Multi-input Functional Encryption in the Private-Key Setting: Stronger Security from Weaker Assumptions

We construct a general-purpose multi-input functional encryption scheme in the private-key setting. Namely, we construct a scheme where a functional key corresponding to a function f enables a user holding encryptions of $$x_1, \ldots , x_t$$x1,',xt to compute $$fx_1, \ldots , x_t$$fx1,',xt but nothing else. This is achieved starting from any general-purpose private-key single-input scheme without any additional assumptions, and is proven to be adaptively secure for any constant number of inputs t. Moreover, it can be extended to a super-constant number of inputs assuming that the underlying single-input scheme is sub-exponentially secure. Instantiating our construction with existing single-input schemes, we obtain multi-input schemes that are based on a variety of assumptions such as indistinguishability obfuscation, multilinear maps, learning with errors, and even one-way functions, offering various trade-offs between security and efficiency. Previous and concurrent constructions of multi-input functional encryption schemes either rely on stronger assumptions and provided weaker security guarantees Goldwasser et al. [EUROCRYPT '14], and Ananth and Jain [CRYPTO '15], or relied on multilinear maps and could be proven secure only in an idealized generic model Boneh et al. [EUROCRYPT '15]. In comparison, we present a general transformation that simultaneously relies on weaker assumptions and guarantees stronger security.

[1]  Brent Waters,et al.  How to use indistinguishability obfuscation: deniable encryption, and more , 2014, IACR Cryptol. ePrint Arch..

[2]  Brent Waters,et al.  A Punctured Programming Approach to Adaptively Secure Functional Encryption , 2015, CRYPTO.

[3]  Brent Waters,et al.  Constrained Pseudorandom Functions and Their Applications , 2013, ASIACRYPT.

[4]  Ilan Komargodski,et al.  Functional Encryption for Randomized Functionalities in the Private-Key Setting from Minimal Assumptions , 2015, TCC.

[5]  Adam O'Neill,et al.  Definitional Issues in Functional Encryption , 2010, IACR Cryptol. ePrint Arch..

[6]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[7]  Vincenzo Iovino,et al.  Mergeable Functional Encryption , 2017, ProvSec.

[8]  Mark Zhandry,et al.  Semantically Secure Order-Revealing Encryption: Multi-input Functional Encryption Without Obfuscation , 2015, EUROCRYPT.

[9]  Amit Sahai,et al.  On the (im)possibility of obfuscating programs , 2012, JACM.

[10]  Yael Tauman Kalai,et al.  Reusable garbled circuits and succinct functional encryption , 2013, STOC '13.

[11]  Abhishek Jain,et al.  Indistinguishability Obfuscation from Compact Functional Encryption , 2015, CRYPTO.

[12]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[13]  Gil Segev,et al.  Limits on the Power of Indistinguishability Obfuscation and Functional Encryption , 2015, FOCS.

[14]  Vinod Vaikuntanathan,et al.  Functional Encryption: New Perspectives and Lower Bounds , 2013, IACR Cryptol. ePrint Arch..

[15]  Vinod Vaikuntanathan,et al.  From Selective to Adaptive Security in Functional Encryption , 2015, CRYPTO.

[16]  Moni Naor,et al.  One-Way Functions and (Im)Perfect Obfuscation , 2014, 2014 IEEE 55th Annual Symposium on Foundations of Computer Science.

[17]  Vinod Vaikuntanathan,et al.  Functional Encryption with Bounded Collusions via Multi-party Computation , 2012, CRYPTO.

[18]  Dan Boneh,et al.  Function-Private Identity-Based Encryption: Hiding the Function in Functional Encryption , 2013, CRYPTO.

[19]  Zvika Brakerski,et al.  Function-Private Functional Encryption in the Private-Key Setting , 2015, TCC.

[20]  Clifford C. Cocks An Identity Based Encryption Scheme Based on Quadratic Residues , 2001, IMACC.

[21]  Craig Gentry,et al.  Functional Encryption Without Obfuscation , 2016, TCC.

[22]  Amit Sahai,et al.  Multi-Input Functional Encryption , 2014, IACR Cryptol. ePrint Arch..

[23]  Shafi Goldwasser,et al.  Functional Signatures and Pseudorandom Functions , 2014, Public Key Cryptography.

[24]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[25]  Mihir Bellare,et al.  Semantically-Secure Functional Encryption: Possibility Results, Impossibility Results and the Quest for a General Definition , 2013, CANS.

[26]  Amit Sahai,et al.  Function Private Functional Encryption and Property Preserving Encryption : New Definitions and Positive Results , 2013, IACR Cryptol. ePrint Arch..

[27]  Amit Sahai,et al.  Achieving Compactness Generically: Indistinguishability Obfuscation from Non-Compact Functional Encryption , 2015, IACR Cryptol. ePrint Arch..

[28]  Aggelos Kiayias,et al.  Delegatable pseudorandom functions and applications , 2013, IACR Cryptol. ePrint Arch..

[29]  Nir Bitansky,et al.  Indistinguishability Obfuscation from Functional Encryption , 2015, 2015 IEEE 56th Annual Symposium on Foundations of Computer Science.

[30]  Kai-Min Chung,et al.  On Extractability Obfuscation , 2014, IACR Cryptol. ePrint Arch..

[31]  Mark Zhandry,et al.  Differing-Inputs Obfuscation and Applications , 2013, IACR Cryptol. ePrint Arch..

[32]  Brent Waters,et al.  Candidate Indistinguishability Obfuscation and Functional Encryption for all Circuits , 2013, 2013 IEEE 54th Annual Symposium on Foundations of Computer Science.

[33]  Brent Waters,et al.  Functional Encryption: Definitions and Challenges , 2011, TCC.

[34]  Elaine Shi,et al.  Predicate Privacy in Encryption Systems , 2009, IACR Cryptol. ePrint Arch..