Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption

We present two fully secure functional encryption schemes: a fully secure attribute-based encryption (ABE) scheme and a fully secure (attribute-hiding) predicate encryption (PE) scheme for inner-product predicates. In both cases, previous constructions were only proven to be selectively secure. Both results use novel strategies to adapt the dual system encryption methodology introduced by Waters. We construct our ABE scheme in composite order bilinear groups, and prove its security from three static assumptions. Our ABE scheme supports arbitrary monotone access formulas. Our predicate encryption scheme is constructed via a new approach on bilinear pairings using the notion of dual pairing vector spaces proposed by Okamoto and Takashima.

[1]  Bernhard Neundörfer,et al.  1.1 Definition , 2007 .

[2]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[3]  Elaine Shi,et al.  Delegating Capabilities in Predicate Encryption Systems , 2008, ICALP.

[4]  Manuel Barbosa,et al.  Secure Cryptographic Workflow in the Standard Model , 2006, IACR Cryptol. ePrint Arch..

[5]  Nigel P. Smart,et al.  Escrow-free encryption supporting cryptographic workflow , 2006, International Journal of Information Security.

[6]  Dan Boneh,et al.  Evaluating 2-DNF Formulas on Ciphertexts , 2005, TCC.

[7]  Nigel P. Smart Access Control Using Pairing Based Cryptography , 2003, CT-RSA.

[8]  Jonathan Katz,et al.  Predicate Encryption Supporting Disjunctions, Polynomial Equations, and Inner Products , 2008, Journal of Cryptology.

[9]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[10]  Ran Canetti,et al.  A Forward-Secure Public-Key Encryption Scheme , 2003, Journal of Cryptology.

[11]  Brent Waters,et al.  Secure attribute-based systems , 2006, CCS '06.

[12]  Craig Gentry,et al.  Practical Identity-Based Encryption Without Random Oracles , 2006, EUROCRYPT.

[13]  Dan Boneh,et al.  Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..

[14]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[15]  Tatsuaki Okamoto,et al.  Homomorphic Encryption and Signatures from Vector Decomposition , 2008, Pairing.

[16]  Dan Boneh,et al.  Hierarchical Identity Based Encryption with Constant Size Ciphertext , 2005, EUROCRYPT.

[17]  Dan Boneh,et al.  Secure Identity Based Encryption Without Random Oracles , 2004, CRYPTO.

[18]  Brent Waters,et al.  Efficient Identity-Based Encryption Without Random Oracles , 2005, EUROCRYPT.

[19]  Clifford C. Cocks An Identity Based Encryption Scheme Based on Quadratic Residues , 2001, IMACC.

[20]  Refik Molva,et al.  Policy-based encryption schemes from bilinear pairings , 2006, ASIACCS '06.

[21]  Allison Bishop,et al.  New Techniques for Dual System Encryption and Fully Secure HIBE with Short Ciphertexts , 2010, IACR Cryptol. ePrint Arch..

[22]  Amit Sahai,et al.  Efficient Non-interactive Proof Systems for Bilinear Groups , 2008, EUROCRYPT.

[23]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[24]  Brent Waters,et al.  Dual System Encryption: Realizing Fully Secure IBE and HIBE under Simple Assumptions , 2009, IACR Cryptol. ePrint Arch..

[25]  Craig Gentry,et al.  Hierarchical ID-Based Cryptography , 2002, ASIACRYPT.

[26]  Rafail Ostrovsky,et al.  Attribute-based encryption with non-monotonic access structures , 2007, CCS '07.

[27]  Craig Gentry,et al.  Hierarchical Identity Based Encryption with Polynomially Many Levels , 2009, TCC.

[28]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[29]  Kent E. Seamons,et al.  Concealing complex policies with hidden credentials , 2004, CCS '04.

[30]  Ling Cheung,et al.  Provably secure ciphertext policy ABE , 2007, CCS '07.

[31]  Jonathan Katz,et al.  Improved Efficiency for CCA-Secure Cryptosystems Built Using Identity-Based Encryption , 2005, CT-RSA.

[32]  Ben Lynn,et al.  Toward Hierarchical Identity-Based Encryption , 2002, EUROCRYPT.

[33]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[34]  Jonathan Katz,et al.  Chosen-Ciphertext Security from Identity-Based Encryption , 2004, SIAM J. Comput..

[35]  Melissa Chase,et al.  Multi-authority Attribute Based Encryption , 2007, TCC.

[36]  Brent Waters,et al.  Anonymous Hierarchical Identity-Based Encryption (Without Random Oracles) , 2006, CRYPTO.

[37]  Amit Sahai,et al.  Bounded Ciphertext Policy Attribute Based Encryption , 2008, ICALP.

[38]  Tatsuaki Okamoto,et al.  Hierarchical Predicate Encryption for Inner-Products , 2009, ASIACRYPT.

[39]  Dan Suciu,et al.  Controlling Access to Published Data Using Cryptography , 2003, VLDB.

[40]  David Mandell Freeman,et al.  Converting Pairing-Based Cryptosystems from Composite-Order Groups to Prime-Order Groups , 2010, EUROCRYPT.

[41]  Dan Boneh,et al.  Generalized Identity Based and Broadcast Encryption Schemes , 2008, ASIACRYPT.

[42]  Brent Waters,et al.  Conjunctive, Subset, and Range Queries on Encrypted Data , 2007, TCC.