Multilinear Maps from Obfuscation

We provide constructions of multilinear groups equipped with natural hard problems from indistinguishability obfuscation, homomorphic encryption, and NIZKs. This complements known results on the constructions of indistinguishability obfuscators from multilinear maps in the reverse direction. We provide two distinct, but closely related constructions and show that multilinear analogues of the DDH assumption hold for them. Our first construction is symmetric and comes with a kappa-linear map e : G(kappa) -> G(T) for prime-order groups G and G(T). To establish the hardness of the kappa-linear DDH problem, we rely on the existence of a base group for which the (kappa - 1)-strong DDH assumption holds. Our second construction is for the asymmetric setting, where e : G(1) x ... x G(kappa) -> G(T) for a collection of kappa + 1 prime-order groups G(i) and G(T), and relies only on the standard DDH assumption in its base group. In both constructions the linearity kappa can be set to any arbitrary but a priori fixed polynomial value in the security parameter. We rely on a number of powerful tools in our constructions: (probabilistic) indistinguishability obfuscation, dual-mode NIZK proof systems (with perfect soundness, witness indistinguishability and zero knowledge), and additively homomorphic encryption for the group Z(N)(+). At a high level, we enable "bootstrapping" multilinear assumptions from their simpler counterparts in standard cryptographic groups, and show the equivalence of IO and multilinear maps under the existence of the aforementioned primitives.