Lin and Tessaro (Eprint 2017/250) recently proposed indistinguishability obfuscation and functional encryption candidates and proved their security based on a standard assumption on bilinear maps and a non-standard assumption on ``Goldreich-like'' pseudorandom generators (PRG). In a nutshell, they require the existence of pseudo-random generators $G:Sigma^n o {0,1}^m$ for some $mathsf{poly}(n)$-size alphabet $Sigma$ where each output bit depends on at most two input alphabet symbols, and which achieve sufficiently large stretch. We show a polynomial-time attack against such generators. Our attack uses tools from the literature on two-source extractors (Chor and Goldreich, SICOMP 1988) and efficient refutation of 2-CSPs over large alphabets (Allen, O'Donnell and Witmer, FOCS 2015). Finally, we propose new ways to instantiate the Lin-Tessaro construction that do not immediately fall to our attacks. While we cannot say with any confidence that these modifications are secure, they certainly deserve further cryptanalysis.
展开▼
机译:Lin和Tessaro(Eprint 2017/250)最近提出了不可区分性混淆和功能加密候选方案,并基于双线性图上的标准假设和``类Goldreich''伪随机生成器(PRG)的非标准假设证明了其安全性。简而言之,它们要求存在伪随机生成器$ G: Sigma ^ n to {0,1 } ^ m $对于某些$ mathsf {poly}(n)$大小的字母$ Sigma $,其中每个输出位最多取决于两个输入字母符号,并且实现足够大的扩展。我们展示了针对此类生成器的多项式时间攻击。我们的攻击使用了文献中有关两源抽取器的工具(Chor和Goldreich,SICOMP 1988)以及对大字母的2-CSP的有效反驳(Allen,O'Donnell和Witmer,FOCS 2015)。最后,我们提出了实例化Lin-Tessaro构造的新方法,这些新方法不会立即受到我们的攻击。尽管我们不能肯定地说这些修改是安全的,但它们当然值得进一步的密码分析。
展开▼
