Paper 2018/615

Indistinguishability Obfuscation Without Multilinear Maps: iO from LWE, Bilinear Maps, and Weak Pseudorandomness

Prabhanjan Ananth, Aayush Jain, and Amit Sahai

Abstract

The existence of secure indistinguishability obfuscators (iO) has far-reaching implications, significantly expanding the scope of problems amenable to cryptographic study. All known approaches to constructing iO rely on $d$-linear maps which allow the encoding of elements from a large domain, evaluating degree $d$ polynomials on them, and testing if the output is zero. While secure bilinear maps are well established in cryptographic literature, the security of candidates for $d>2$ is poorly understood. We propose a new approach to constructing iO for general circuits. Unlike all previously known realizations of iO, we avoid the use of $$-linear maps of degree $$. At the heart of our approach is the assumption that a new weak pseudorandom object exists, that we call a perturbation resilient generator ($$). Informally, a $$ maps $$ integers to $$ integers, and has the property that for any sufficiently short vector $$, all efficient adversaries must fail to distinguish the distributions $$ and ($$), with at least some probability that is inverse polynomial in the security parameter. $$s have further implementability requirements; most notably they must be computable by a family of degree-3 polynomials over $$. We use techniques building upon the Dense Model Theorem to deal with adversaries that have nontrivial but non-overwhelming distinguishing advantage. In particular, we obtain a new security amplification theorem for functional encryption. As a result, we obtain iO for general circuits assuming: \begin{itemize} \item Subexponentially secure LWE \item Bilinear Maps \item $$-secure 3-block-local PRGs \item $$-secure $$s \end{itemize}