Indistinguishability Obfuscation (iO) — the Holy Grail of Cryptography
Plus a Foray into Theoretical Cryptography
In this week’s episode of the ZK Podcast, Tarun and I spoke with Huijia (Rachel) Lin about indistinguishability obfuscation (iO). Rachel is a professor at the University of Washington’s Paul G. Allen School of Computer Science and Engineering. She has co-authored breakthrough work on iO that built a theoretically secure iO construction from well-founded assumptions — something that had not been achieved before.
This was the first time we covered iO on the show, and like any new topic I get to explore, it will take me some time to fully grasp. I’m tempted to summarize what iO is here, but honestly, Rachel explains it far better than I ever could. Still, there’s something about iO that feels oddly familiar. It’s a distinct primitive with unique properties, yet it shares many parallels with ZK — and even more with FHE. Some of the proposed ZK and FHE products and use cases seem to have properties that would be easier to achieve with a usable iO system. The catch is that iO remains firmly in the theoretical stage of development and lags behind those two technologies by several years, if not decades.
We went beyond iO in the conversation as well, discussing a more meta point of how theoretical cryptography is conceived, tested, and strengthened over time by building on proven assumptions and earlier work. Here’s a snippet from our episode transcript where she beautifully explains the value and volatility of cryptographic assumptions.
To see the full transcript, it can be found here
Key takeaways from Episode
iO remains a theoretical construct; Tarun compared it’s current stage to where ZK was in the 2000s (or even earlier).
Initial iO constructions relied on lattice-based candidates. These specific candidates didn’t succeed, but recent advances in lattices have reopened promising directions.
While FHE and iO can sound like they’re addressing the same problem, their properties are pretty different. FHE keeps inputs, outputs, and computation encrypted end-to-end. iO, by contrast, hides the program’s logic, while inputs and outputs may remain visible. This is more similar to functional encryption.
When theoretical cryptography systems are built on well-founded assumptions, techniques and primitives already proven strong in other domains, confidence in these systems is gained. In this case, Rachel’s breakthrough work in 2021 showed that the concept of iO is not just a magical idea, but is something that could eventually be trusted.
Rachel is a gifted teacher, able to move seamlessly between my beginner-level questions and Tarun’s advanced ones!
After we wrapped, I texted Tarun: “Wow, that was so fun, I’d love to have more conversations like this one!” He replied: “There aren’t enough geniuses in the world :P Rachel is definitely a genius — she could win a big prize, imo.”
Be sure to check out episode 375: the full episode page is here, or you can follow the thread for commentary.
Talk soon,
Anna
ECOSYSTEM ANNOUNCEMENT
ZK Hack just kicked off season 3 of the ZK Whiteboard Sessions. ZK Whiteboard Sessions is an educational video series focused on the building blocks of ZK.
Module 1 has guest Jean-Philippe (JP) Aumasson and host Nicolas Mohnblatt exploring how to build hash functions! Watch on the ZK Podcast Youtube Channel (and subscribe) or over on the individual ZK Whiteboard module site!
Expect a new video every two weeks. Modules will be released here https://zkhack.dev/whiteboard/#season3