Function-hiding inner product encryption is practical. (English) Zbl 1517.94115
Catalano, Dario (ed.) et al., Security and cryptography for networks. 11th international conference, SCN 2018, Amalfi, Italy, September 5–7, 2018. Proceedings. Cham: Springer. Lect. Notes Comput. Sci. 11035, 544-562 (2018).
Summary: In a functional encryption scheme, secret keys are associated with functions and ciphertexts are associated with messages. Given a secret key for a function \(f\), and a ciphertext for a message \(x\), a decryptor learns \(f(x)\) and nothing else about \(x\). Inner product encryption is a special case of functional encryption where both secret keys and ciphertext are associated with vectors. The combination of a secret key for a vector \(\mathfrak{x}\) and a ciphertext for a vector \(\mathfrak{y}\) reveal \(\langle{\mathfrak{x}},\mathfrak{y}\rangle\) and nothing more about \(\mathfrak{y}\). An inner product encryption scheme is function-hiding if the keys and ciphertexts reveal no additional information about both \(\mathfrak{x}\) and \(\mathfrak{y}\) beyond their inner product.
In the last few years, there has been a flurry of works on the construction of function-hiding inner product encryption, starting with the work of A. Bishop et al. [Lect. Notes Comput. Sci. 9452, 470–491 (2015; Zbl 1396.94061)] to the more recent work of J. Tomida et al. [ibid. 9866, 408–425 (2016; Zbl 1397.68064)]. In this work, we focus on the practical applications of this primitive. First, we show that the parameter sizes and the run-time complexity of the state-of-the-art construction can be further reduced by another factor of 2, though we compromise by proving security in the generic group model. We then show that function privacy enables a number of applications in biometric authentication, nearest-neighbor search on encrypted data, and single-key two-input functional encryption for functions over small message spaces. Finally, we evaluate the practicality of our encryption scheme by implementing our function-hiding inner product encryption scheme. Using our construction, encryption and decryption operations for vectors of length 50 complete in a tenth of a second in a standard desktop environment.
For the entire collection see [Zbl 1397.94004].
In the last few years, there has been a flurry of works on the construction of function-hiding inner product encryption, starting with the work of A. Bishop et al. [Lect. Notes Comput. Sci. 9452, 470–491 (2015; Zbl 1396.94061)] to the more recent work of J. Tomida et al. [ibid. 9866, 408–425 (2016; Zbl 1397.68064)]. In this work, we focus on the practical applications of this primitive. First, we show that the parameter sizes and the run-time complexity of the state-of-the-art construction can be further reduced by another factor of 2, though we compromise by proving security in the generic group model. We then show that function privacy enables a number of applications in biometric authentication, nearest-neighbor search on encrypted data, and single-key two-input functional encryption for functions over small message spaces. Finally, we evaluate the practicality of our encryption scheme by implementing our function-hiding inner product encryption scheme. Using our construction, encryption and decryption operations for vectors of length 50 complete in a tenth of a second in a standard desktop environment.
For the entire collection see [Zbl 1397.94004].
