A software watermarking scheme enables one to embed a message into a program while preserving its input/output behavior. In addition, the embedded message cannot be removed without significantly changing the functionality of the watermarked program. Prior works in this direction mainly focus on watermarking pseudorandom functions (PRFs), which embeds a message into a PRF key. In this work, we revisit the security definition for watermarkable PRFs, and consider security against a more powerful adversary that can additionally query an evaluation oracle, which evaluates the PRF with the (watermarked) PRF keys. Surprisingly, this natural security requirement is overlooked in previous studies on watermarkable PRFs. To close the gap, we construct watermarkable PRFs that are secure with evaluation queries. The scheme can be constructed purely from general primitives, namely, public key encryption. This stands in sharp contrast to previous constructions of watermarkable PRFs, where algebraic assumptions like LWE or even heavy tools such as indistinguishability obfuscation are usually needed. Moreover, our construction achieves many desirable features, such as message embedding, public marking, and security with extraction queries, which essentially match existing constructions from standard algebraic assumptions. Besides, only a few cheap symmetric-key operations are needed to evaluate our watermarkable PRF, making it potentially practical.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Watermarking Pseudorandom Functions: Stronger Security from General Assumptions

  • Rupeng Yang,
  • Zuoxia Yu,
  • Willy Susilo

摘要

A software watermarking scheme enables one to embed a message into a program while preserving its input/output behavior. In addition, the embedded message cannot be removed without significantly changing the functionality of the watermarked program. Prior works in this direction mainly focus on watermarking pseudorandom functions (PRFs), which embeds a message into a PRF key. In this work, we revisit the security definition for watermarkable PRFs, and consider security against a more powerful adversary that can additionally query an evaluation oracle, which evaluates the PRF with the (watermarked) PRF keys. Surprisingly, this natural security requirement is overlooked in previous studies on watermarkable PRFs. To close the gap, we construct watermarkable PRFs that are secure with evaluation queries. The scheme can be constructed purely from general primitives, namely, public key encryption. This stands in sharp contrast to previous constructions of watermarkable PRFs, where algebraic assumptions like LWE or even heavy tools such as indistinguishability obfuscation are usually needed. Moreover, our construction achieves many desirable features, such as message embedding, public marking, and security with extraction queries, which essentially match existing constructions from standard algebraic assumptions. Besides, only a few cheap symmetric-key operations are needed to evaluate our watermarkable PRF, making it potentially practical.