{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,25]],"date-time":"2026-01-25T00:13:41Z","timestamp":1769300021294,"version":"3.49.0"},"publisher-location":"Cham","reference-count":38,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319968803","type":"print"},{"value":"9783319968810","type":"electronic"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-319-96881-0_20","type":"book-chapter","created":{"date-parts":[[2018,7,23]],"date-time":"2018-07-23T19:54:39Z","timestamp":1532375679000},"page":"577-607","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":71,"title":["GGH15 Beyond Permutation Branching Programs: Proofs, Attacks, and Candidates"],"prefix":"10.1007","author":[{"given":"Yilei","family":"Chen","sequence":"first","affiliation":[]},{"given":"Vinod","family":"Vaikuntanathan","sequence":"additional","affiliation":[]},{"given":"Hoeteck","family":"Wee","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,7,24]]},"reference":[{"key":"20_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/3-540-48523-6_1","volume-title":"Automata, Languages and Programming","author":"M Ajtai","year":"1999","unstructured":"Ajtai, M.: Generating hard instances of the short basis problem. In: Wiedermann, J., van Emde Boas, P., Nielsen, M. (eds.) ICALP 1999. LNCS, vol. 1644, pp. 1\u20139. Springer, Heidelberg (1999). https:\/\/doi.org\/10.1007\/3-540-48523-6_1"},{"key":"20_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"659","DOI":"10.1007\/978-3-662-53008-5_23","volume-title":"Advances in Cryptology \u2013 CRYPTO 2016","author":"N Alamati","year":"2016","unstructured":"Alamati, N., Peikert, C.: Three\u2019s compromised too: circular insecurity for any cycle length from (ring-)LWE. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016, Part II. LNCS, vol. 9815, pp. 659\u2013680. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53008-5_23"},{"issue":"3","key":"20_CR3","doi-asserted-by":"publisher","first-page":"535","DOI":"10.1007\/s00224-010-9278-3","volume":"48","author":"J Alwen","year":"2011","unstructured":"Alwen, J., Peikert, C.: Generating shorter bases for hard random lattices. Theory Comput. Syst. 48(3), 535\u2013553 (2011)","journal-title":"Theory Comput. Syst."},{"key":"20_CR4","unstructured":"Apon, D., D\u00f6ttling, N., Garg, S., Mukherjee, P.: Cryptanalysis of indistinguishability obfuscations of circuits over GGH13. In: ICALP, volume 80 of LIPIcs, pp. 38:1\u201338:16. Schloss Dagstuhl - Leibniz-Zentrum fuer Informatik (2017)"},{"key":"20_CR5","doi-asserted-by":"crossref","unstructured":"Mix Barrington, D.A.: Bounded-width polynomial-size branching programs recognize exactly those languages in nc$$^1$$. In: Hartmanis, J. (ed.) STOC, pp. 1\u20135. ACM (1986)","DOI":"10.1145\/12130.12131"},{"key":"20_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"415","DOI":"10.1007\/978-3-319-56620-7_15","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2017","author":"D Boneh","year":"2017","unstructured":"Boneh, D., Kim, S., Montgomery, H.W.: Private puncturable PRFs from standard lattice assumptions. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017, Part I. LNCS, vol. 10210, pp. 415\u2013445. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-56620-7_15"},{"key":"20_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"410","DOI":"10.1007\/978-3-642-40041-4_23","volume-title":"Advances in Cryptology \u2013 CRYPTO 2013","author":"D Boneh","year":"2013","unstructured":"Boneh, D., Lewi, K., Montgomery, H.W., Raghunathan, A.: Key homomorphic PRFs and their applications. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part I. LNCS, vol. 8042, pp. 410\u2013428. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-40041-4_23"},{"issue":"1","key":"20_CR8","doi-asserted-by":"publisher","first-page":"71","DOI":"10.1090\/conm\/324\/05731","volume":"324","author":"D Boneh","year":"2003","unstructured":"Boneh, D., Silverberg, A.: Applications of multilinear forms to cryptography. Contemp. Math. 324(1), 71\u201390 (2003)","journal-title":"Contemp. Math."