Realizable Advanced Cryptography

In a free society, there is persistent tension between utility and privacy. Citizens have the basic right to keep their personal information private. However, sometimes keeping our data private could significantly reduce our ability to use this data to benefit ourselves or society. This tension is multiplied many times over in our modern data driven society, where data is utilized using remote algorithms.

State of the art research suggests that new advanced cryptographic primitives can mitigate this tension. These include computing on encrypted data via fully homomorphic encryption, fine grained access control to encrypted data via attribute based encryption, and most recently general purpose program obfuscation, which on paper can solve many of cryptography's long standing problems. However, these primitives are largely either too complicated or not sufficiently founded to be considered for real world applications.

The goal of project REACT is to address and remove the barriers that stand between advanced cryptographic primitives and reality. Past research experience showed that orders-of-magnitude improvement in efficiency and security requires foundational theoretical study. Progress in this direction should both allow for future realistic implementation of these primitives, which can bring us closer to a society where utility does not come at the expense of privacy, as well as contribute to basic cryptographic study by developing techniques and opening new avenues for future research.

The project has the following objectives: (i) Studying the computational complexity of underlying hardness assumptions, in order to have a better understanding of the level of security we can expect of proposed primitives. (ii) Constructing new cryptographic tools based on LWE. (iii) Constructing cryptographic graded encoding schemes and obfuscators.

Project REACT, during its course, made significant progress on the aforementioned objectives. Indeed, the project team was able to show new connections between cryptographic primitives and the hardness of lattice problems, as well as related problems concerning hardness of decoding of binary linear codes. The team put forth new construction of lattice based primitives, and discovered new connections between cryptography and quantum computing and showed new applications. We also managed to put forth a new approach to program obfuscation that is inspired by fully homomorphic encryption and LWE.

At the end of the project, the cryptographic community has new and improved theoretical tools to address the aforementioned tension between utility and privacy, with better understanding of the security features of the tools at hand.

During the course of the project, significant progress was made on our project objectives. This includes exploring and understanding the computational, algorithmic and cryptographic aspects of lattice based cryptography, designing new lattice based primitives and highlighting new aspects of the lattice infrastructure that enables new properties of lattice based primitives, and advancement towards new constructions of program obfuscators.

Our concrete achievements include:

- Better understanding of the applicability of lattice cryptography in the context of quantum computing and quantum protocols. Identifying this area as a major vector for progress towards a more complete understanding of advanced cryptography on the one hand, and opening new avenues in quantum computing on the other.

- Establishing the hardness of lattice problems, and related problems such as decoding random linear codes, in relation to well-studied quantum and classical computational problems.

- Novel methods for construction of lattice-based cryptographic primitives.
- Presenting new methods for program obfuscation that are drawing from ideas related to fully homomorphic encryption.

Our work was presented in major venues in the field of cryptography and theoretical computer science at large. Dissemination efforts include participating and organizing in conferences, workshops, seminars, and cross visits with collaborators around the world.

In conclusion of this action, we can report that our results substantiated the possibility of achieving advanced cryptographic capabilities for manipulating data in a way that is both useful and also allows to preserve privacy. We also established that privacy can actually be a tool within itself in order to obtain new functionality, for example in the quantum setting.

Not applicable (final period).