research-article

Reusable garbled circuits and succinct functional encryption

Authors:

Shafi Goldwasser,

Raluca Ada Popa,

Vinod Vaikuntanathan,

Nickolai ZeldovichAuthors Info & Claims

STOC '13: Proceedings of the forty-fifth annual ACM symposium on Theory of Computing

Pages 555 - 564

https://doi.org/10.1145/2488608.2488678

Published: 01 June 2013 Publication History

Abstract

Garbled circuits, introduced by Yao in the mid 80s, allow computing a function f on an input x without leaking anything about f or x besides f(x). Garbled circuits found numerous applications, but every known construction suffers from one limitation: it offers no security if used on multiple inputs x. In this paper, we construct for the first time reusable garbled circuits. The key building block is a new succinct single-key functional encryption scheme.

Functional encryption is an ambitious primitive: given an encryption Enc(x) of a value x, and a secret key sk_f for a function f, anyone can compute f(x) without learning any other information about x. We construct, for the first time, a succinct functional encryption scheme for {\em any} polynomial-time function f where succinctness means that the ciphertext size does not grow with the size of the circuit for f, but only with its depth. The security of our construction is based on the intractability of the Learning with Errors (LWE) problem and holds as long as an adversary has access to a single key sk_f (or even an a priori bounded number of keys for different functions).

Building on our succinct single-key functional encryption scheme, we show several new applications in addition to reusable garbled circuits, such as a paradigm for general function obfuscation which we call token-based obfuscation, homomorphic encryption for a class of Turing machines where the evaluation runs in input-specific time rather than worst-case time, and a scheme for delegating computation which is publicly verifiable and maintains the privacy of the computation.

References

[1]

S. Agrawal, D. M. Freeman, and V. Vaikuntanathan. Functional encryption for inner product predicates from learning with errors. In ASIACRYPT, pages 21-?40, 2011.

Digital Library

[2]

S. Agrawal, S. Gorbunov, V. Vaikuntanathan, and H. Wee. Functional encryption: New perspectives and lower bounds. Cryptology ePrint Archive, Report 2012/468, 2012.

[3]

M. Ajtai, R. Kumar, and D. Sivakumar. A sieve algorithm for the shortest lattice vector problem. In STOC, pages 601?-610, 2001.

Digital Library

[4]

B. Barak, O. Goldreich, R. Impagliazzo, S. Rudich, A. Sahai, S. P. Vadhan, and K. Yang. On the (im)possibility of obfuscating programs. In CRYPTO, pages 1-?18, 2001.

Digital Library

[5]

B. Barak, I. Haitner, D. Hofheinz, and Y. Ishai. Bounded key-dependent message security. In EUROCRYPT, pages 423?-444, 2010.

Digital Library

[6]

M. Bellare, V. T. Hoang, and P. Rogaway. Garbling schemes. Cryptology ePrint Archive, Report 2012/265, 2012.

[7]

J. Bethencourt, A. Sahai, and B. Waters. Ciphertext-policy attribute-based encryption. In Proceedings of the 28th IEEE Symposium on Security and Privacy, pages 321?-334, 2007.

Digital Library

[8]

N. Bitansky, R. Canetti, S. Goldwasser, S. Halevi, Y. T. Kalai, and G. N. Rothblum. Program obfuscation with leaky hardware. In ASIACRYPT, pages 722?-739, 2011.

Digital Library

[9]

D. Boneh, A. Sahai, and B. Waters. Functional encryption: Definitions and challenges. In TCC, pages 253-?273, 2011.

Digital Library

[10]

D. Boneh and B. Waters. Conjunctive, subset, and range queries on encrypted data. In TCC, pages 535?-554, 2007.

Digital Library

[11]

Z. Brakerski. Fully homomorphic encryption without modulus switching from classical GapSVP. In CRYPTO, pages 868?-886, 2012.

Digital Library

[12]

Z. Brakerski, C. Gentry, and V. Vaikuntanathan. (Leveled) fully homomorphic encryption without bootstrapping. In ITCS, pages 309?-325, 2012.

Digital Library

[13]

Z. Brakerski and V. Vaikuntanathan. Efficient fully homomorphic encryption from (standard) LWE. In FOCS, pages 97?-106, 2011.

Digital Library

[14]

Z. Brakerski and V. Vaikuntanathan. Fully homomorphic encryption from ring-LWE and security for key dependent messages. In CRYPTO, pages 505--524, 2011.

Digital Library

[15]

R. Canetti, Y. T. Kalai, M. Varia, and D. Wichs. On symmetric encryption and point obfuscation. In TCC, pages 52?-71, 2010.