},{"key":"20_CR9","doi-asserted-by":"crossref","unstructured":"Brakerski, Z., Langlois, A., Peikert, C., Regev, O., Stehl\u00e9, D.: Classical hardness of learning with errors. In: Proceedings of the Forty-Fifth Annual ACM Symposium on Theory of Computing, pp. 575\u2013584. ACM (2013)","DOI":"10.1145\/2488608.2488680"},{"key":"20_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"416","DOI":"10.1007\/978-3-642-40084-1_24","volume-title":"Advances in Cryptology \u2013 CRYPTO 2013","author":"Z Brakerski","year":"2013","unstructured":"Brakerski, Z., Rothblum, G.N.: Obfuscating conjunctions. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part II. LNCS, vol. 8043, pp. 416\u2013434. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-40084-1_24"},{"key":"20_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"264","DOI":"10.1007\/978-3-319-70500-2_10","volume-title":"Theory of Cryptography","author":"Z Brakerski","year":"2017","unstructured":"Brakerski, Z., Tsabary, R., Vaikuntanathan, V., Wee, H.: Private constrained PRFs (and more) from LWE. In: Kalai, Y., Reyzin, L. (eds.) TCC 2017, Part I. LNCS, vol. 10677, pp. 264\u2013302. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-70500-2_10"},{"key":"20_CR12","doi-asserted-by":"crossref","unstructured":"Brakerski, Z., Vaikuntanathan, V., Wee, H., Wichs, D.: Obfuscating conjunctions under entropic ring LWE. In: ITCS, pp. 147\u2013156. ACM (2016)","DOI":"10.1145\/2840728.2840764"},{"key":"20_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"446","DOI":"10.1007\/978-3-319-56620-7_16","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2017","author":"R Canetti","year":"2017","unstructured":"Canetti, R., Chen, Y.: Constraint-hiding constrained PRFs for NC$$^1$$ from LWE. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017, Part I. LNCS, vol. 10210, pp. 446\u2013476. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-56620-7_16"},{"issue":"4","key":"20_CR14","doi-asserted-by":"publisher","first-page":"601","DOI":"10.1007\/s00145-011-9105-2","volume":"25","author":"D Cash","year":"2012","unstructured":"Cash, D., Hofheinz, D., Kiltz, E., Peikert, C.: Bonsai trees, or how to delegate a lattice basis. J. Cryptol. 25(4), 601\u2013639 (2012)","journal-title":"J. Cryptol."},{"key":"20_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"278","DOI":"10.1007\/978-3-319-56617-7_10","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2017","author":"Y Chen","year":"2017","unstructured":"Chen, Y., Gentry, C., Halevi, S.: Cryptanalyses of candidate branching program obfuscators. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017, Part III. LNCS, vol. 10212, pp. 278\u2013307. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-56617-7_10"},{"key":"20_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-662-46800-5_1","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2015","author":"JH Cheon","year":"2015","unstructured":"Cheon, J.H., Han, K., Lee, C., Ryu, H., Stehl\u00e9, D.: Cryptanalysis of the multilinear map over the integers. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015, Part I. LNCS, vol. 9056, pp. 3\u201312. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-46800-5_1"},{"key":"20_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"607","DOI":"10.1007\/978-3-662-53008-5_21","volume-title":"Advances in Cryptology \u2013 CRYPTO 2016","author":"J-S Coron","year":"2016","unstructured":"Coron, J.-S., Lee, M.S., Lepoint, T., Tibouchi, M.: Cryptanalysis of GGH15 multilinear maps. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016, Part II. LNCS, vol. 9815, pp. 607\u2013628. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53008-5_21"},{"key":"20_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"41","DOI":"10.1007\/978-3-662-54365-8_3","volume-title":"Public-Key Cryptography \u2013 PKC 2017","author":"J-S Coron","year":"2017","unstructured":"Coron, J.