References:
| [1] | Abdalla, M.; Bourse, F.; De Caro, A.; Pointcheval, D.; Katz, J., Simple functional encryption schemes for inner products, Public-Key Cryptography - PKC 2015, 733-751, 2015, Heidelberg: Springer, Heidelberg · Zbl 1345.94028 · doi:10.1007/978-3-662-46447-2_33 |
| [2] | Abdalla, M., Raykova, M., Wee, H.: Multi-input inner-product functional encryption from pairings. Cryptology ePrint Archive, Report 2016/425 (2016). http://eprint.iacr.org/ |
| [3] | Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Order-preserving encryption for numeric data. In: ACM SIGMOD (2004) |
| [4] | Agrawal, S.; Agrawal, S.; Badrinarayanan, S.; Kumarasubramanian, A.; Prabhakaran, M.; Sahai, A.; Katz, J., On the practical security of inner product functional encryption, Public-Key Cryptography - PKC 2015, 777-798, 2015, Heidelberg: Springer, Heidelberg · Zbl 1345.94030 · doi:10.1007/978-3-662-46447-2_35 |
| [5] | Agrawal, S.; Gorbunov, S.; Vaikuntanathan, V.; Wee, H.; Canetti, R.; Garay, JA, Functional encryption: new perspectives and lower bounds, Advances in Cryptology - CRYPTO 2013, 500-518, 2013, Heidelberg: Springer, Heidelberg · Zbl 1311.94065 · doi:10.1007/978-3-642-40084-1_28 |
| [6] | Agrawal, S., Libert, B., Stehlé, D.: Fully secure functional encryption for inner products, from standard assumptions. IACR Cryptology ePrint Archive, 2015 (2015) |
| [7] | Akinyele, JA, Charm: a framework for rapidly prototyping cryptosystems, J. Cryptogr. Eng., 3, 2, 111-128, 2013 · doi:10.1007/s13389-013-0057-3 |
| [8] | Ananth, P.; Jain, A.; Gennaro, R.; Robshaw, M., Indistinguishability obfuscation from compact functional encryption, Advances in Cryptology - CRYPTO 2015, 308-326, 2015, Heidelberg: Springer, Heidelberg · Zbl 1336.94035 · doi:10.1007/978-3-662-47989-6_15 |
| [9] | Aranha, DF; Fuentes-Castañeda, L.; Knapp, E.; Menezes, A.; Rodríguez-Henríquez, F.; Abdalla, M.; Lange, T., Implementing pairings at the 192-bit security level, Pairing-Based Cryptography - Pairing 2012, 177-195, 2013, Heidelberg: Springer, Heidelberg · Zbl 1305.94033 · doi:10.1007/978-3-642-36334-4_11 |
| [10] | Bellare, M.; Boldyreva, A.; O’Neill, A.; Menezes, A., Deterministic and efficiently searchable encryption, Advances in Cryptology - CRYPTO 2007, 535-552, 2007, Heidelberg: Springer, Heidelberg · Zbl 1215.94032 · doi:10.1007/978-3-540-74143-5_30 |
| [11] | Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: IEEE S&P (2007) |
| [12] | Bishop, A.; Jain, A.; Kowalczyk, L.; Iwata, T.; Cheon, JH, Function-hiding inner product encryption, Advances in Cryptology - ASIACRYPT 2015, 470-491, 2015, Heidelberg: Springer, Heidelberg · Zbl 1396.94061 · doi:10.1007/978-3-662-48797-6_20 |
| [13] | Boldyreva, A.; Chenette, N.; Lee, Y.; O’Neill, A.; Joux, A., Order-preserving symmetric encryption, Advances in Cryptology - EUROCRYPT 2009, 224-241, 2009, Heidelberg: Springer, Heidelberg · Zbl 1239.94037 · doi:10.1007/978-3-642-01001-9_13 |
| [14] | Boldyreva, A.; Chenette, N.; O’Neill, A.; Rogaway, P., Order-preserving encryption revisited: improved security analysis and alternative solutions, Advances in Cryptology - CRYPTO 2011, 578-595, 2011, Heidelberg: Springer, Heidelberg · Zbl 1290.94045 · doi:10.1007/978-3-642-22792-9_33 |
| [15] | Boneh, D.; Boyen, X.; Goh, E-J; Cramer, R., Hierarchical identity based encryption with constant size ciphertext, Advances in Cryptology - EUROCRYPT 2005, 440-456, 2005, Heidelberg: Springer, Heidelberg · Zbl 1137.94340 · doi:10.1007/11426639_26 |
| [16] | Boneh, D.; Boyen, X.; Shacham, H.; Franklin, M., Short group signatures, Advances in Cryptology - CRYPTO 2004, 41-55, 2004, Heidelberg: Springer, Heidelberg · Zbl 1104.94044 · doi:10.1007/978-3-540-28628-8_3 |
