TY - GEN
T1 - Succinct Garbling Schemes from Functional Encryption Through a Local Simulation Paradigm
AU - Ananth, Prabhanjan
AU - Lombardi, Alex
N1 - Publisher Copyright:
© 2018, International Association for Cryptologic Research.
PY - 2018
Y1 - 2018
N2 - We study a simulation paradigm, referred to as local simulation, in garbling schemes. This paradigm captures simulation proof strategies in which the simulator consists of many local simulators that generate different blocks of the garbled circuit. A useful property of such a simulation strategy is that only a few of these local simulators depend on the input, whereas the rest of the local simulators only depend on the circuit. We formalize this notion by defining locally simulatable garbling schemes. By suitably realizing this notion, we give a new construction of succinct garbling schemes for Turing machines assuming the polynomial hardness of compact functional encryption and standard assumptions (such as either CDH or LWE). Prior constructions of succinct garbling schemes either assumed sub-exponential hardness of compact functional encryption or were designed only for small-space Turing machines. We also show that a variant of locally simulatable garbling schemes can be used to generically obtain adaptively secure garbling schemes for circuits. All prior constructions of adaptively secure garbling that use somewhere equivocal encryption can be seen as instantiations of our construction.
AB - We study a simulation paradigm, referred to as local simulation, in garbling schemes. This paradigm captures simulation proof strategies in which the simulator consists of many local simulators that generate different blocks of the garbled circuit. A useful property of such a simulation strategy is that only a few of these local simulators depend on the input, whereas the rest of the local simulators only depend on the circuit. We formalize this notion by defining locally simulatable garbling schemes. By suitably realizing this notion, we give a new construction of succinct garbling schemes for Turing machines assuming the polynomial hardness of compact functional encryption and standard assumptions (such as either CDH or LWE). Prior constructions of succinct garbling schemes either assumed sub-exponential hardness of compact functional encryption or were designed only for small-space Turing machines. We also show that a variant of locally simulatable garbling schemes can be used to generically obtain adaptively secure garbling schemes for circuits. All prior constructions of adaptively secure garbling that use somewhere equivocal encryption can be seen as instantiations of our construction.
UR - http://www.scopus.com/inward/record.url?scp=85071666719&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85071666719&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-03810-6_17
DO - 10.1007/978-3-030-03810-6_17
M3 - Conference contribution
AN - SCOPUS:85071666719
SN - 9783030038090
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 455
EP - 472
BT - Theory of Cryptography - 16th International Conference, TCC 2018, Proceedings
A2 - Beimel, Amos
A2 - Dziembowski, Stefan
PB - Springer Science and Business Media Deutschland GmbH
T2 - 16th International Conference on Theory of Cryptography, TCC 2018
Y2 - 11 November 2018 through 14 November 2018
ER -