-S., Lee, M.S., Lepoint, T., Tibouchi, M.: Zeroizing attacks on indistinguishability obfuscation over CLT13. In: Fehr, S. (ed.) PKC 2017, Part I. LNCS, vol. 10174, pp. 41\u201358. Springer, Heidelberg (2017). https:\/\/doi.org\/10.1007\/978-3-662-54365-8_3"},{"key":"20_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"476","DOI":"10.1007\/978-3-642-40041-4_26","volume-title":"Advances in Cryptology \u2013 CRYPTO 2013","author":"J-S Coron","year":"2013","unstructured":"Coron, J.-S., Lepoint, T., Tibouchi, M.: Practical multilinear maps over the integers. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part I. LNCS, vol. 8042, pp. 476\u2013493. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-40041-4_26"},{"key":"20_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-38348-9_1","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2013","author":"S Garg","year":"2013","unstructured":"Garg, S., Gentry, C., Halevi, S.: Candidate multilinear maps from ideal lattices. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 1\u201317. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-38348-9_1"},{"key":"20_CR21","doi-asserted-by":"crossref","unstructured":"Garg, S., Gentry, C., Halevi, S., Raykova, M., Sahai, A., Waters, B.: Candidate indistinguishability obfuscation and functional encryption for all circuits. In: FOCS, pp. 40\u201349 (2013)","DOI":"10.1109\/FOCS.2013.13"},{"key":"20_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"241","DOI":"10.1007\/978-3-662-53644-5_10","volume-title":"Theory of Cryptography","author":"S Garg","year":"2016","unstructured":"Garg, S., Miles, E., Mukherjee, P., Sahai, A., Srinivasan, A., Zhandry, M.: Secure obfuscation in a weak multilinear map model. In: Hirt, M., Smith, A. (eds.) TCC 2016, Part B2. LNCS, vol. 9986, pp. 241\u2013268. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53644-5_10"},{"key":"20_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"498","DOI":"10.1007\/978-3-662-46497-7_20","volume-title":"Theory of Cryptography","author":"C Gentry","year":"2015","unstructured":"Gentry, C., Gorbunov, S., Halevi, S.: Graph-induced multilinear maps from lattices. In: Dodis, Y., Nielsen, J.B. (eds.) TCC 2015, Part II. LNCS, vol. 9015, pp. 498\u2013527. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-46497-7_20"},{"key":"20_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"426","DOI":"10.1007\/978-3-662-44371-2_24","volume-title":"Advances in Cryptology \u2013 CRYPTO 2014","author":"C Gentry","year":"2014","unstructured":"Gentry, C., Lewko, A.B., Waters, B.: Witness encryption from instance independent assumptions. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014, Part I. LNCS, vol. 8616, pp. 426\u2013443. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-662-44371-2_24"},{"key":"20_CR25","doi-asserted-by":"crossref","unstructured":"Gentry, C., Peikert, C., Vaikuntanathan V.: Trapdoors for hard lattices and new cryptographic constructions. In: STOC, pp. 197\u2013206 (2008)","DOI":"10.1145\/1374376.1374407"},{"key":"20_CR26","doi-asserted-by":"crossref","unstructured":"Goyal, R., Koppula, V., Waters, B.: Lockable obfuscation. In: FOCS, pp. 612\u2013621 (2017)","DOI":"10.1109\/FOCS.2017.62"},{"key":"20_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"528","DOI":"10.1007\/978-3-319-56614-6_18","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2017","author":"R Goyal","year":"2017","unstructured":"Goyal, R., Koppula, V., Waters, B.: Separating semantic and circular security for symmetric-key bit encryption from the learning with errors assumption. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017, Part II. LNCS, vol. 10211, pp. 528\u2013557. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-56614-6_18"},{"key":"20_CR28","doi-asserted-by":"crossref","unstructured":"Goyal, R., Koppula, V., Waters, B.: Collusion resistant traitor tracing from learning with errors. In: STOC (2018)","DOI":"10.1145\/3188745.3188844"},{"key":"20_CR29","doi-asserted-by":"crossref","unstructured":"Halevi, S., Halevi, T., Shoup, V., Stephens-Davidowitz, N.: Implementing BP-obfuscation using graph-induced encoding. In: ACM CCS, pp. 783\u2013798 (2017)","DOI":"10.1145\/3133956.3133976"},{"key":"20_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"681","DOI":"10.1007\/978-3-662-53008-5_24","volume-title":"Advances in Cryptology \u2013 CRYPTO 2016","author":"V Koppula","year":"2016","unstructured":"Koppula, V., Waters, B.: Circular security separations for arbitrary length cycles from LWE. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016, Part II. LNCS, vol. 9815, pp. 681\u2013700. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53008-5_24"},{"key":"20_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"700","DOI":"10.1007\/978-3-642-29011-4_41","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2012","author":"D Micciancio","year":"2012","unstructured":"Micciancio, D., Peikert, C.: Trapdoors for lattices: simpler, tighter, faster, smaller. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 700\u2013718. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-29011-4_41"},{"issue":"1","key":"20_CR32","doi-asserted-by":"publisher","first-page":"267","DOI":"10.1137\/S0097539705447360","volume":"37","author":"D Micciancio","year":"2007","unstructured":"Micciancio, D., Regev, O.: Worst-case to average-case reductions based on Gaussian measure. SIAM J. Comput. 37(1), 267\u2013302 (2007)","journal-title":"SIAM J. Comput."},{"key":"20_CR33","doi-asserted-by":"crossref","unstructured":"Peikert, C.: Public-key cryptosystems from the worst-case shortest vector problem: extended abstract. In: STOC, pp. 333\u2013342 (2009)","DOI":"10.1145\/1536414.1536461"},{"key":"20_CR34","doi-asserted-by":"crossref","unstructured":"Peikert, C., Regev, O., Stephens-Davidowitz, N.: Pseudorandomness of ring-LWE for any ring and modulus. In: STOC, pp. 461\u2013473. ACM (2017)","DOI":"10.1145\/3055399.3055489"},{"key":"20_CR35","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"145","DOI":"10.1007\/11681878_8","volume-title":"Theory of Cryptography","author":"C Peikert","year":"2006","unstructured":"Peikert, C., Rosen, A.: Efficient collision-resistant hashing from worst-case assumptions on cyclic lattices. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 145\u2013166. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/11681878_8"},{"key":"20_CR36","doi-asserted-by":"crossref","unstructured":"Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In: Gabow, H.N., Fagin, R. (eds.) Proceedings of the 37th Annual ACM Symposium on Theory of Computing, Baltimore, MD, USA, 22\u201324 May 2005, pp. 84\u201393. ACM (2005)","DOI":"10.1145\/1060590.1060603"},{"issue":"6","key":"20_CR37","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/1568318.1568324","volume":"56","author":"Oded Regev","year":"2009","unstructured":"Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. J. ACM 56(6), 34 (2009)","journal-title":"Journal of the ACM"},{"key":"20_CR38","doi-asserted-by":"crossref","unstructured":"Wichs, D., Zirdelis, G.: Obfuscating compute-and-compare programs under LWE. In: FOCS, pp. 600\u2013611 (2017)","DOI":"10.1109\/FOCS.2017.61"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 CRYPTO 2018"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-96881-0_20","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,9,3]],"date-time":"2023-09-03T22:33:05Z","timestamp":1693780385000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-96881-0_20"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783319968803","9783319968810"],"references-count":38,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-96881-0_20","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018]]},"assertion":[{"value":"24 July 2018","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"CRYPTO","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Annual International Cryptology Conference","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Santa Barbara, CA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"19 August 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23 August 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"38","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"crypto2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/crypto.iacr.org\/2018\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}