| [17] | Boneh, D.; Franklin, MK; Kilian, J., Identity-based encryption from the weil pairing, Advances in Cryptology — CRYPTO 2001, 213-229, 2001, Heidelberg: Springer, Heidelberg · Zbl 1002.94023 · doi:10.1007/3-540-44647-8_13 |
| [18] | Boneh, D.; Lewi, K.; Raykova, M.; Sahai, A.; Zhandry, M.; Zimmerman, J.; Oswald, E.; Fischlin, M., Semantically secure order-revealing encryption: multi-input functional encryption without obfuscation, Advances in Cryptology - EUROCRYPT 2015, 563-594, 2015, Heidelberg: Springer, Heidelberg · Zbl 1375.94105 · doi:10.1007/978-3-662-46803-6_19 |
| [19] | Boneh, D.; Raghunathan, A.; Segev, G.; Canetti, R.; Garay, JA, Function-private identity-based encryption: hiding the function in functional encryption, Advances in Cryptology - CRYPTO 2013, 461-478, 2013, Heidelberg: Springer, Heidelberg · Zbl 1311.94071 · doi:10.1007/978-3-642-40084-1_26 |
| [20] | Boneh, D.; Raghunathan, A.; Segev, G.; Sako, K.; Sarkar, P., Function-private subspace-membership encryption and its applications, Advances in Cryptology - ASIACRYPT 2013, 255-275, 2013, Heidelberg: Springer, Heidelberg · Zbl 1327.94036 · doi:10.1007/978-3-642-42033-7_14 |
| [21] | Boneh, D.; Sahai, A.; Waters, B.; Ishai, Y., Functional encryption: definitions and challenges, Theory of Cryptography, 253-273, 2011, Heidelberg: Springer, Heidelberg · Zbl 1295.94027 · doi:10.1007/978-3-642-19571-6_16 |
| [22] | Brakerski, Z., Komargodski, I., Segev, G.: From single-input to multi-input functional encryption in the private-key setting. IACR Cryptology ePrint Archive, 2015 (2015) |
| [23] | Brakerski, Z.; Segev, G.; Dodis, Y.; Nielsen, JB, Function-private functional encryption in the private-key setting, Theory of Cryptography, 306-324, 2015, Heidelberg: Springer, Heidelberg · Zbl 1334.94065 · doi:10.1007/978-3-662-46497-7_12 |
| [24] | Chenette, N.; Lewi, K.; Weis, SA; Wu, DJ; Peyrin, T., Practical order-revealing encryption with limited leakage, Fast Software Encryption, 474-493, 2016, Heidelberg: Springer, Heidelberg · Zbl 1387.94074 · doi:10.1007/978-3-662-52993-5_24 |
| [25] | Cocks, C.; Honary, B., An identity based encryption scheme based on quadratic residues, Cryptography and Coding, 360-363, 2001, Heidelberg: Springer, Heidelberg · Zbl 0999.94532 · doi:10.1007/3-540-45325-3_32 |
| [26] | Costello, C.: Particularly friendly members of family trees. IACR Cryptology ePrint Archive, 2012 (2012) |
| [27] | Curtmola, R., Garay, J.A., Kamara, S., Ostrovsky, R.: Searchable symmetric encryption: improved definitions and efficient constructions. In: ACM CCS (2006) |
| [28] | Datta, P.; Dutta, R.; Mukhopadhyay, S.; Cheng, C-M; Chung, K-M; Persiano, G.; Yang, B-Y, Functional encryption for inner product with full function privacy, Public-Key Cryptography - PKC 2016, 164-195, 2016, Heidelberg: Springer, Heidelberg · Zbl 1388.94046 · doi:10.1007/978-3-662-49384-7_7 |
| [29] | Freeman, D.; Scott, M.; Teske, E., A taxonomy of pairing-friendly elliptic curves, J. Cryptol., 23, 2, 224-280, 2010 · Zbl 1181.94094 · doi:10.1007/s00145-009-9048-z |
| [30] | Garg, S., Gentry, C., Halevi, S., Raykova, M., Sahai, A., Waters, B.: Candidate indistinguishability obfuscation and functional encryption for all circuits. In: FOCS (2013) |
| [31] | Garg, S.; Gentry, C.; Halevi, S.; Zhandry, M.; Kushilevitz, E.; Malkin, T., Functional encryption without obfuscation, Theory of Cryptography, 480-511, 2016, Heidelberg: Springer, Heidelberg · Zbl 1382.94107 · doi:10.1007/978-3-662-49099-0_18 |
