Obfuscation, Leakage and UCE

This paper addresses the fundamental question of whether or not different, exciting primitives now being considered actually exist. We show that we, unfortunately, cannot have them all. We provide results of the form ¬A∨¬B, meaning one of the primitives A,B cannot exist. (But we don’t know which.) Specifically, we show that: (1) VGBO (Virtual Grey Box Obfuscation) for all circuits, which has been conjectured to be achieved by candidate constructions, cannot coexist with Canetti’s 1997 AI-DHI (auxiliary input DH inversion) assumption, which has been used to achieve many goals including point-function obfuscation (2) iO (indistinguishability obfuscation) for all circuits cannot co-exist with KM-LR-SE (key-message leakage-resilient symmetric encryption) (3) iO cannot co-exist with hash functions that are UCE secure for computationally unpredictable split sources. 1 Department of Computer Science & Engineering, University of California San Diego, 9500 Gilman Drive, La Jolla, California 92093, USA. Email: [email protected]. URL: http://cseweb.ucsd.edu/~mihir/. Supported in part by NSF grants CNS-1116800, CNS-1228890 and CNS-1526801. This work was done in part while the author was visiting the Simons Institute for the Theory of Computing, supported by the Simons Foundation and by the DIMACS/Simons Collaboration in Cryptography through NSF grant CNS-1523467. 2 Department of Computer Science & Engineering, University of California San Diego, 9500 Gilman Drive, La Jolla, California 92093, USA. Email: [email protected]. Supported in part by NSF grants CNS-1116800 and CNS-1228890. 3 Department of Computer Science, University of California Santa Barbara, Santa Barbara, California 93106, USA. Email: [email protected]. URL: http://www.cs.ucsb.edu/~tessaro/. Supported in part by NSF grant CNS-1423566. This work was done in part while the author was visiting the Simons Institute for the Theory of Computing, supported by the Simons Foundation and by the DIMACS/Simons Collaboration in Cryptography through NSF grant CNS-1523467.