Communication Complexity of Conditional Disclosure of Secrets and Attribute-Based Encryption

We initiate a systematic treatment of the communication complexity of conditional disclosure of secrets (CDS), where two parties want to disclose a secret to a third party if and only if their respective inputs satisfy some predicate. We present a general upper bound and the first non-trivial lower bounds for conditional disclosure of secrets. Moreover, we achieve tight lower bounds for many interesting setting of parameters for CDS with linear reconstruction, the latter being a requirement in the application to attribute-based encryption. In particular, our lower bounds explain the trade-off between ciphertext and secret key sizes of several existing attribute-based encryption schemes based on the dual system methodology.

[1]  Vinod M. Prabhakaran,et al.  On the Communication Complexity of Secure Computation , 2013, IACR Cryptol. ePrint Arch..

[2]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[3]  Moni Naor,et al.  A minimal model for secure computation (extended abstract) , 1994, STOC '94.

[4]  Brent Waters,et al.  Building efficient fully collusion-resilient traitor tracing and revocation schemes , 2010, CCS '10.

[5]  Andrew C. Yao,et al.  Lower bounds by probabilistic arguments , 1983, 24th Annual Symposium on Foundations of Computer Science (sfcs 1983).

[6]  Hoeteck Wee,et al.  Improved Dual System ABE in Prime-Order Groups via Predicate Encodings , 2015, EUROCRYPT.

[7]  Bala Kalyanasundaram,et al.  The Probabilistic Communication Complexity of Set Intersection , 1992, SIAM J. Discret. Math..

[8]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[9]  Amos Beimel,et al.  Secret-Sharing Schemes: A Survey , 2011, IWCC.

[10]  Farid M. Ablayev,et al.  Lower Bounds for One-Way Probabilistic Communication Complexity and Their Application to Space Complexity , 1996, Theor. Comput. Sci..

[11]  Yuval Ishai,et al.  On the Cryptographic Complexity of the Worst Functions , 2014, TCC.

[12]  Alexander A. Razborov,et al.  On the Distributional Complexity of Disjointness , 1992, Theor. Comput. Sci..

[13]  Clifford C. Cocks An Identity Based Encryption Scheme Based on Quadratic Residues , 2001, IMACC.

[14]  Allison Bishop,et al.  New Proof Methods for Attribute-Based Encryption: Achieving Full Security through Selective Techniques , 2012, CRYPTO.

[15]  Yuval Ishai,et al.  Protecting data privacy in private information retrieval schemes , 1998, STOC '98.

[16]  Ben Lynn,et al.  Toward Hierarchical Identity-Based Encryption , 2002, EUROCRYPT.

[17]  Oded Goldreich,et al.  Unbiased Bits from Sources of Weak Randomness and Probabilistic Communication Complexity , 1988, SIAM J. Comput..

[18]  Noam Nisan,et al.  On Randomized One-round Communication Complexity , 1995, STOC '95.

[19]  Allison Bishop,et al.  Tools for Simulating Features of Composite Order Bilinear Groups in the Prime Order Setting , 2012, EUROCRYPT.

[20]  Allison Bishop,et al.  Decentralizing Attribute-Based Encryption , 2011, IACR Cryptol. ePrint Arch..

[21]  Vinod Vaikuntanathan,et al.  From Statistical Zero Knowledge to Secret Sharing , 2015, IACR Cryptol. ePrint Arch..

[22]  Allison Bishop,et al.  Unbounded HIBE and Attribute-Based Encryption , 2011, IACR Cryptol. ePrint Arch..

[23]  Rafail Ostrovsky,et al.  Communication Complexity in Algebraic Two-Party Protocols , 2008, CRYPTO.

[24]  Ashwin Nayak,et al.  Optimal lower bounds for quantum automata and random access codes , 1999, 40th Annual Symposium on Foundations of Computer Science (Cat. No.99CB37039).

[25]  Moni Naor,et al.  A Minimal Model for Secure Computation , 2002 .

[26]  Allison Bishop,et al.  Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption , 2010, EUROCRYPT.

[27]  Mitsuru Ito,et al.  Secret sharing scheme realizing general access structure , 1989 .

[28]  A. Razborov Communication Complexity , 2011 .

[29]  Tatsuaki Okamoto,et al.  Fully Secure Functional Encryption with General Relations from the Decisional Linear Assumption , 2010, IACR Cryptol. ePrint Arch..

[30]  Yuval Ishai,et al.  Partial Garbling Schemes and Their Applications , 2014, ICALP.

[31]  Allison Bishop,et al.  New Techniques for Dual System Encryption and Fully Secure HIBE with Short Ciphertexts , 2010, IACR Cryptol. ePrint Arch..

[32]  Andrew Chi-Chih Yao,et al.  Some complexity questions related to distributive computing(Preliminary Report) , 1979, STOC.

[33]  Nuttapong Attrapadung,et al.  Dual System Encryption via Doubly Selective Security: Framework, Fully-secure Functional Encryption for Regular Languages, and More , 2014, IACR Cryptol. ePrint Arch..

[34]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[35]  Hoeteck Wee,et al.  Dual System Encryption via Predicate Encodings , 2014, TCC.

[36]  Adi Shamir,et al.  Factoring Numbers in O(log n) Arithmetic Steps , 1979, Inf. Process. Lett..

[37]  Allison Bishop,et al.  Bilinear Entropy Expansion from the Decisional Linear Assumption , 2015, CRYPTO.

[38]  Ilan Newman,et al.  Public vs. private coin flips in one round communication games (extended abstract) , 1996, STOC '96.

[39]  Yuval Ishai,et al.  On the power of nonlinear secret-sharing , 2001, Proceedings 16th Annual IEEE Conference on Computational Complexity.

[40]  Dalit Naor,et al.  Broadcast Encryption , 1993, Encyclopedia of Multimedia.

[41]  Eyal Kushilevitz,et al.  A zero-one law for Boolean privacy , 1989, STOC '89.

[42]  Avi Wigderson,et al.  On span programs , 1993, [1993] Proceedings of the Eigth Annual Structure in Complexity Theory Conference.

[43]  Ziv Bar-Yossef,et al.  Information theory methods in communication complexity , 2002, Proceedings 17th IEEE Annual Conference on Computational Complexity.

[44]  Jonathan Katz,et al.  Predicate Encryption Supporting Disjunctions, Polynomial Equations, and Inner Products , 2008, Journal of Cryptology.

[45]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[46]  Vinod Vaikuntanathan,et al.  Secret Sharing and Statistical Zero Knowledge , 2015, ASIACRYPT.

[47]  Craig Gentry,et al.  Hierarchical ID-Based Cryptography , 2002, ASIACRYPT.

[48]  Toniann Pitassi,et al.  The Hardness of Being Private , 2012, 2012 IEEE 27th Conference on Computational Complexity.

[49]  Hoeteck Wee,et al.  Fully, (Almost) Tightly Secure IBE and Dual System Groups , 2013, CRYPTO.

[50]  Brent Waters,et al.  Dual System Encryption: Realizing Fully Secure IBE and HIBE under Simple Assumptions , 2009, IACR Cryptol. ePrint Arch..