Security analysis of indistinguishable obfuscation for internet of medical things applications

Abstract As a powerful cryptographic primitive, indistinguishable obfuscation has been widely used to protect data privacy on the Internet of Medical Things (IoMT) systems. Basically, the cryptographic technique protects data privacy using a function to obfuscate medical applications to perform outputs computationally indistinguishable. The state-of-the-art obfuscation technique (GGH13) utilizes a variant of the multilinear map to enhance security. However, in such schemes, it can be observed that noise lies in each element of the matrix, which means the matrix is a full rank matrix with a probability of almost 1 and results that it is unable to establish the relationship between the matrix determinant and rank. In this paper, we propose an attack to break such obfuscator. Specifically, we use approximate eigenvalues to remove the influence of noise on the matrix eigenvalues and build a specific relationship between the determinant and matrix rank. Our analysis shows the structural weakness of the state-of-the-art indistinguishable obfuscation mechanism, and we further discuss the future direction to resolve such privacy issues for IoMT applications.