Private Puncturable PRFs from Standard Lattice Assumptions

نویسندگان

  • Dan Boneh
  • Sam Kim
  • Hart William Montgomery
چکیده

A puncturable pseudorandom function (PRF) has a master key k that enables one to evaluate the PRF at all points of the domain, and has a punctured key kx that enables one to evaluate the PRF at all points but one. The punctured key kx reveals no information about the value of the PRF at the punctured point x. Punctured PRFs play an important role in cryptography, especially in applications of indistinguishability obfuscation. However, in previous constructions, the punctured key kx completely reveals the punctured point x: given kx it is easy to determine x. A private puncturable PRF is one where kx reveals nothing about x. This concept was defined by Boneh, Lewi, and Wu, who showed the usefulness of private puncturing, and gave constructions based on multilinear maps. The question is whether private puncturing can be built from a standard (weaker) cryptographic assumption. We construct the first privately puncturable PRF from standard lattice assumptions, namely from the hardness of learning with errors (LWE) and 1 dimensional short integer solutions (1D-SIS), which have connections to worst-case hardness of general lattice problems. Our starting point is the (non-private) PRF of Brakerski and Vaikuntanathan. We introduce a number of new techniques to enhance this PRF, from which we obtain a privately puncturable PRF. In addition, we also study the simulation based definition of private constrained PRFs for general circuits, and show that the definition is not satisfiable.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Adaptively Secure Puncturable Pseudorandom Functions in the Standard Model

We study the adaptive security of constrained PRFs in the standard model. We initiate our exploration with puncturable PRFs. A puncturable PRF family is a special class of constrained PRFs, where the constrained key is associated with an element x′ in the input domain. The key allows evaluation at all points x 6= x′. We show how to build puncturable PRFs with adaptive security proofs in the sta...

متن کامل

Watermarking Cryptographic Functionalities from Standard Lattice Assumptions

A software watermarking scheme allows one to embed a “mark” into a program without significantly altering the behavior of the program. Moreover, it should be difficult to remove the watermark without destroying the functionality of the program. Recently, Cohen et al. (STOC 2016) and Boneh et al. (PKC 2017) showed how to watermark cryptographic functions such as PRFs using indistinguishability o...

متن کامل

Constraining Pseudorandom Functions Privately

In a constrained pseudorandom function (PRF), the master secret key can be used to derive constrained keys, where each constrained key k is constrained with respect to some Boolean circuit C. A constrained key k can be used to evaluate the PRF on all inputs x for which C(x) = 1. In almost all existing constrained PRF constructions, the constrained key k reveals its constraint C. In this paper w...

متن کامل

Distributed Pseudorandom Functions for General Access Structures in NP

Distributed pseudorandom functions (DPRFs) originally introduced by Naor, Pinkas and Reingold (EUROCRYPT ’99) are pseudorandom functions (PRFs), whose computation is distributed to multiple servers. Although by distributing the function computation, we avoid single points of failures, this distribution usually implies the need for multiple interactions with the parties (servers) involved in the...

متن کامل

Efficient Pseudorandom Functions via On-the-Fly Adaptation

Pseudorandom functions (PRFs) are one of the most fundamental building blocks in cryptography with numerous applications such as message authentication codes and private key encryption. In this work, we propose a new framework to construct PRFs with the overall goal to build efficient PRFs from standard assumptions with an almost tight proof of security. The main idea of our framework is to sta...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • IACR Cryptology ePrint Archive

دوره 2017  شماره 

صفحات  -

تاریخ انتشار 2017