Digital Library

[16]

M. A. Davis. Cloud security: Verify, don't trust. Information Week, August 2012. http://reports.informationweek.com/abstract/5/8978/.

[17]

M. Dijk, C. Gentry, S. Halevi, and V. Vaikuntanathan. Fully homomorphic encryption over the integers. In EUROCRYPT, pages 24?-43, 2010.

Digital Library

[18]

S. Garg, C. Gentry, and S. Halevi. Candidate multilinear maps from ideal lattices and applications. Cryptology ePrint Archive, Report 2012/610, 2012.

[19]

R. Gennaro, C. Gentry, and B. Parno. Non-interactive verifiable computing: Outsourcing computation to untrusted workers. In CRYPTO, pages 465?-482, 2010.

Digital Library

[20]

C. Gentry. Fully homomorphic encryption using ideal lattices. In STOC, pages 169?-178, 2009.

Digital Library

[21]

C. Gentry, S. Halevi, and N. P. Smart. Fully homomorphic encryption with polylog overhead. In EUROCRYPT, 2012.

Digital Library

[22]

C. Gentry, S. Halevi, and N. P. Smart. Homomorphic evaluation of the AES circuit. Cryptology ePrint Archive, Report 2012/099, 2012.

[23]

C. Gentry, S. Halevi, and V. Vaikuntanathan. A simple BGN-type cryptosystem from LWE. In EUROCRYPT, pages 506-?522, 2010.

Digital Library

[24]

O. Goldreich, S. Micali, and A. Wigderson. How to play any mental game. In STOC, pages 218?-229, 1987.

Digital Library

[25]

S. Goldwasser, Y. Kalai, R. A. Popa, V. Vaikuntanathan, and N. Zeldovich. Reusable garbled circuits and succinct functional encryption. Cryptology ePrint Archive, Report 2012/733, 2012.

[26]

S. Goldwasser and Y. T. Kalai. On the impossibility of obfuscation with auxiliary input. In FOCS, pages 553?-562, 2005.

Digital Library

[27]

S. Goldwasser, Y. T. Kalai, and G. N. Rothblum. One-time programs. In CRYPTO, pages 39?-56, 2008.

Digital Library

[28]

S. Goldwasser and G. N. Rothblum. On best-possible obfuscation. In TCC, pages 194?-213, 2007.

Digital Library

[29]

S. Gorbunov, V. Vaikuntanathan, and H. Wee. Functional encryption with bounded collusions via multi-party computation. In CRYPTO, pages 162--179, August 2012.

Digital Library

[30]

S. Gorbunov, V. Vaikuntanathan, and H. Wee. Attribute-based encryption for circuits. In STOC, 2013.

Digital Library

[31]

V. Goyal, Y. Ishai, A. Sahai, R. Venkatesan, and A. Wadia. Founding cryptography on tamper-proof hardware tokens. In TCC, pages 308?-326, 2010.

Digital Library

[32]

V. Goyal, A. Jain, O. Pandey, and A. Sahai. Bounded ciphertext policy attribute based encryption. In ICALP, pages 579?-591, 2008.

Digital Library

[33]

V. Goyal, O. Pandey, A. Sahai, and B. Waters. Attribute-based encryption for fine-grained access control of encrypted data. In ACM CCS, pages 89-?98, 2006.

Digital Library

[34]

J. Katz, A. Sahai, and B. Waters. Predicate encryption supporting disjunctions, polynomial equations, and inner products. In EUROCRYPT, pages 146-?162, 2008.

Digital Library

[35]

A. B. Lewko, T. Okamoto, A. Sahai, K. Takashima, and B. Waters. Fully secure functional encryption: Attribute-based encryption and (hierarchical) inner product encryption. In EUROCRYPT, pages 62?-91, 2010.

Digital Library

[36]

A. B. Lewko and B. Waters. New proof methods for attribute-based encryption: Achieving full security through selective techniques. In CRYPTO, 2012.

Digital Library

[37]

Y. Lindell and B. Pinkas. A proof of security of Yao's protocol for two-party computation. J. Cryptol., 22:161-?188, April 2009.

Digital Library

[38]

A. López-Alt, E. Tromer, and V. Vaikuntanathan. On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption. In STOC, pages 1219?-1234, 2012.

Digital Library

[39]

D. Micciancio and P. Voulgaris. A deterministic single exponential time algorithm for most lattice problems based on Voronoi cell computations. In STOC, pages 351?-358, 2010.

