Abstract

We provide constructions of multilinear groups equipped with natural hard problems from indistinguishability obfuscation, homomorphic encryption, and NIZKs. This complements known results on the constructions of indistinguishability obfuscators from multilinear maps in the reverse direction. We provide two distinct, but closely related constructions and show that multilinear analogues of the {text {DDH}} assumption hold for them. Our first construction is symmetric and comes with a kappa -linear map mathbf{e }: {{mathbb {G}}}^kappa longrightarrow {mathbb {G}}_T for prime-order groups {mathbb {G}} and {mathbb {G}}_T. To establish the hardness of the kappa -linear {text {DDH}} problem, we rely on the existence of a base group for which the kappa -strong {text {DDH}} assumption holds. Our second construction is for the asymmetric setting, where mathbf{e }: {mathbb {G}}_1 times cdots times {mathbb {G}}_{kappa } longrightarrow {mathbb {G}}_T for a collection of kappa +1 prime-order groups {mathbb {G}}_i and {mathbb {G}}_T, and relies only on the 1-strong {text {DDH}} assumption in its base group. In both constructions, the linearity kappa can be set to any arbitrary but a priori fixed polynomial value in the security parameter. We rely on a number of powerful tools in our constructions: probabilistic indistinguishability obfuscation, dual-mode NIZK proof systems (with perfect soundness, witness-indistinguishability, and zero knowledge), and additively homomorphic encryption for the group mathbb {Z}_N^{+}. At a high level, we enable “bootstrapping” multilinear assumptions from their simpler counterparts in standard cryptographic groups and show the equivalence of PIO and multilinear maps under the existence of the aforementioned primitives.

Highlights

  • Our main contribution is a construction of multilinear maps for groups of prime order equipped with natural hard problems, using indistinguishability obfuscation (IO) in combination with other tools, namely non-interactive zero-knowledge (NIZK) proofs, homomorphic encryption, and a base group G0 satisfying a mild cryptographic assumption

  • This complements known results in the reverse direction, showing that various forms of indistinguishability obfuscation can be constructed from multilinear maps [17,24,45]

  • We formally introduce what we mean by a multilinear group (MLG) scheme

Read more

Summary

Main Contribution

Our main contribution is a construction of multilinear maps for groups of prime order equipped with natural hard problems, using indistinguishability obfuscation (IO) in combination with other tools, namely NIZK proofs, homomorphic encryption, and a base group G0 satisfying a mild cryptographic assumption. Our other construction is for the asymmetric setting; that is, for multilinear maps e : G1 × · · · × Gκ −→ GT for a collection of κ groups Gi and GT all of prime order N It uses a base group G0 in which we require only that the 1-SDDH assumption holds. It is an important open problem arising from our work to weaken the requirements on, or remove altogether, these additional tools

General Approach
The Current State of Multilinear Maps Constructions
Related Work
Follow-Up Work
Relation to Conference Version of This Work
Notation
Homomorphic Public-Key Encryption
Obfuscators
Dual-Mode NIZK Proof Systems
Hard Membership Problems
Multilinear Groups with Non-Unique Encodings
The Construction
Validity and Equality
Group Operations
The Multilinear Map
Sampling and Extraction
Indistinguishability of Encodings
The Multilinear DDH Problem
Intractable Problems
The Symmetric Setting
The Asymmetric Setting
Proof of Theorem 1
Proof of Theorem 2
Proof of Theorem 3

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.