TY - GEN
T1 - Refuting the Dream XOR Lemma via Ideal Obfuscation and Resettable MPC
AU - Badrinarayanan, Saikrishna
AU - Ishai, Yuval
AU - Khurana, Dakshita
AU - Sahai, Amit
AU - Wichs, Daniel
N1 - Publisher Copyright:
© Saikrishna Badrinarayanan, Yuval Ishai, Dakshita Khurana, Amit Sahai, and Daniel Wichs; licensed under Creative Commons License CC-BY 4.0
PY - 2022/7/1
Y1 - 2022/7/1
N2 - We provide counterexamples to the “dream” version of Yao's XOR Lemma. In particular, we put forward explicit candidates for hard predicates, such that the advantage of predicting the XOR of many independent copies does not decrease beyond some fixed negligible function, even as the number of copies gets arbitrarily large. We provide two such constructions: Our first construction is in the ideal obfuscation model (alternatively, assuming virtual black-box obfuscation for a concrete class of circuits). It develops a general framework that may be of broader interest, and allows us to embed an instance of a resettably-secure multiparty computation protocol into a one-way function. Along the way, we design the first resettably-secure multiparty computation protocol for general functionalities in the plain model with super-polynomial simulation, under standard assumptions. The second construction relies on public-coin differing-inputs obfuscation (PCdiO) along with a certain form of hash-function security called extended second-preimage resistance (ESPR). It starts with a previously known counterexample to the dream direct-product hardness amplification based on ESPR, and uses PCdiO to upgrade it into a counterexample for the XOR lemma. Prior to our work, even completely heuristic counterexamples of this type were not known.
AB - We provide counterexamples to the “dream” version of Yao's XOR Lemma. In particular, we put forward explicit candidates for hard predicates, such that the advantage of predicting the XOR of many independent copies does not decrease beyond some fixed negligible function, even as the number of copies gets arbitrarily large. We provide two such constructions: Our first construction is in the ideal obfuscation model (alternatively, assuming virtual black-box obfuscation for a concrete class of circuits). It develops a general framework that may be of broader interest, and allows us to embed an instance of a resettably-secure multiparty computation protocol into a one-way function. Along the way, we design the first resettably-secure multiparty computation protocol for general functionalities in the plain model with super-polynomial simulation, under standard assumptions. The second construction relies on public-coin differing-inputs obfuscation (PCdiO) along with a certain form of hash-function security called extended second-preimage resistance (ESPR). It starts with a previously known counterexample to the dream direct-product hardness amplification based on ESPR, and uses PCdiO to upgrade it into a counterexample for the XOR lemma. Prior to our work, even completely heuristic counterexamples of this type were not known.
KW - Obfuscation
KW - Resettable MPC
KW - XOR Lemma
UR - http://www.scopus.com/inward/record.url?scp=85134333261&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85134333261&partnerID=8YFLogxK
U2 - 10.4230/LIPIcs.ITC.2022.10
DO - 10.4230/LIPIcs.ITC.2022.10
M3 - Conference contribution
AN - SCOPUS:85134333261
T3 - Leibniz International Proceedings in Informatics, LIPIcs
BT - 3rd Conference on Information-Theoretic Cryptography, ITC 2022
A2 - Dachman-Soled, Dana
PB - Schloss Dagstuhl- Leibniz-Zentrum fur Informatik GmbH, Dagstuhl Publishing
T2 - 3rd Conference on Information-Theoretic Cryptography, ITC 2022
Y2 - 5 July 2022 through 7 July 2022
ER -