Skip to main content
Nubint
QUICK REVIEW

[Paper Review] The impossibility of obfuscation with a universal simulator

Henry Cohn, Shafi Goldwasser|arXiv (Cornell University)|Jan 1, 2014
Cryptography and Data Security15 references2 citations
TL;DR

This paper proves that indistinguishability obfuscation implies the impossibility of universally simulating obfuscated programs under the virtual black box model when functions have high pseudo-entropy. It shows that any obfuscator with a universal simulator can be broken by an adversary who learns a secret predicate from the obfuscation that the simulator cannot extract via black-box access, even with the adversary's code and oracle access to the function.

ABSTRACT

We show that indistinguishability obfuscation implies that all functions with sufficient “pseudoentropy” cannot be obfuscated under a virtual black box definition with a universal simulator. Let F = {fs} be a circuit family with super-polynomial pseudo-entropy, and suppose O is a candidate obfuscator with universal simulator S. We demonstrate the existence of an adversary A that, given the obfuscation O(fs), learns a predicate the simulator S cannot learn from the code of A and black-box access to fs. Furthermore, this is true in a strong sense: for any secret predicate P that is not learnable from black-box access to fs, there exists an adversary that givenO(fs) efficiently recovers P (s), whereas given oracle access to fs and given the code of the adversary, it is computationally hard to recover P (s). We obtain this result by exploiting a connection between obfuscation with a universal simulator and obfuscation with auxiliary inputs, and by showing new impossibility results for obfuscation with auxiliary inputs. ∗Microsoft Research, One Memorial Drive, Cambridge, MA 02142, cohn@microsoft.com †MIT and the Weizmann Institute of Science, shafi@theory.csail.mit.edu ‡Microsoft Research, One Memorial Drive, Cambridge, MA 02142, yael@microsoft.com

Motivation & Objective

  • To investigate the limitations of obfuscation with a universal simulator under the virtual black box model.
  • To analyze whether functions with high pseudo-entropy can be securely obfuscated when a universal simulator is required.
  • To establish that such obfuscation is impossible when the simulator cannot learn certain secret predicates that adversaries can extract from the obfuscation.
  • To connect obfuscation with universal simulators to the broader framework of obfuscation with auxiliary inputs, and derive new impossibility results.

Proposed method

  • Leveraged the connection between obfuscation with a universal simulator and obfuscation with auxiliary inputs to transfer impossibility results.
  • Defined a circuit family F = {fs} with super-polynomial pseudo-entropy to serve as a hard case for obfuscation.
  • Constructed an adversary A that, given O(fs), efficiently recovers a secret predicate P(s) that the universal simulator S cannot learn from black-box access to fs.
  • Demonstrated that even with access to the code of A and oracle access to fs, recovering P(s) remains computationally hard for the simulator.
  • Used the assumption of indistinguishability obfuscation to derive contradictions when universal simulation is assumed to be secure.
  • Proved that for any predicate P not learnable from black-box access to fs, there exists an adversary that can extract P(s) from O(fs), but the simulator cannot.

Experimental results

Research questions

  • RQ1Can a universal simulator securely simulate obfuscated programs for all functions with high pseudo-entropy under the virtual black box definition?
  • RQ2Is it possible to construct an obfuscator with a universal simulator that preserves security when the function has super-polynomial pseudo-entropy?
  • RQ3What are the implications of indistinguishability obfuscation for the existence of universal simulators in obfuscation schemes?
  • RQ4Can adversaries extract secret information from obfuscated programs that universal simulators cannot, even when given the adversary’s code and oracle access to the function?
  • RQ5What new impossibility results emerge when obfuscation with auxiliary inputs is considered in the context of universal simulation?

Key findings

  • Any obfuscator with a universal simulator cannot securely hide secret predicates from adversaries who receive the obfuscated program, even when the simulator has access to the adversary’s code and oracle access to the function.
  • For any function family with super-polynomial pseudo-entropy, there exists a predicate P that is computationally hard to learn from black-box access to the function, yet can be efficiently recovered from the obfuscated program.
  • The universal simulator S cannot learn the value P(s) even when given the code of the adversary A and oracle access to fs, demonstrating a fundamental asymmetry between adversary and simulator capabilities.
  • The impossibility result holds in a strong sense: the adversary’s success is efficient, while the simulator’s failure is computationally hard, under the assumption of indistinguishability obfuscation.
  • The connection between universal simulation and auxiliary-input obfuscation enables new impossibility results, showing that universal simulation is fundamentally incompatible with secure obfuscation for high-pseudo-entropy functions.
  • The paper establishes that indistinguishability obfuscation implies the impossibility of universal simulation for obfuscation under the virtual black box model when functions have sufficient pseudo-entropy.

Better researchstarts right now

From paper design to paper writing, dramatically reduce your research time.

No credit card · Free plan available

This review was created by AI and reviewed by human editors.