1 / 37

Obfuscation for Evasive Functions

Obfuscation for Evasive Functions. Boaz Barak, Nir Bitansky , Ran Canetti, Yael Tauman Kalai, Omer Paneth, Amit Sahai. Program Obfuscation . Approved Document . Signature . Verify and sign. Obfuscation. Obfuscated Program. Virtual Black-Box (VBB).

aderes
Download Presentation

Obfuscation for Evasive Functions

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Obfuscation for Evasive Functions Boaz Barak, NirBitansky, Ran Canetti, Yael Tauman Kalai, Omer Paneth, Amit Sahai

  2. Program Obfuscation Approved Document Signature Verify and sign Obfuscation Obfuscated Program

  3. Virtual Black-Box (VBB) [Barak-Goldreich-Impagliazzo-Rudich-Sahai-Vadhan-Yang 01] Algorithm is an obfuscator for a family of functions if: For every adversary there exists a simulator such that for every key and predicate :

  4. Impossibilities for VBB [Barak-Goldreich-Impagliazzo-Rudich-Sahai-Vadhan-Yang 01] • There exist families of “unobfuscatable” functions • Can be embedded in applications (e.g. encryption, signatures) • Implemented in • Pseudo-entropic functions are unobfuscatable w.r.t auxiliary input \universal simulation • [Bitansky-Canetti-Cohn-Goldwasser-Kalai-P-Rosen 14]

  5. Positive results • Constructions for simple functions [Can97, CMR98, LPS04, DS05,Wee05, CD08, CV09, CRV10,BR13] • General constructions in idealized models [CV13,BR13,BGKPS13]

  6. Which functions are VBB obfuscatable? Find rich classes of functions that can be VBB obfuscated

  7. Evasive Functions A family of boolean functions is evasiveif for or every : Alternatively: For every efficient (non-uniform) adversary : .

  8. Applications Evasive Functions Disjunctions Hyperplanes Digital Lockers Fuzzy point functions Point functions

  9. Example Output Good input Input Buggy software Patch Crash Bad input Bad input Error message

  10. No impossibility for VBB obfuscation* of evasive functions *for the right notion of VBB

  11. VBB for Evasive Functions Turing machine Circuit Worst-case Impossible Impossible No known impossibility Average-case Impossible

  12. Contributions • New definitions for evasive function obfuscation and the relations between them. • Constructions for the zero-set of low degree polynomial based on multilinear maps • Virtual-gray box obfuscation for evasive functions • Virtual-gray box obfuscation for all functions

  13. New definitions for evasive function obfuscation and the relations between them. • Constructions for the zero-set of low degree polynomial based on multilinear maps • Virtual-gray box obfuscation for evasive functions • Virtual-gray box obfuscation for all functions

  14. Average-case VBB For every adversary there exists a simulator such that for every predicate and for a random key :

  15. Input-Hiding Obfuscation For every adversary • Only achievable for evasive functions • Incomparable to average-case VBB

  16. New definitions for evasive function obfuscation and the relations between them. • Constructions for the zero-set of low degree polynomial based on multilinear maps • Virtual-gray box obfuscation for evasive functions • Virtual-gray box obfuscation for all functions

  17. Constructions Average-case VBB and Input-hiding obfuscation for a subclass of evasive function: Roots of low degree multivariate polynomials is defined by a multivariate polynomial over . For key and input : .

  18. Is the Root Set Evasive? For every input .

  19. Two Constructions Input-hiding Average-case VBB given by anarithmetic circuit of size and depth given by an arithmetic circuit of size and degree Perfectly-hiding graded encoding One-way graded encoding

  20. Graded Encodings [Garg-Gentry-Halevi 13] • including a description of a ring • For every and every d, is an encoding • , • (candidate scheme with public encoding from [CLT13])

  21. Input-Hiding Zero Evaluate using

  22. Proof Idea Assume there exists such that: If then is a root of Can use to invert

  23. New definitions for evasive function obfuscation and the relations between them. • Constructions for the zero-set of low degree polynomial based on multilinear maps • Virtual-gray box obfuscation for evasive functions • Virtual-gray box obfuscation for all functions

  24. Virtual Grey-Box (VGB) [Bitansky-Canetti 10] For every adversary there exists an unbounded simulator making polynomial number of oracle queriessuch that for every predicate and for a random key : Polynomial # of queries Computationally unbounded

  25. Why VGB? Virtual black-box obfuscation Virtual grey-box obfuscation Indistinguishability obfuscation

  26. Applications of VGB [Bitansky-Canetti 10] Composable VGB obfuscation for point functionsfrom a strong variant of DDH. Digital lockers [CD08], strong KDM encryption [CKVW10], CCA encryption [MH14], computational fuzzy extractors [CFPR14].

  27. Virtual Grey-Box Virtual grey-box is not always meaningful. Example: pseudorandom functions For what functions is virtual grey-box meaningful?

  28. VGB for Evasive Functions For evasive functions , Average-case VBB average-case VGB Polynomial # of queries Computationally unbounded

  29. Theorem Average-case VGB for evasive functions Average-case VGB* for all functions * 1. Simulator make (slightly) super-polynomial #queries 2. Obfuscator is inefficient + indistinguishability obfuscation for all functions

  30. Proof Idea Any function family can be decomposed to: Can be learned by the VGB simulator Evasive

  31. Decomposition via Learning

  32. Decomposition via Learning

  33. Decomposition via Learning

  34. Decomposition via Learning

  35. Decomposition via Learning

  36. Decomposition via Learning is evasive.

  37. Thank You!

More Related