[Resource Topic] 2023/232: Crypto Dark Matter on the Torus: Oblivious PRFs from shallow PRFs and FHE

Welcome to the resource topic for 2023/232

Title:
Crypto Dark Matter on the Torus: Oblivious PRFs from shallow PRFs and FHE

Authors: Martin R. Albrecht, Alex Davidson, Amit Deo, Daniel Gardham

Abstract:

Partially Oblivious Pseudorandom Functions (POPRFs) are 2-party protocols that allow a client to learn pseudorandom function (PRF) evaluations on inputs of its choice from a server. The client submits two inputs, one public and one private. The security properties ensure that the server cannot learn the private input and the client cannot learn more than one evaluation per POPRF query. POPRFs have many applications including password-based key exchange and privacy-preserving authentication mechanisms. However, most constructions are based on classical assumptions and those with post-quantum security suffer from large efficiency drawbacks.

In this work, we construct a novel POPRF from lattice assumptions and the “Crypto Dark Matter” PRF candidate (TCC’18) in the random oracle model. At a conceptual level, our scheme exploits the alignment of this family of PRF candidates, relying on mixed modulus computations, and programmable bootstrapping in the “3rd gen” torus-fully homomorphic encryption scheme (TFHE). We show that our construction achieves malicious client security based on circuit-private FHE, and client privacy from the semantic security of the FHE scheme. We further explore a heuristic approach to extend our scheme to support verifiability based on the difficulty of computing cheating circuits in low depth. This would yield a verifiable (P)OPRF. We provide a proof-of-concept implementation and benchmarks of our construction using the “Concrete” TFHE software library. For the core online OPRF functionality, client operations take only a few milliseconds, while server evaluation takes less than 3 seconds.

ePrint: https://eprint.iacr.org/2023/232

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .