To refer to this page use:
|Abstract:||Recent devastating attacks by Cheon et al. [Eurocrypt’15] and others have highlighted significant gaps in our intuition about security in candidate multilinear map schemes, and in candidate obfuscators that use them. The new attacks, and some that were previously known, are typically called “zeroizing” attacks because they all crucially rely on the ability of the adversary to create encodings of 0. In this work, we initiate the study of post-zeroizing obfuscation, and we obtain a key new mathematical tool to analyze security in a post-zeroizing world. Our new mathematical tool allows for analyzing polynomials constructed by the adversary when given encodings of randomized matrices arising from a general matrix branching program. This technique shows that the types of encodings an adversary can create are much more restricted than was previously known, and is a crucial step toward achieving post-zeroizing security. We also believe the technique is of independent interest, as it yields efficiency improvements for existing schemes – efficiency improvements that have already found application in other settings. Finally, we show how to apply our new mathematical tool to the special case of evasive functions. We show that our obfuscator survives all known attacks on the underlying multilinear maps, by proving that no top-level encodings of 0 can be created by a generic-model adversary. Previous obfuscators (for both evasive and general functions) were either analyzed in a less-conservative “pre-zeroizing” model that does not capture recent attacks, or were proved secure relative to assumptions that no longer have any plausible instantiation due to zeroizing attacks.|
|Citation:||Badrinarayanan, Saikrishna, Eric Miles, Amit Sahai, and Mark Zhandry. "Post-zeroizing Obfuscation: New Mathematical Tools, and the Case of Evasive Circuits." In Annual International Conference on the Theory and Applications of Cryptographic Techniques (2016): pp. 764-791. doi:10.1007/978-3-662-49896-5_27|
|Pages:||764 - 791|
|Type of Material:||Conference Article|
|Journal/Proceeding Title:||Annual International Conference on the Theory and Applications of Cryptographic Techniques|
Items in OAR@Princeton are protected by copyright, with all rights reserved, unless otherwise indicated.