Activities per year
Abstract
Oblivious Pseudorandom Functions (OPRFs) are an elementary building block in cryptographic and privacy-preserving applications. While there are numerous pre-quantum secure OPRF constructions, it is unclear which of the proposed options for post-quantum secure constructions are practical for modern-day applications. In this work, we focus on isogeny group actions, as the associated low bandwidth leads to efficient constructions. We introduce OPUS, a novel Naor-Reingold-based OPRF from isogenies without oblivious transfer, and show efficient evaluations of the Naor-Reingold PRF using CSIDH and CSI-FiSh. Additionally, we analyze a previous proposal of a CSIDH-based OPRF and that the straightforward instantiation of the protocol leaks the server's private key. As a result, we propose mitigations to address those shortcomings, which require additional hardness assumptions. Our results report a very competitive protocol when combined with lattices for Oblivious Transfer.
Our evaluation shows that OPUS and the repaired, generic construction are competitive with other proposals in terms of runtime efficiency and communication size. More concretely, OPUS achieves almost two orders of magnitude less communication overhead compared to the next-best lattice-based OPRF at the cost of higher latency and higher computational cost, and the repaired construction. Finally, we demonstrate the efficiency of OPUS and the generic NR-OT in two use cases: first, we instantiate OPAQUE, a protocol for asymmetric authenticated key exchange. Compared to classical elliptic curve cryptography, which is considered insecure in the presence of efficient quantum computers, this results in less than 100 × longer computation on average and around 1000× more communication overhead. Second, we perform an unbalanced private set intersection and show that the communication overhead can be roughly the same when using isogenies or elliptic curves, at the cost of much higher runtime. Conversely, for sets of the size 210, we report a runtime around 200× slower than the elliptic curve PSI. This concretizes the overhead of performing PSI and using OPAQUE with isogenies for the first time.
Our evaluation shows that OPUS and the repaired, generic construction are competitive with other proposals in terms of runtime efficiency and communication size. More concretely, OPUS achieves almost two orders of magnitude less communication overhead compared to the next-best lattice-based OPRF at the cost of higher latency and higher computational cost, and the repaired construction. Finally, we demonstrate the efficiency of OPUS and the generic NR-OT in two use cases: first, we instantiate OPAQUE, a protocol for asymmetric authenticated key exchange. Compared to classical elliptic curve cryptography, which is considered insecure in the presence of efficient quantum computers, this results in less than 100 × longer computation on average and around 1000× more communication overhead. Second, we perform an unbalanced private set intersection and show that the communication overhead can be roughly the same when using isogenies or elliptic curves, at the cost of much higher runtime. Conversely, for sets of the size 210, we report a runtime around 200× slower than the elliptic curve PSI. This concretizes the overhead of performing PSI and using OPAQUE with isogenies for the first time.
Original language | English |
---|---|
Title of host publication | ASIA CCS '24: Proceedings of the 19th ACM Asia Conference on Computer and Communications Security |
Place of Publication | New York, NY |
Publisher | Association of Computing Machinery |
Pages | 575 - 588 |
Number of pages | 14 |
ISBN (Print) | 979-8-4007-0482-6 |
DOIs | |
Publication status | Published - 2024 |
Event | 19th ACM ASIA Conference on Computer and Communications Security: ASIACCS 2024 - Singapur, Singapore Duration: 1 Jul 2024 → 5 Jul 2024 Conference number: 19 https://asiaccs2024.sutd.edu.sg/ |
Conference
Conference | 19th ACM ASIA Conference on Computer and Communications Security |
---|---|
Abbreviated title | ASIACCS 2024 |
Country/Territory | Singapore |
City | Singapur |
Period | 1/07/24 → 5/07/24 |
Internet address |
Keywords
- OPRF
- Isogenies
Fields of Expertise
- Information, Communication & Computing
Fingerprint
Dive into the research topics of 'OPRFs from Isogenies: Design and Analysis'. Together they form a unique fingerprint.Activities
- 1 Talk at conference or symposium
-
OPRFs from Isogenies: Designs and Analysis
Lena Heimberger (Speaker)
3 Jul 2024Activity: Talk or presentation › Talk at conference or symposium › Science to science