Matrix PRFs: Constructions, Attacks, and Applications to Obfuscation.

We give a construction of witness PRFs from multilinear maps that is simpler and much more efficient than current obfuscation candidates, thus bringing several applications of obfuscation closer to practice ... Our construction relies on new but very natural hardness assumptions about the underlying maps that appear to be resistant to a recent line of attacks. ... Opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of DARPA. ...

doi:10.1007/978-3-662-49099-0_16 fatcat:axsywzqmjngujl7gplqn2chfs4

Our construction gives an instance of the GGH15 applications with a security reduction to LWE. ... The construction draws heavily from the graph-induced multilinear maps by Gentry, Gorbunov and Halevi [TCC 2015], as well as the existing lattice-based PRFs. ... Acknowledgments We thank Leonid Reyzin for helpful discussions and the formalization of LWE-hardness. ...

doi:10.1007/978-3-319-56620-7_16 fatcat:zeoidimozzglxfanuz7tkatxau

The watermarking PRF is unremovable even if adversaries have (the public parameter and) access to the extraction oracle, which returns a result of extraction for a queried quantum circuit. - We construct ... a publicly extractable watermarking PRF against quantum adversaries from indistinguishability obfuscation (IO) and the quantum hardness of the LWE problem. ... Let A be an adversary attacking the extended weak pseudorandomness of PRF cprf . We construct B that attacks the selective single-key pseudorandomness of CPRF. ...

arXiv:2205.11034v1 fatcat:3gujkekvfberzhyaftpj7xnzue

Punctured PRFs play an important role in cryptography, especially in applications of indistinguishability obfuscation. ... A puncturable pseudorandom function (PRF) has a master key k that enables one to evaluate the PRF at all points of the domain, and has a punctured key kx that enables one to evaluate the PRF at all points ... We also thank David Wu for his helpful comments on the definition of privately constrained PRFs. This work is supported by NSF, DARPA, the Simons foundation, and a grant from ONR. ...

doi:10.1007/978-3-319-56620-7_15 fatcat:k2fxfxv5wbannavvm4rcz5vdzm

Applications of key-homomorphic PRFs include distributed key-distribution, symmetric proxy re-encryption, updatable encryption and PRFs secure against related-key attacks [NPR99, BLMR13, LMR14]. ... Unfortunately, our construction in this work will not allow collusions, and therefore will not be useful for these applications. ... A high-level methodology for constructing PRFs, taken by [BLMR13, BP14] and also in this work, is to take s as the seed, and to generate for each PRF input x, an LWE matrix A x such that the values s ...

doi:10.1007/978-3-662-46497-7_1 fatcat:vfsgtr5en5firaz5iu36dqbr4a

(Crypto 2003), using an additively key-homomorphic PRF to reduce interaction. ... We first use this to construct a protocol for a large batch of 1-out-of-n OTs on random inputs, with amortized o(1) communication. ... I am also grateful to the PKC 2018 reviewers for helpful comments. ...

doi:10.1007/978-3-319-76578-5_19 fatcat:dqrf37o2lrgxjarbhc47w2dvm4

We use our derandomized variant of LWE to construct a SSKH PRF family. ... To establish the maximum number of SSKH PRFs that can be constructed – by a set of parties – in the presence of passive/active and external/internal adversaries, we prove several bounds on the size of ... As an example application of LWLR, we replace LWR with LWLR in the LWR-based key-homomorphic PRF construction from [35] to construct the first SSKH PRF family. ...

arXiv:2205.00861v1 fatcat:6nimmkefnzedrc2hujlynj6sju

We provide cryptanalysis demonstrating that our schemes resist several potential attacks, and leave further cryptanalysis to future work. ... We provide evidence to suggest that constructions following our ADP-based framework may one day yield secure, practically feasible obfuscation. ... Obfuscating PRFs Efficiently obfuscating PRFs and simple computations that employ them is a highly desirable goal for both theoretical and practical applications. ...

doi:10.4230/lipics.itcs.2020.82 dblp:conf/innovations/BartusekIJMSZ20 fatcat:okwc2tfqt5f5pjvgboybahlfqu

Combiners are especially important for a primitive where there are several competing constructions whose security is hard to evaluate, as is the case for indistinguishability obfuscation (IO) and witness ... In a recent paper, Goldwasser and Kalai posed as a challenge finding universal constructions for indistinguishability obfuscation and witness encryption. ... Acknowledgements We thank Yuval Ishai for helpful discussions and for bringing to our notice the problem of universal obfuscation. ...