Digital Library

[40]

T. Okamoto and K. Takashima. Hierarchical predicate encryption for inner-products. In ASIACRYPT, pages 214-?231, 2009.

Digital Library

[41]

T. Okamoto and K. Takashima. Fully secure functional encryption with general relations from the decisional linear assumption. In CRYPTO, pages 191?-208, 2010.

Digital Library

[42]

A. O'Neill. Definitional issues in functional encryption. Cryptology ePrint Archive, Report 2010/556, 2010.

[43]

B. Parno, M. Raykova, and V. Vaikuntanathan. How to delegate and verify in public: Verifiable computation from attribute-based encryption. In TCC, pages 422?-439, 2012.

Digital Library

[44]

C. Peikert. Public-key cryptosystems from the worst-case shortest vector problem. In STOC, pages 333?-342, 2009.

Digital Library

[45]

Privacy Rights Clearinghouse. Chronology of data breaches, 2012. http://www.privacyrights.org/data-breach.

[46]

O. Regev. On lattices, learning with errors, random linear codes, and cryptography. In STOC, pages 84?-93, 2005.

Digital Library

[47]

A. Sahai and H. Seyalioglu. Worry-free encryption: functional encryption with public keys. In ACM CCS, pages 463-?472, 2010.

Digital Library

[48]

A. Sahai and B. Waters. Fuzzy identity-based encryption. In EUROCRYPT, pages 457-?473, 2005.

Digital Library

[49]

A. Sahai and B. Waters. Attribute-based encryption for circuits from multilinear maps. Cryptology ePrint Archive, Report 2012/592, 2012.

[50]

E. Shen, E. Shi, and B. Waters. Predicate privacy in encryption systems. In TCC, pages 457?-473, 2009.

Digital Library

[51]

D. Stehlé and R. Steinfeld. Faster fully homomorphic encryption. In ASIACRYPT, pages 377?-394, 2010.

[52]

V. Vaikuntanathan. Computing blindfolded: New developments in fully homomorphic encryption. In FOCS, pages 5-?16, 2011.

Digital Library

[53]

Verizon RISK Team. 2012 data breach investigations report. http://www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2012_en_xg.pdf.

[54]

B. Waters. Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In PKC, pages 53-?70, 2011.

Digital Library

[55]

B. Waters. Functional encryption for regular languages. In CRYPTO, pages 218?-235, 2012.

Digital Library

[56]

H. Wee. On obfuscating point functions. In STOC, pages 523?-532, 2005.

Digital Library

[57]

A. C. Yao. Protocols for secure computations. In FOCS, pages 160?-164, 1982.

Digital Library

[58]

A. C. Yao. How to generate and exchange secrets (extended abstract). In FOCS, pages 162-?167, 1986.

Digital Library

Cited By

Hosseingholizadeh ARahmati FAli MDamadi HLiu X(2024)Privacy-Preserving Joint Data and Function Homomorphic Encryption for Cloud Software ServicesIEEE Internet of Things Journal10.1109/JIOT.2023.328650811:1(728-741)Online publication date: 1-Jan-2024
https://doi.org/10.1109/JIOT.2023.3286508
Datta PPal TTakashima K(2024)Compact FE for unbounded attribute-weighted sums for logspace from SXDHDesigns, Codes and Cryptography10.1007/s10623-024-01432-8Online publication date: 27-Jul-2024
https://doi.org/10.1007/s10623-024-01432-8
Tan GWang YWang JZhang M(2024)An Inner Product Function Encryption Scheme for Secure Distance CalculationFrontiers in Cyber Security10.1007/978-981-99-9331-4_24(353-369)Online publication date: 4-Jan-2024
https://doi.org/10.1007/978-981-99-9331-4_24
Show More Cited By

Index Terms

Reusable garbled circuits and succinct functional encryption
1. Security and privacy
  1. Cryptography
    1. Public key (asymmetric) techniques
      1. Public key encryption

Recommendations

Candidate Indistinguishability Obfuscation and Functional Encryption for All Circuits

In this work, we study indistinguishability obfuscation and functional encryption for general circuits: Indistinguishability obfuscation requires that given any two equivalent circuits $C_0$ and $C_1$ of similar size, the obfuscations of $C_0$ and $C_1$ ...
Candidate Indistinguishability Obfuscation and Functional Encryption for all Circuits
FOCS '13: Proceedings of the 2013 IEEE 54th Annual Symposium on Foundations of Computer Science

