A long-sought “holy grail” in cryptography is poised to change the way we protect sensitive information.
Today’s standard encryption schemes take an all-or-nothing approach. Without the secret key, your data is inaccessible once they are scrambled.
This has enabled secure e-mail communication, online transactions and digital signatures to flourish. This allows sensitive personal information, such as tax records and medical records, to be transmitted more securely over the internet. However, if someone has the secret key to access the data, then all data becomes vulnerable.
Imagine if you could give specific access to your data to specific people. Without having to unlock all the data, anyone could gain the information they want (the information you need). Bank details, credit card numbers, account passwords – all would remain hidden. This could allow Netflix to recommend shows without your entire viewing history. Google could sort your e-mails without knowing what’s in them. And medical researchers could analyze data to identify risk factors for a disease without accessing any individual’s health information.
These and other cryptographic wonders are now possible with the master tool known as indistinguishability obstruction.
“It’s a new tool – a very powerful tool,” says cryptographer Huijia (Rachel) Lin of the University of Washington in Seattle who In 2020, he demonstrated the construction of the tool with his colleagues. “Once you have this superstrong power, then a lot of the other tasks are either special cases of it, or you can easily use this to realize [those tasks].”
Vinod Vaikuntanathan is a computer scientist at MIT and has previously worked with Lin on prior research. He compares indistinguishability obfuscation (or iO) to a grand theory of physics that would unify gravity and quantum mechanics. “iO gives you a way to do a grand unification of cryptography in the sense that you can explain much of what cryptography does in a very simple way.”
Standout research
Indistinguishability obsfuscation refers to a type of program obfuscation that hides the inner workings of a program and not just the data or message. Although it was first proposed in 1976 In a paper that laid the foundation for modern cryptographyIt was not easy to implement program obfuscation. People believed it was impossible for years.
And in 2001, researchers showed that complete program obfuscation — called black-box obfuscation, in which input and output data are known but nothing else about a program can be discovered — is impossible. Yet indistinguishability obfuscation, proposed at the same time and shown to be incredibly powerful, doesn’t demand that EverythingThe details of a program are kept secret. It focuses on two programs that have the same function. If the inner workings of those two programs can be hidden enough that the two can’t be distinguished from each other, indistinguishability obfuscation has been achieved. iO allows the delegation of data to specific people by hiding the key in the program.
Yet, every proposal to make iO work was rejected. Researchers couldn’t figure out how to keep it safe from an adversary’s attacks. Lin says the approaches being used didn’t appeal to her. Researchers were leaning on what appeared to be “good enough” ways of getting at the problem that weren’t backed by rigorous mathematical proofs.
Lin decided to simplify the problem so she could understand how each component worked together. She wanted to approach the problem like a clock, with gears and nuts and bolts, instead of tangled like “a bowl of spaghetti.”
Lin, Amit Sahai from UCLA and Aayush jain, a Ph.D. candidate at UCLA at that time, showed that iO can be achieved through this strategy. The team demonstrated that it would be secure using standard assumptions in this field, reaffirming the hope for the tool.
“Of course, [Huijia] is brilliant,” Vaikuntanathan says, adding that her persistence is what really sets her apart. “It takes some guts to continue with an approach when essentially all the rest of the world thinks that it is not going to work.”
Backstory
Lin says she didn’t grow up with computers or fall in love with computer programming at an early age. She was interested in physics as a student and wanted to excel at all things. She started with computer science in college; a class in cryptography as a Ph.D. student at Cornell University “was really mind-opening,” she says. Her introduction to what are now called “cryptography” Zero-knowledge ProvesIn her memory, stands out.
Zero-knowledge proof is when a person can convince another person that they know something without having to reveal the secret or details. For example, let’s say you knew that a number is the product of two prime numbers. You can convince someone this fact is true, but you don’t have to reveal the primes. Lin wondered how Lin could prove such a task possible.
Many of these paradoxes seem impossible in cryptography, but they are possible. Indistinguishability obfuscation is yet another example – and Lin works on others, including secure multiparty computation, which allows a computer task to run across multiple people’s data without any person having to reveal their data to anyone in the group, or to a third party.
“I’m very attracted to these magical concepts,” Lin says. “The fun of it is to make this concept come to realization.”
Real-world implementation of indistinguishability obfuscation remains far away. But Vaikuntanathan says it’s not unusual for first constructions of what will become important approaches to be impractical at first. “Wait for a decade,” he says.
Do you wish to nominate someone to the next SN 10 List? Please send your name, affiliation, and a few sentences about yourself and your work to sn10@sciencenews.org.