doi:10.1007/978-3-662-53008-5_17 fatcat:hodmwzkxl5g47esxgmjuipxzza

Next, we optimize and experiment with several MIFE and obfuscation constructions and evaluate their performance. ... Secure multilinear maps (mmaps) have been shown to have remarkable applications in cryptography, such as multi-input functional encryption (MIFE) and program obfuscation. ... However, since neither MIFE nor obfuscation publish any encodings of 0, these applications seem to be unaffected by the zeroizing attacks. ...

doi:10.1145/2976749.2978314 dblp:conf/ccs/LewiMACFWABK016 fatcat:q424asoc7be47msxbdwoojqkre

We analyze the security of this candidate against several natural attacks and leave its further study to future work. * ... We reduce the public-key variant of PIR to OLDC using an ideal form of obfuscation that can be instantiated heuristically with existing indistinguishability obfuscation candidates, or alternatively implemented ... Second, these attacks require knowledge of the public key-the scrambled generator matrix-and in the Oblivious LDC setting the attacker is not privy to this information. Linearization Attacks. ...

doi:10.1007/978-3-319-70503-3_22 fatcat:wmlspzu6hbfu7fppwkhy3osjma

[GGSW13] provide an intuitive argument suggesting that either of these shortcoming might be inherent when realizing indistinguishability obfuscation. 1 This intuitive argument however is not applicable ... In this work, we overcome the above limitations and realize a fully secure functional encryption scheme without using indistinguishability obfuscation. ... However, in our application, the distributions will be guaranteed to be indistinguishable. Our Construction. ...

doi:10.1007/978-3-662-49099-0_18 fatcat:axvvtnq4dfaalmp6txlimt2v5u

Compared to contemporary countermeasures for power side-channel attacks, overheads in area and frequency are minimal. ... The countermeasures depend on the cause of leakage in each module and can vary from simple modifications of the HDL code ensuring secure translation by the EDA tools, to obfuscating data and address lines ... File (PRF) and Register File. ...

arXiv:1911.08813v1 fatcat:6wxhsjb6v5gtngpfgeixt3pk4i

, and Waters (FOCS 2013), and all subsequent works constructing general-purpose obfuscators. ... We show how to adapt the construction and security proofs of [4] to work with RMBPs. The efficiency of this obfuscation will be discussed in more detail below. ... We are especially grateful to Ilan Komargodski for bringing the work of [31] to our attention as well as for several other helpful suggestions and comments. ...

doi:10.1145/2660267.2660342 dblp:conf/ccs/AnanthGIS14 fatcat:4krz5gccyfcsbh7yk5safeyyxa

The recently introduced notion of puncturable PRFs, in conjunction with indistinguishability obfuscation, has found applications for the construction of strong cryptographic primitives, and demonstrates ... Key-homomorphic PRFs are useful for constructing distributed PRFs, proxy re-encryption, and other applications with high relevance to "cloud" security (see Section 8.2). ... Oded has been and continues to be a dear mentor to us all, and sets a very high bar to aspire to. ...

doi:10.1007/978-3-319-57048-8_3 fatcat:dwdqcxanardkthw4oon7qn7aia

How to Avoid Obfuscation Using Witness PRFs [chapter]

Preserved Fulltext

Constraint-Hiding Constrained PRFs for NC $$^1$$ from LWE [chapter]

Preserved Fulltext

Watermarking PRFs against Quantum Adversaries [article]

Preserved Fulltext

Private Puncturable PRFs from Standard Lattice Assumptions [chapter]

Preserved Fulltext

Constrained Key-Homomorphic PRFs from Standard Lattice Assumptions [chapter]

Preserved Fulltext

Extending Oblivious Transfer with Low Communication via Key-Homomorphic PRFs [chapter]

Preserved Fulltext

Star-specific Key-homomorphic PRFs from Linear Regression and Extremal Set Theory [article]

Preserved Fulltext

Affine Determinant Programs: A Framework for Obfuscation and Witness Encryption

Preserved Fulltext

Universal Constructions and Robust Combiners for Indistinguishability Obfuscation and Witness Encryption [chapter]

Preserved Fulltext

5Gen

Preserved Fulltext

Can We Access a Database Both Locally and Privately? [chapter]

Preserved Fulltext

Functional Encryption Without Obfuscation [chapter]

Preserved Fulltext

PARAM: A Microprocessor Hardened for Power Side-Channel Attack Resistance [article]

Preserved Fulltext

Optimizing Obfuscation

Preserved Fulltext

Pseudorandom Functions: Three Decades Later [chapter]

Preserved Fulltext