Functional encryption is said to be weakly succinct if the size of its encryption circuit is sub-linear in the size of functions. We show that collusion-resistant SKFE can be constructed from weakly succinct SKFE supporting only one functional key. By combining the above two results, we show that IO for all circuits can be constructed from weakly succinct SKFE supporting only one functional key.</p>","PeriodicalId":54849,"journal":{"name":"Journal of Cryptology","volume":"107 3","pages":""},"PeriodicalIF":2.3000,"publicationDate":"2022-06-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Cryptology","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1007/s00145-022-09429-z","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}

引用次数: 0

Abstract

We show that indistinguishability obfuscation (IO) for all circuits can be constructed solely from secret-key functional encryption (SKFE). In the construction, SKFE needs to be secure against an unbounded number of functional key queries, that is, collusion-resistant. Our strategy is to replace public-key functional encryption (PKFE) in the construction of IO proposed by Bitansky and Vaikuntanathan (FOCS 2015) with puncturable SKFE. Bitansky and Vaikuntanathan introduced the notion of puncturable SKFE and observed that the strategy works. However, it has not been clear whether we can construct puncturable SKFE without assuming PKFE. In particular, it has not been known whether puncturable SKFE can be constructed from standard SKFE. In this work, we show that a relaxed variant of puncturable SKFE can be constructed from collusion-resistant SKFE. Moreover, we show that the relaxed variant of puncturable SKFE is sufficient for constructing IO. Ananth and Jain (CRYPTO 2015) also proposed an IO construction from PKFE. However, their strategy is different from that of Biransky and Vaikuntanathan. In addition, we also study the relation of collusion-resistance and succinctness for SKFE. Functional encryption is said to be weakly succinct if the size of its encryption circuit is sub-linear in the size of functions. We show that collusion-resistant SKFE can be constructed from weakly succinct SKFE supporting only one functional key. By combining the above two results, we show that IO for all circuits can be constructed from weakly succinct SKFE supporting only one functional key.

Abstract Image

查看原文本刊更多论文

基于秘密密钥功能加密的模糊乌托邦

我们证明了所有电路的不可区分混淆(IO)都可以仅通过私钥功能加密(SKFE)构建。在构造中，SKFE需要对无限数量的功能键查询保持安全，也就是说，防止共谋。我们的策略是用可穿刺的SKFE取代Bitansky和Vaikuntanathan (FOCS 2015)提出的IO构建中的公钥功能加密(PKFE)。Bitansky和Vaikuntanathan引入了可穿刺SKFE的概念，并观察到该策略有效。然而，目前尚不清楚我们是否可以在不假设PKFE的情况下构建可穿刺的SKFE。特别是，目前尚不清楚是否可以从标准SKFE构建可穿刺的SKFE。在这项工作中，我们证明了可以从抗合谋的SKFE构建一个可穿刺SKFE的松弛变体。此外，我们还证明了可穿刺SKFE的松弛变体足以用于构造IO。Ananth和Jain (CRYPTO 2015)也提出了一个来自PKFE的IO构建。然而，他们的策略与比兰斯基和瓦伊昆塔纳坦不同。此外，我们还研究了SKFE的抗合谋性与简洁性的关系。如果其加密电路的大小与函数的大小呈次线性关系，则称函数加密是弱简洁的。我们证明了抗合算的SKFE可以由只支持一个功能键的弱简洁SKFE构造而成。通过结合上述两个结果，我们证明了所有电路的IO都可以由仅支持一个功能键的弱简洁SKFE构造。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Cryptology 工程技术-工程：电子与电气

CiteScore

7.10

自引率

3.30%

发文量

审稿时长

18 months

期刊介绍： The Journal of Cryptology is a forum for original results in all areas of modern information security. Both cryptography and cryptanalysis are covered, including information theoretic and complexity theoretic perspectives as well as implementation, application, and standards issues. Coverage includes such topics as public key and conventional algorithms and their implementations, cryptanalytic attacks, pseudo-random sequences, computational number theory, cryptographic protocols, untraceability, privacy, authentication, key management and quantum cryptography. In addition to full-length technical, survey, and historical articles, the journal publishes short notes.