The complexity of promise problems with applications to public-key cryptography
Information and Control
How to construct random functions
Journal of the ACM (JACM)
How to prove yourself: practical solutions to identification and signature problems
Proceedings on Advances in cryptology---CRYPTO '86
How to construct pseudorandom permutations from pseudorandom functions
SIAM Journal on Computing - Special issue on cryptography
Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
An introduction to computational learning theory
An introduction to computational learning theory
Software protection and simulation on oblivious RAMs
Journal of the ACM (JACM)
Perfectly one-way probabilistic hash functions (preliminary version)
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
The random oracle methodology, revisited (preliminary version)
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
A Pseudorandom Generator from any One-way Function
SIAM Journal on Computing
Complete characterization of security notions for probabilistic private-key encryption
STOC '00 Proceedings of the thirty-second annual ACM symposium on Theory of computing
A second step towards complexity-theoretic analogs of Rice's theorem
Theoretical Computer Science
Foundations of Cryptography: Basic Tools
Foundations of Cryptography: Basic Tools
Distributed Computing and Cryptography: Proceedings of the DIMACS Workshop
Distributed Computing and Cryptography: Proceedings of the DIMACS Workshop
SIAM Journal on Computing
A complete problem for statistical zero knowledge
Journal of the ACM (JACM)
Image Density is Complete for Non-Interactive-SZK (Extended Abstract)
ICALP '98 Proceedings of the 25th International Colloquium on Automata, Languages and Programming
Can Statistical Zero Knowledge Be Made Non-interactive? or On the Relationship of SZK and NISZK
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
On the (Im)possibility of Obfuscating Programs
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Algorithms for Black-Box Fields and their Application to Cryptography (Extended Abstract)
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Towards Realizing Random Oracles: Hash Functions That Hide All Partial Information
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Zero-Knowledge and Code Obfuscation
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Robustness and Security of Digital Watermarks
FC '98 Proceedings of the Second International Conference on Financial Cryptography
PKC '99 Proceedings of the Second International Workshop on Practice and Theory in Public Key Cryptography
Number-theoretic constructions of efficient pseudo-random functions
FOCS '97 Proceedings of the 38th Annual Symposium on Foundations of Computer Science
Non-Interactive CryptoComputing For NC1
FOCS '99 Proceedings of the 40th Annual Symposium on Foundations of Computer Science
Lower bounds on the efficiency of generic cryptographic constructions
FOCS '00 Proceedings of the 41st Annual Symposium on Foundations of Computer Science
How to Go Beyond the Black-Box Simulation Barrier
FOCS '01 Proceedings of the 42nd IEEE symposium on Foundations of Computer Science
Magic Functions: In Memoriam: Bernard M. Dwork 1923--1998
Journal of the ACM (JACM)
Foundations of Cryptography: Volume 2, Basic Applications
Foundations of Cryptography: Volume 2, Basic Applications
Lower bounds and the hardness of counting properties
Theoretical Computer Science
On obfuscating point functions
Proceedings of the thirty-seventh annual ACM symposium on Theory of computing
Correcting errors without leaking partial information
Proceedings of the thirty-seventh annual ACM symposium on Theory of computing
On the Impossibility of Obfuscation with Auxiliary Input
FOCS '05 Proceedings of the 46th Annual IEEE Symposium on Foundations of Computer Science
Obfuscated databases and group privacy
Proceedings of the 12th ACM conference on Computer and communications security
One-way functions are essential for complexity based cryptography
SFCS '89 Proceedings of the 30th Annual Symposium on Foundations of Computer Science
TCC'07 Proceedings of the 4th conference on Theory of cryptography
Obfuscation for cryptographic purposes
TCC'07 Proceedings of the 4th conference on Theory of cryptography
Securely obfuscating re-encryption
TCC'07 Proceedings of the 4th conference on Theory of cryptography
Weak leakage-resilient client-side deduplication of encrypted data in cloud storage
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
Non-black-box simulation from one-way functions and applications to resettable security
Proceedings of the forty-fifth annual ACM symposium on Theory of computing
Black-box obfuscation for d-CNFs
Proceedings of the 5th conference on Innovations in theoretical computer science
| Hi-index | 0.00 |
Informally, an obfuscator O is an (efficient, probabilistic) “compiler” that takes as input a program (or circuit) P and produces a new program O(P) that has the same functionality as P yet is “unintelligible” in some sense. Obfuscators, if they exist, would have a wide variety of cryptographic and complexity-theoretic applications, ranging from software protection to homomorphic encryption to complexity-theoretic analogues of Rice's theorem. Most of these applications are based on an interpretation of the “unintelligibility” condition in obfuscation as meaning that O(P) is a “virtual black box,” in the sense that anything one can efficiently compute given O(P), one could also efficiently compute given oracle access to P. In this work, we initiate a theoretical investigation of obfuscation. Our main result is that, even under very weak formalizations of the above intuition, obfuscation is impossible. We prove this by constructing a family of efficient programs P that are unobfuscatable in the sense that (a) given any efficient program P' that computes the same function as a program P ∈ p, the “source code” P can be efficiently reconstructed, yet (b) given oracle access to a (randomly selected) program P ∈ p, no efficient algorithm can reconstruct P (or even distinguish a certain bit in the code from random) except with negligible probability. We extend our impossibility result in a number of ways, including even obfuscators that (a) are not necessarily computable in polynomial time, (b) only approximately preserve the functionality, and (c) only need to work for very restricted models of computation (TC0). We also rule out several potential applications of obfuscators, by constructing “unobfuscatable” signature schemes, encryption schemes, and pseudorandom function families.