Function-Hiding Inner Product Encryption is Practical

نویسندگان

  • Sam Kim
  • Kevin Lewi
  • Avradip Mandal
  • Hart William Montgomery
  • Arnab Roy
  • David J. Wu
چکیده

In a functional encryption scheme, secret keys are associated with functions and ciphertexts are associated with messages. Given a secret key for a function f and a ciphertext for a message x, a decryptor learns f(x) and nothing else about x. Inner product encryption is a special case of functional encryption where both secret keys and ciphertexts are associated with vectors. The combination of a secret key for a vector x and a ciphertext for a vector y reveal 〈x,y〉 and nothing more about y. An inner product encryption scheme is function-hiding if the keys and ciphertexts reveal no additional information about both x and y beyond their inner product. Recently, Bishop, Jain, and Kowalczyk (Asiacrypt 2015) and Datta, Dutta, and Mukhopadhyay (PKC 2016) showed how to construct function-hiding inner product encryption using asymmetric bilinear maps with security in the standard model. In this work, we reduce the parameter sizes and the run-time complexity of the Asiacrypt 2015 and the PKC 2016 constructions by more than a factor of 2 and 4, respectively. We achieve this efficiency by proving security in the generic group model. We then show how function-hiding inner product encryption directly yields single-key two-input functional encryption for general functions over a small message space, which greatly improves upon the parameter sizes of existing constructions from standard assumptions. We validate the practicality of our encryption scheme by implementing both function-hiding inner product encryption and single-key two-input functional encryption. For example, using our construction, encryption and decryption operations for vectors of length 50 complete in a tenth of a second in a standard desktop environment.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Function-Hiding Inner Product Encryption

We extend the reach of functional encryption schemes that are provably secure under simpleassumptions against unbounded collusion to include function-hiding inner product schemes.Our scheme is a private key functional encryption scheme, where ciphertexts correspond tovectors ~x, secret keys correspond to vectors ~y, and a decryptor learns 〈~x, ~y〉. Our schemeemploys asymmetr...

متن کامل

Multi-Input Functional Encryption for Inner Products: Function-Hiding Realizations and Constructions without Pairings

We present new constructions of multi-input functional encryption (MIFE) schemes for the inner-product functionality that improve the state of the art solution of Abdalla et al. (Eurocrypt 2017) in two main directions. First, we put forward a novel methodology to convert single-input functional encryption for inner products into multi-input schemes for the same functionality. Our transformation...

متن کامل

Decentralizing Policy-Hiding Attribute-Based Encryption

Attribute-based encryption (ABE) enables limiting access to encrypted data to users who possess certain attributes. Different aspects of ABE have been studied, such as the multi-authority setting (MA-ABE), and policy hiding, meaning the access policy is unknown to unauthorized parties, as in predicate encryption (PE). However, no practical scheme so far provided both properties, which are often...

متن کامل

Towards Unified, Achievable, Simulation Based Function and Data Privacy in Functional Encryption

As the area of Functional Encryption (FE) has grown in importance, the landscape of its security definitions has become increasingly cluttered. Currently prevalent definitions are largely restricted to data privacy, and are broadly categorized as indistinguishability (IND) style or simulation (SIM) style, where the former are known to be insufficient and the latter are known to be unachievable ...

متن کامل

Decentralized Multi-Client Functional Encryption for Inner Product

We consider a situation where multiple parties, owning data that have to be frequently updated, agree to share weighted sums of these data with some aggregator, but where they do not wish to reveal their individual data, and do not trust each other. We combine techniques from Private Stream Aggregation (PSA) and Functional Encryption (FE), to introduce a primitive we call Decentralized Multi-Cl...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • IACR Cryptology ePrint Archive

دوره 2016  شماره 

صفحات  -

تاریخ انتشار 2016