In this work, we study indistinguishability obfuscation and functional encryption for general circuits: Indistinguishability obfuscation requires that given any two equivalent circuits C_0 and C_1 of similar size, the obfuscations of C_0 and C_1 should ...
Practical reusable garbled circuits with parallel updates
Abstract
The central contribution of the current paper is to establish a practical and effective reusable garbled circuit scheme with parallel updates, where each update is applied to the circuit in parallel. First of all, we present a ...
Highlights
- We present a strengthened notion of inner product functional encryption (IPE) called simulation-based security (SIM-security) for multi-instance and show ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

STOC '13: Proceedings of the forty-fifth annual ACM symposium on Theory of Computing

June 2013

998 pages

ISBN:9781450320290

DOI:10.1145/2488608

General Chairs:
Dan Boneh
Stanford University, USA
,
Tim Roughgarden
Stanford University, USA
,
Program Chair:
Joan Feigenbaum
Yale University, USA

Copyright © 2013 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGACT: ACM Special Interest Group on Algorithms and Computation Theory

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 June 2013

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

STOC'13

Sponsor:

SIGACT

STOC'13: Symposium on Theory of Computing

June 1 - 4, 2013

California, Palo Alto, USA

Acceptance Rates

STOC '13 Paper Acceptance Rate 100 of 360 submissions, 28%;

Overall Acceptance Rate 1,469 of 4,586 submissions, 32%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

253
Total Citations
View Citations
1,341
Total Downloads

Downloads (Last 12 months)118
Downloads (Last 6 weeks)13

Reflects downloads up to 09 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Hosseingholizadeh ARahmati FAli MDamadi HLiu X(2024)Privacy-Preserving Joint Data and Function Homomorphic Encryption for Cloud Software ServicesIEEE Internet of Things Journal10.1109/JIOT.2023.328650811:1(728-741)Online publication date: 1-Jan-2024
https://doi.org/10.1109/JIOT.2023.3286508
Datta PPal TTakashima K(2024)Compact FE for unbounded attribute-weighted sums for logspace from SXDHDesigns, Codes and Cryptography10.1007/s10623-024-01432-8Online publication date: 27-Jul-2024
https://doi.org/10.1007/s10623-024-01432-8
Tan GWang YWang JZhang M(2024)An Inner Product Function Encryption Scheme for Secure Distance CalculationFrontiers in Cyber Security10.1007/978-981-99-9331-4_24(353-369)Online publication date: 4-Jan-2024
https://doi.org/10.1007/978-981-99-9331-4_24
Dong FHao ZMook EWichs D(2024)Laconic Function Evaluation, Functional Encryption and Obfuscation for RAMs with Sublinear ComputationAdvances in Cryptology – EUROCRYPT 202410.1007/978-3-031-58723-8_7(190-218)Online publication date: 8-May-2024
https://doi.org/10.1007/978-3-031-58723-8_7
Hashemi MForte DGanji F(2024)Time Is Money, Friend! Timing Side-Channel Attack Against Garbled Circuit ConstructionsApplied Cryptography and Network Security10.1007/978-3-031-54776-8_13(325-354)Online publication date: 29-Feb-2024
https://doi.org/10.1007/978-3-031-54776-8_13
Zhao BLi YLiu XLi XPang HDeng R(2023)Identifiable, But Not Visible: A Privacy-Preserving Person Reidentification SchemeIEEE Transactions on Reliability10.1109/TR.2023.325898372:4(1295-1307)Online publication date: Dec-2023
https://doi.org/10.1109/TR.2023.3258983
Hahn CYoon HHur J(2023)Multi-Key Similar Data Search on Encrypted Storage With Secure Pay-Per-QueryIEEE Transactions on Information Forensics and Security10.1109/TIFS.2023.323617818(1169-1181)Online publication date: 2023
https://doi.org/10.1109/TIFS.2023.3236178
Cini VWee H(2023)ABE for Circuits with poly (λ) -sized Keys from LWE2023 IEEE 64th Annual Symposium on Foundations of Computer Science (FOCS)10.1109/FOCS57990.2023.00032(435-446)Online publication date: 6-Nov-2023
https://doi.org/10.1109/FOCS57990.2023.00032
Hsieh YLin HLuo J(2023)Attribute-Based Encryption for Circuits of Unbounded Depth from Lattices2023 IEEE 64th Annual Symposium on Foundations of Computer Science (FOCS)10.1109/FOCS57990.2023.00031(415-434)Online publication date: 6-Nov-2023
https://doi.org/10.1109/FOCS57990.2023.00031
Chen LChen LLi Q(2023)Practical multi-party quantum homomorphic encryptionTheoretical Computer Science10.1016/j.tcs.2023.114067971(114067)Online publication date: Sep-2023
https://doi.org/10.1016/j.tcs.2023.114067
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents