International Association for Cryptologic Research

International Association
for Cryptologic Research


Counterexamples to New Circular Security Assumptions Underlying iO

Sam Hopkins , UC Berkeley
Aayush Jain , UCLA
Huijia Lin , UW
DOI: 10.1007/978-3-030-84245-1_23 (login may be required)
Search ePrint
Search Google
Conference: CRYPTO 2021
Abstract: We study several strengthening of classical circular security assumptions which were recently introduced in four new lattice-based constructions of indistinguishability obfuscation: Brakerski-D\"ottling-Garg-Malavolta (Eurocrypt 2020), Gay-Pass (STOC 2021), Brakerski-D\"ottling-Garg-Malavolta (Eprint 2020) and Wee-Wichs (Eprint 2020). We provide explicit counterexamples to the {\em $2$-circular shielded randomness leakage} assumption w.r.t.\ the Gentry-Sahai-Waters fully homomorphic encryption scheme proposed by Gay-Pass, and the {\em homomorphic pseudorandom LWE samples} conjecture proposed by Wee-Wichs. Our work suggests a separation between classical circular security of the kind underlying un-levelled fully-homomorphic encryption from the strengthened versions underlying recent iO constructions, showing that they are not (yet) on the same footing. Our counterexamples exploit the flexibility to choose specific implementations of circuits, which is explicitly allowed in the Gay-Pass assumption and unspecified in the Wee-Wichs assumption. Their indistinguishabilty obfuscation schemes are still unbroken. Our work shows that the assumptions, at least, need refinement. In particular, generic leakage-resilient circular security assumptions are delicate, and their security is sensitive to the specific structure of the leakages involved.
Video from CRYPTO 2021
  title={Counterexamples to New Circular Security Assumptions Underlying iO},
  author={Sam Hopkins and Aayush Jain and Huijia Lin},