Non-trivial witness encryption and null-io from standard assumptions

Zvika Brakerski, Aayush Jain, Ilan Komargodski, Alain Passelègue, Daniel Wichs

Research output: Chapter in Book/Report/Conference proceedingChapter

Abstract

A witness encryption (WE) scheme can take any NP statement as a public-key and use it to encrypt a message. If the statement is true then it is possible to decrypt the message given a corresponding witness, but if the statement is false then the message is computationally hidden. Ideally, the encryption procedure should run in polynomial time, but it is also meaningful to define a weaker notion, which we call non-trivially exponentially efficient WE (XWE), where the encryption run-time is only required to be much smaller than the trivial 2 m bound for NP relations with witness size m. We show how to construct such XWE schemes for all of NP with encryption run-time 2 m / 2 under the sub-exponential learning with errors (LWE) assumption. For NP relations that can be verified in NC1 (e.g., SAT) we can also construct such XWE schemes under the sub-exponential Decisional Bilinear Diffie-Hellman (DBDH) assumption. Although we find the result surprising, it follows via a very simple connection to attribute-based encryption. We also show how to upgrade the above results to get non-trivially exponentially efficient indistinguishability obfuscation for null circuits (niO), which guarantees that the obfuscations of any two circuits that always output 0 are indistinguishable. In particular, under the LWE assumptions we get a XniO scheme where the obfuscation time is 2 n / 2 for all circuits with input size n. It is known that in the case of indistinguishability obfuscation (iO) for all circuits, non-trivially efficient XiO schemes imply fully efficient iO schemes (Lin et al., PKC ’16) but it remains as a fascinating open problem whether any such connection exists for WE or niO. Lastly, we explore a potential approach toward constructing fully efficient WE and niO schemes via multi-input ABE.

Original languageEnglish
Title of host publicationSecurity and Cryptography for Networks - 11th International Conference, SCN 2018, Proceedings
EditorsDario Catalano, Roberto De Prisco
PublisherSpringer-Verlag Italia
Pages425-441
Number of pages17
ISBN (Print)9783319981123
DOIs
StatePublished - Aug 2018
Event11th International Conference on Security and Cryptography for Networks, SCN 2018 - Amalfi, Italy
Duration: 5 Sep 20187 Sep 2018

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume11035 LNCS
ISSN (Print)0302-9743

Conference

Conference11th International Conference on Security and Cryptography for Networks, SCN 2018
Country/TerritoryItaly
CityAmalfi
Period5/09/187/09/18

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • General Computer Science

Fingerprint

Dive into the research topics of 'Non-trivial witness encryption and null-io from standard assumptions'. Together they form a unique fingerprint.

Cite this