Shorter circuit obfuscation in challenging security models

Zvika Brakerski, Or Dagmi

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

The study of program obfuscation is seeing great progress in recent years, which is crucially attributed to the introduction of graded encoding schemes by Garg, Gentry and Halevi [20]. In such schemes, elements of a ring can be encoded such that the content of the encoding is hidden, but restricted algebraic manipulations, followed by zero-testing, can be performed publicly. This primitive currently underlies all known constructions of general-purpose obfuscators. However, the security properties of the current candidate graded encoding schemes are not well understood, and new attacks frequently introduced. It is therefore important to assume as little as possible about the security of the graded encoding scheme, and use as conservative security models as possible. This often comes at a cost of reducing the efficiency or the functionality of the obfuscator. In this work, we present a candidate obfuscator, based on compositeorder graded encoding schemes, which obfuscates circuits directly a la Zimmerman [34] and Applebaum-Brakerski [2]. Our construction requires a graded encoding scheme with only 3 “plaintext slots” (= subrings of the underlying ring), which is directly related to the size and complexity of the obfuscated program. We prove that our obfuscator is superior to previous works in two different security models. 1. We prove that our obfuscator is indistinguishability-secure (iO) in the Unique Representation Generic Graded Encoding model. Previous works either required a composite-order scheme with polynomially many slots, or were provable in a milder security model. This immediately translates to a polynomial improvement in efficiency, and shows that improved security does not come at the cost of efficiency in this case. 2. Following Badrinarayanan et al. [3], we consider a model where finding any “non-trivial” encoding of zero breaks the security of the encoding scheme. We show that, perhaps surprisingly, secure obfuscation is possible in this model even for some classes of non-evasive functions (for example, any class of conjunctions). We define the property required of the function class, formulate an appropriate (generic) security model, and prove that our aforementioned obfuscator is virtual-black-box (VBB) secure in this model.

Original languageEnglish
Title of host publicationSecurity and Cryptography for Networks - 10th International Conference, SCN 2016, Proceedings
EditorsRoberto De Prisco, Vassilis Zikas
PublisherSpringer Verlag
Pages551-570
Number of pages20
ISBN (Print)9783319446172
DOIs
StatePublished - 2016
Event10th International Conference on Security and Cryptography for Networks, SCN 2016 - Amalfi, Italy
Duration: 31 Aug 20162 Sep 2016

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume9841 LNCS

Conference

Conference10th International Conference on Security and Cryptography for Networks, SCN 2016
Country/TerritoryItaly
CityAmalfi
Period31/08/162/09/16

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • General Computer Science

Fingerprint

Dive into the research topics of 'Shorter circuit obfuscation in challenging security models'. Together they form a unique fingerprint.

Cite this