Obfuscating conjunctions

Abstract

We show how to securely obfuscate the class of conjunction functions (functions like f(x1,...,xn) = x1 ∧ ¬x4 ∧ ¬x6 ∧⋯∧ xn-2). Given any function in the class, we produce an obfuscated program which preserves the input-output functionality of the given function, but reveals nothing else. Our construction is based on multilinear maps, and can be instantiated using the recent candidates proposed by Garg, Gentry and Halevi (EUROCRYPT 2013) and by Coron, Lepoint and Tibouchi (CRYPTO 2013). We show that the construction is secure when the conjunction is drawn from a distribution, under mild assumptions on the distribution. Security follows from multilinear entropic variants of the Diffie-Hellman assumption. We conjecture that our construction is secure for any conjunction, regardless of the distribution from which it is drawn. We offer supporting evidence for this conjecture, proving that our obfuscator is secure for any conjunction against generic adversaries. © 2013 International Association for Cryptologic Research.