| [32] | Goh, E.: Secure indexes. IACR Cryptology ePrint Archive, 2003 (2003) |
| [33] | Goldwasser, S.; Nguyen, PQ; Oswald, E., Multi-input functional encryption, Advances in Cryptology - EUROCRYPT 2014, 578-602, 2014, Heidelberg: Springer, Heidelberg · Zbl 1327.94048 · doi:10.1007/978-3-642-55220-5_32 |
| [34] | Goldwasser, S., Kalai, Y.T., Popa, R.A., Vaikuntanathan, V., Zeldovich, N.: Reusable garbled circuits and succinct functional encryption. In: STOC (2013) |
| [35] | Gorbunov, S.; Vaikuntanathan, V.; Wee, H.; Safavi-Naini, R.; Canetti, R., Functional encryption with bounded collusions via multi-party computation, Advances in Cryptology - CRYPTO 2012, 162-179, 2012, Heidelberg: Springer, Heidelberg · Zbl 1296.94119 · doi:10.1007/978-3-642-32009-5_11 |
| [36] | Gorbunov, S., Vaikuntanathan, V., Wee, H.: Attribute-based encryption for circuits. In: STOC (2013) |
| [37] | Gorbunov, S.; Vaikuntanathan, V.; Wee, H.; Gennaro, R.; Robshaw, M., Predicate encryption for circuits from LWE, Advances in Cryptology - CRYPTO 2015, 503-523, 2015, Heidelberg: Springer, Heidelberg · Zbl 1369.94538 · doi:10.1007/978-3-662-48000-7_25 |
| [38] | Hart, W., Johansson, F., Pancratz, S.: FLINT: fast Library for Number Theory (2013). Version 2.4.0: http://flintlib.org |
| [39] | Joux, A.; Bosma, W., A one round protocol for tripartite Diffie-Hellman, Algorithmic Number Theory, 385-393, 2000, Heidelberg: Springer, Heidelberg · Zbl 1029.94026 · doi:10.1007/10722028_23 |
| [40] | Joye, M., Passelègue, A.: Practical trade-offs for multi-input functional encryption. IACR Cryptology ePrint Archive, 2016 (2016) |
| [41] | Katz, J.; Sahai, A.; Waters, B.; Smart, N., Predicate encryption supporting disjunctions, polynomial equations, and inner products, Advances in Cryptology - EUROCRYPT 2008, 146-162, 2008, Heidelberg: Springer, Heidelberg · Zbl 1149.94323 · doi:10.1007/978-3-540-78967-3_9 |
| [42] | Kim, S., Kim, J., Seo, J.H.: A new approach for practical function-private inner product encryption. IACR Cryptology ePrint Archive 2017:4 (2017) |
| [43] | Kim, S., Lewi, K., Mandal, A., Montgomery, H.W., Roy, A., Wu, D.J.: Function-hiding inner product encryption is practical. IACR Cryptology ePrint Archive 2016:440 (2016) |
| [44] | Kim, T.; Barbulescu, R.; Robshaw, M.; Katz, J., Extended tower number field sieve: a new complexity for the medium prime case, Advances in Cryptology - CRYPTO 2016, 543-571, 2016, Heidelberg: Springer, Heidelberg · Zbl 1384.94075 · doi:10.1007/978-3-662-53018-4_20 |
| [45] | Lee, K.; Lee, DH, Two-input functional encryption for inner products from bilinear maps, IEICE Trans., 101-A, 6, 915-928, 2018 · doi:10.1587/transfun.E101.A.915 |
| [46] | Lewi, K., Wu, D.J.: Order-revealing encryption: new constructions, applications, and lower bounds. In: ACM CCS (2016, to appear) |
| [47] | Lin, H., Vaikuntanathan, V.: Indistinguishability obfuscation from DDH-like assumptions on constant-degree graded encodings. In: FOCS, pp. 11-20 (2016) |
| [48] | Lynn, B.: The pairing-based cryptography library. Internet: crypto. stanford. edu/pbc/[Mar. 27, 2013] (2006) |
| [49] | Miller, VS, The weil pairing, and its efficient calculation, J. Cryptol., 17, 4, 235-261, 2004 · Zbl 1078.14043 · doi:10.1007/s00145-004-0315-8 |
| [50] | Nechaev, V., Complexity of a determinate algorithm for the discrete logarithm, Math. Notes, 55, 165-172, 1994 · Zbl 0831.11065 · doi:10.1007/BF02113297 |
| [51] | Nielsen, JB; Yung, M., Separating random oracle proofs from complexity theoretic proofs: the non-committing encryption case, Advances in Cryptology — CRYPTO 2002, 111-126, 2002, Heidelberg: Springer, Heidelberg · Zbl 1027.68601 · doi:10.1007/3-540-45708-9_8 |
