Generic Conversions from CPA to CCA secure Functional Encryption

In 2004, Canetti-Halevi-Katz and later Boneh-Katz showed generic CCA-secure PKE constructions from a CPA-secure IBE. Goyal et al. in 2006 further extended the aforementioned idea implicitly to provide a specific CCA-secure KP-ABE with policies represented by monotone access trees. Later, Yamada et al. in 2011 generalized the CPA to CCA conversion to all those ABE, where the policies are represented by either monotone access trees (MAT) or monotone span programs (MSP), but not the others like sets of minimal sets. Moreover, the underlying CPA-secure constructions must satisfy one of the two features called key-delegation and verifiability. Along with ABE, many other different encryptions schemes, such as inner-product, hidden vector, spatial encryption schemes etc. can be studied under an unified framework, called functional encryption (FE), as introduced by Boneh-Sahai-Waters in 2011. The generic conversions, due to Yamada et al., can not be applied to all these functional encryption schemes. On the other hand, to the best of our knowledge, there is no known CCA-secure construction beyond ABE over MSP and MAT. This paper provides different ways of obtaining CCA-secure functional encryptions of almost all categories. In particular, we provide a generic conversion from a CPA-secure functional encryption into a CCA-secure functional encryption provided the underlying CPA-secure encryption scheme has either restricted delegation or verifiability feature. We observe that almost all functional encryption schemes have this feature. The KP-FE schemes of Waters (proposed in 2012) and Attrapadung (proposed in 2014) for regular languages do not possess the usual delegation property. However, they can be converted into corresponding CCA-secure schemes as they satisfy the restricted delegation.

[1]  Allison Bishop,et al.  Revocation Systems with Very Small Private Keys , 2010, 2010 IEEE Symposium on Security and Privacy.

[2]  Jonathan Katz,et al.  Chosen-Ciphertext Security from Identity-Based Encryption , 2006 .

[3]  Rafail Ostrovsky,et al.  Attribute-based encryption with non-monotonic access structures , 2007, CCS '07.

[4]  Brent Waters,et al.  Attribute-Based Encryption for Circuits from Multilinear Maps , 2012, CRYPTO.

[5]  Zhenfu Cao,et al.  Spatial Encryption under Simpler Assumption , 2009, ProvSec.

[6]  Brent Waters,et al.  Functional Encryption: Definitions and Challenges , 2011, TCC.

[7]  Cheng Chen,et al.  Fully Secure Doubly-Spatial Encryption under Simple Assumptions , 2012, ProvSec.

[8]  電子情報通信学会 IEICE transactions on fundamentals of electronics, communications and computer sciences , 1992 .

[9]  Hiroshi Doi,et al.  A Fully Secure Spatial Encryption Scheme , 2011, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[10]  Tatsuaki Okamoto,et al.  Achieving short ciphertexts or short secret-keys for adaptively secure general inner-product encryption , 2015, Des. Codes Cryptogr..

[11]  Jonathan Katz,et al.  Improved Efficiency for CCA-Secure Cryptosystems Built Using Identity-Based Encryption , 2005, CT-RSA.

[12]  Brent Waters,et al.  Conjunctive, Subset, and Range Queries on Encrypted Data , 2007, TCC.

[13]  Tatsuaki Okamoto,et al.  Fully Secure Functional Encryption with General Relations from the Decisional Linear Assumption , 2010, IACR Cryptol. ePrint Arch..

[14]  Nuttapong Attrapadung,et al.  Expressive Key-Policy Attribute-Based Encryption with Constant-Size Ciphertexts , 2011, Public Key Cryptography.

[15]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[16]  Dan Boneh,et al.  Generalized Identity Based and Broadcast Encryption Schemes , 2008, ASIACRYPT.

[17]  Clifford C. Cocks An Identity Based Encryption Scheme Based on Quadratic Residues , 2001, IMACC.

[18]  Hoeteck Wee,et al.  Doubly spatial encryption from DBDH , 2014, Theor. Comput. Sci..

[19]  Vinod Vaikuntanathan,et al.  Attribute-based encryption for circuits , 2013, STOC '13.

[20]  Tatsuaki Okamoto,et al.  Secure Integration of Asymmetric and Symmetric Encryption Schemes , 1999, Journal of Cryptology.

[21]  Jonathan Katz,et al.  Predicate Encryption Supporting Disjunctions, Polynomial Equations, and Inner Products , 2008, Journal of Cryptology.

[22]  Brent Waters,et al.  Functional Encryption for Regular Languages , 2012, CRYPTO.

[23]  Nuttapong Attrapadung,et al.  Dual System Encryption via Doubly Selective Security: Framework, Fully-secure Functional Encryption for Regular Languages, and More , 2014, IACR Cryptol. ePrint Arch..

[24]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[25]  Jonathan Katz,et al.  Chosen-Ciphertext Security from Identity-Based Encryption , 2004, SIAM J. Comput..

[26]  Michael Hamburg,et al.  Spatial Encryption , 2011, IACR Cryptol. ePrint Arch..

[27]  Nuttapong Attrapadung,et al.  Fully Secure and Succinct Attribute Based Encryption for Circuits from Multi-linear Maps , 2014, IACR Cryptol. ePrint Arch..

[28]  Amit Sahai,et al.  Bounded Ciphertext Policy Attribute Based Encryption , 2008, ICALP.

[29]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[30]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[31]  Nuttapong Attrapadung,et al.  Functional Encryption for Inner Product: Achieving Constant-Size Ciphertexts with Adaptive Security or Support for Negation , 2010, Public Key Cryptography.

[32]  Goichiro Hanaoka,et al.  Generic Constructions for Chosen-Ciphertext Secure Attribute Based Encryption , 2011, Public Key Cryptography.

[33]  Vincenzo Iovino,et al.  Hidden-Vector Encryption with Groups of Prime Order , 2008, Pairing.

[34]  Tatsuaki Okamoto,et al.  Hierarchical Predicate Encryption for Inner-Products , 2009, ASIACRYPT.

[35]  Tatsuaki Okamoto,et al.  Fully Secure Unbounded Inner-Product and Attribute-Based Encryption , 2012, ASIACRYPT.

[36]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[37]  Allison Bishop,et al.  Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption , 2010, EUROCRYPT.

[38]  Elaine Shi,et al.  Delegating Capabilities in Predicate Encryption Systems , 2008, ICALP.

[39]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.