We construct indistinguishability obfuscation (iO) solely under circular-security properties of encryption schemes based on the Learning with Errors (LWE) problem. Circular-security assumptions were
used before to construct (non-leveled) fully-homomorphic encryption (FHE), but our assumption
is stronger and requires circular randomness-leakage-resilience. In contrast with prior works, this
assumption can be conjectured to be post-quantum secure; yielding the first provably secure iO
construction that is (plausibly) post-quantum secure.
Our work follows the high-level outline of the recent work of Gay and Pass [STOC 2021], who
showed a way to remove the heuristic step from the homomorphic-encryption based iO approach of
Brakerski, Döttling, Garg, and Malavolta [EUROCRYPT 2020]. They thus obtain a construction
proved secure under circular security assumption of natural homomorphic encryption schemes –
specifically, they use homomorphic encryption schemes based on LWE and DCR, respectively. In this
work we show how to remove the DCR assumption and remain with a scheme based on the circular
security of LWE alone. Along the way we relax some of the requirements in the Gay-Pass blueprint
and thus obtain a scheme that is secure under a different assumption. Specifically, we do not require
security in the presence of a key-cycle, but rather only in the presence of a key-randomness cycle.
An additional contribution of our work is to point out a problem in one of the building blocks
used by many iO candidates, including all existing provable post-quantum candidates. Namely, in
the transformation from exponentially-efficient iO (XiO) from Lin, Pass, Seth and Telang [PKC 2016].
We show why their transformation inherently falls short of achieving the desired goal, and then
rectify this situation by showing that shallow XiO (i.e. one where the obfuscator is depth-bounded)
does translate to iO using LWE.
History
Preferred Citation
Zvika Brakerski, Nico Döttling, Sanjam Garg and Giulio Malavolta. Factoring and Pairings Are Not Necessary for IO:
Circular-Secure LWE Suffices. In: International Colloquium on Automata, Languages and Programming (ICALP). 2022.
Primary Research Area
Algorithmic Foundations and Cryptography
Name of Conference
International Colloquium on Automata, Languages and Programming (ICALP)
Legacy Posted Date
2023-06-07
Open Access Type
Unknown
BibTeX
@inproceedings{cispa_all_3960,
title = "Factoring and Pairings Are Not Necessary for IO:
Circular-Secure LWE Suffices",
author = "Brakerski, Zvika and Döttling, Nico and Garg, Sanjam and Malavolta, Giulio",
booktitle="{International Colloquium on Automata, Languages and Programming (ICALP)}",
year="2022",
}