| [52] | Okamoto, T.; Takashima, K.; Galbraith, SD; Paterson, KG, Homomorphic encryption and signatures from vector decomposition, Pairing-Based Cryptography - Pairing 2008, 57-74, 2008, Heidelberg: Springer, Heidelberg · Zbl 1186.94464 · doi:10.1007/978-3-540-85538-5_4 |
| [53] | Okamoto, T.; Takashima, K.; Matsui, M., Hierarchical predicate encryption for inner-products, Advances in Cryptology - ASIACRYPT 2009, 214-231, 2009, Heidelberg: Springer, Heidelberg · Zbl 1267.94089 · doi:10.1007/978-3-642-10366-7_13 |
| [54] | Okamoto, T.; Takashima, K.; Rabin, T., Fully secure functional encryption with general relations from the decisional linear assumption, Advances in Cryptology - CRYPTO 2010, 191-208, 2010, Heidelberg: Springer, Heidelberg · Zbl 1280.94086 · doi:10.1007/978-3-642-14623-7_11 |
| [55] | Okamoto, T.; Takashima, K.; Wang, X.; Sako, K., Fully secure unbounded inner-product and attribute-based encryption, Advances in Cryptology - ASIACRYPT 2012, 349-366, 2012, Heidelberg: Springer, Heidelberg · Zbl 1292.94122 · doi:10.1007/978-3-642-34961-4_22 |
| [56] | O’Neill, A.: Definitional issues in functional encryption. IACR Cryptology ePrint Archive, 2010 (2010) |
| [57] | Pandey, O.; Rouselakis, Y.; Pointcheval, D.; Johansson, T., Property preserving symmetric encryption, Advances in Cryptology - EUROCRYPT 2012, 375-391, 2012, Heidelberg: Springer, Heidelberg · Zbl 1297.94097 · doi:10.1007/978-3-642-29011-4_23 |
| [58] | Ramanna, S.C.: More efficient constructions for inner-product encryption. IACR Cryptology ePrint Archive, 2016 (2016) |
| [59] | Sahai, A., Seyalioglu, H.: Worry-free encryption: functional encryption with public keys. In: ACM CCS (2010) |
| [60] | Sahai, A.; Waters, B.; Cramer, R., Fuzzy identity-based encryption, Advances in Cryptology - EUROCRYPT 2005, 457-473, 2005, Heidelberg: Springer, Heidelberg · Zbl 1137.94355 · doi:10.1007/11426639_27 |
| [61] | Shanks, D.: Class number, a theory of factorization, and genera. In: Proceedings of Symposium in Pure Mathematics (1971) |
| [62] | Shen, E.; Shi, E.; Waters, B.; Reingold, O., Predicate privacy in encryption systems, Theory of Cryptography, 457-473, 2009, Heidelberg: Springer, Heidelberg · Zbl 1213.94133 · doi:10.1007/978-3-642-00457-5_27 |
| [63] | Shoup, V.; Fumy, W., Lower bounds for discrete logarithms and related problems, Advances in Cryptology — EUROCRYPT 97, 256-266, 1997, Heidelberg: Springer, Heidelberg · doi:10.1007/3-540-69053-0_18 |
| [64] | Song, D.X., Wagner, D., Perrig, A.: Practical techniques for searches on encrypted data. In: IEEE S&P (2000) |
| [65] | Tomida, J.; Abe, M.; Okamoto, T.; Bishop, M.; Nascimento, ACA, Efficient functional encryption for inner-product values with full-hiding security, Information Security, 408-425, 2016, Cham: Springer, Cham · Zbl 1397.68064 · doi:10.1007/978-3-319-45871-7_24 |
| [66] | Waters, B.; Gennaro, R.; Robshaw, M., A punctured programming approach to adaptively secure functional encryption, Advances in Cryptology - CRYPTO 2015, 678-697, 2015, Heidelberg: Springer, Heidelberg · Zbl 1351.94071 · doi:10.1007/978-3-662-48000-7_33 |
This reference list is based on information provided by the publisher or from digital mathematics libraries. Its items are heuristically matched to zbMATH identifiers and may contain data conversion errors. In some cases that data have been complemented/enhanced by data from zbMATH Open. This attempts to reflect the references listed in the original paper as accurately as possible without claiming completeness or a perfect matching.
