IACR News item: 24 October 2013
Shafi Goldwasser, Yael Tauman Kalai
ePrint ReportNamely, we show that for any candidate obfuscation O and for any function family F={f_s} with sufficient pseudo-entropy, there exists an (efficiently computable) auxiliary input aux, that demonstrates the insecurity of O. This is true in a strong sense: given O(f_s) and aux one can efficiently recover the seed s, whereas given aux and oracle access to f_s it is computationally hard to recover s.
A similar observation was pointed out in a recent work of Goldwasser et. al. (Crypto 2013), assuming *extractable* witness encryption. In this note we show that the extractability property of the witness encryption is not needed to get our negative result, and all that is needed is the existence of witness encryption, which in turn can be constructed from iO obfuscation.
Additional news items may be found on the IACR news page.