Constraint-Hiding Constrained PRFs for NC1 from LWE

Constraint-hiding constrained PRFs (CHCPRFs), initially studied by Boneh, Lewi and Wu [PKC 2017], are constrained PRFs where the constrained key hides the description of the constraint. Envisioned with powerful applications such as searchable encryption, private-detectable watermarking and symmetric deniable encryption, the only known candidates of CHCPRFs are based on indistinguishability obfuscation or multilinear maps with strong security properties. In this paper we construct CHCPRFs for all NC circuits from the Learning with Errors assumption. The construction draws heavily from the graph-induced multilinear maps by Gentry, Gorbunov and Halevi [TCC 2015], as well as the existing lattice-based PRFs. Our construction gives an instance of the GGH15 applications with a security reduction to LWE. We also show how to build from CHCPRFs reusable garbled circuits (RGC), or equivalently privatekey function-hiding functional encryptions with 1-key security. This provides a different approach of constructing RGC from that of Goldwasser et al. [STOC 2013]. ∗Supported by the NSF MACS project, NSF grants CNS1012798, CNS1012910, and ISF grant 1523/14. †Boston University, Tel Aviv University and the Check Point Institute for Information Security. [email protected] . ‡Boston University. [email protected]. Part of the research conducted while visiting Tel Aviv University and IST Austria.