ABSTRACT
Functional encryption is a nice tool that bridges the gap between usability and privacy when providing access to huge databases: while being encrypted, aggregated information is available with a fine-tuned control by the owner of the database who can specify the functions he allows users to compute on the data. Unfortunately, giving access to several functions might leak too much information on the database, since once the decryption capability is given for a specific function, this is for an unlimited number of ciphertexts. In the particular case of the inner-product, if rows or records of the database contain l fields on which one got l independent inner-product capabilities, one can extract all the individual fields. On the other hand, the major applications that make use of inner-products, such as machine-learning, need to compute many of them.
This paper deals with a practical trade-off in order to allow the computation of various inner-products, while still protecting the confidentiality of the data. To this aim, we introduce an oblivious helper, that will be required for any decryption-query, in order to control the leakage of information on the database. It should indeed learn just enough information to guarantee the confidentiality of the database, but without endangering the privacy of the queries.
- M. Abdalla, F. Bourse, A. De Caro, and D. Pointcheval. Simple functional encryption schemes for inner products. In J. Katz, editor, PKC 2015, volume 9020 of LNCS, pages 733--751. Springer, Heidelberg, Mar. / Apr. 2015.Google Scholar
- M. Abdalla, F. Bourse, A. De Caro, and D. Pointcheval. Better security for functional encryption for inner product evaluations. Cryptology ePrint Archive, Report 2016/011, 2016. http://eprint.iacr.org/2016/011.Google Scholar
- S. Agrawal, B. Libert, and D. Stehle. Fully secure functional encryption for inner products, from standard assumptions. Cryptology ePrint Archive, Report 2015/608, 2015. http://eprint.iacr.org/2015/608.Google Scholar
- S. Agrawal, B. Libert, and D. Stehlé. Fully secure functional encryption for inner products, from standard assumptions. In M. Robshaw and J. Katz, editors, CRYPTO 2016, Part III, volume 9816 of LNCS, pages 333--362. Springer, Heidelberg, Aug. 2016.Google Scholar
- S. Bayer and J. Groth. Efficient zero-knowledge argument for correctness of a shuffle. In D. Pointcheval and T. Johansson, editors, EUROCRYPT 2012, volume 7237 of LNCS, pages 263--280. Springer, Heidelberg, Apr. 2012. Google ScholarDigital Library
- M. Bellare, A. Desai, D. Pointcheval, and P. Rogaway. Relations among notions of security for public-key encryption schemes. In H. Krawczyk, editor, CRYPTO'98, volume 1462 of LNCS, pages 26--45. Springer, Heidelberg, Aug. 1998. Google ScholarDigital Library
- M. Bellare and P. Rogaway. Random oracles are practical: A paradigm for designing efficient protocols. In V. Ashby, editor, ACM CCS 93, pages 62--73. ACM Press, Nov. 1993. Google ScholarDigital Library
- A. Bishop, A. Jain, and L. Kowalczyk. Function-hiding inner product encryption. In T. Iwata and J. H. Cheon, editors, ASIACRYPT 2015, Part I, volume 9452 of LNCS, pages 470--491. Springer, Heidelberg, Nov. / Dec. 2015.Google Scholar
- D. Boneh, A. Sahai, and B. Waters. Functional encryption: Definitions and challenges. In Y. Ishai, editor, TCC 2011, volume 6597 of LNCS, pages 253--273. Springer, Heidelberg, Mar. 2011. Google ScholarDigital Library
- E. Boyle, K.-M. Chung, and R. Pass. On extractability obfuscation. In Y. Lindell, editor, TCC 2014, volume 8349 of LNCS, pages 52--73. Springer, Heidelberg, Feb. 2014.Google Scholar
- J. Camenisch and A. Lysyanskaya. Signature schemes and anonymous credentials from bilinear maps. In M. Franklin, editor, CRYPTO 2004, volume 3152 of LNCS, pages 56--72. Springer, Heidelberg, Aug. 2004.Google Scholar
- J. Camenisch and M. Stadler. Efficient group signature schemes for large groups (extended abstract). In B. S. Kaliski Jr., editor, CRYPTO'97, volume 1294 of LNCS, pages 410--424. Springer, Heidelberg, Aug. 1997. Google ScholarDigital Library
- T. ElGamal. A public key cryptosystem and a signature scheme based on discrete logarithms. In G. R. Blakley and D. Chaum, editors, CRYPTO'84, volume 196 of LNCS, pages 10--18. Springer, Heidelberg, Aug. 1984. Google ScholarDigital Library
- S. D. Galbraith, K. G. Paterson, and N. P. Smart. Pairings for cryptographers. Discrete Applied Mathematics, 156(16):3113--3121, 2008. Google ScholarDigital Library
- S. Garg, C. Gentry, S. Halevi, M. Raykova, A. Sahai, and B. Waters. Candidate indistinguishability obfuscation and functional encryption for all circuits. In 54th FOCS, pages 40--49. IEEE Computer Society Press, Oct. 2013. Google ScholarDigital Library
- S. Garg, C. Gentry, S. Halevi, and M. Zhandry. Functional encryption without obfuscation. In E. Kushilevitz and T. Malkin, editors, TCC 2016-A, Part II, volume 9563 of LNCS, pages 480--511. Springer, Heidelberg, Jan. 2016.Google Scholar
- M. A. Hearst, S. T. Dumais, E. Osman, J. Platt, and B. Scholkopf. Support vector machines. IEEE Intelligent Systems and their Applications, 13(4):18--28, 1998. Google ScholarDigital Library
- A. K. Jain, R. P. W. Duin, and J. Mao. Statistical pattern recognition: A review. IEEE Transactions on Pattern Analysis and Machine Intelligence, 22(1):4--37, 2000. Google ScholarDigital Library
- A. Lysyanskaya, R. L. Rivest, A. Sahai, and S. Wolf. Pseudonym systems. In H. M. Heys and C. M. Adams, editors, SAC 1999, volume 1758 of LNCS, pages 184--199. Springer, Heidelberg, Aug. 1999. Google ScholarDigital Library
- A. O'Neill. Definitional issues in functional encryption. Cryptology ePrint Archive, Report 2010/556, 2010. http://eprint.iacr.org/2010/556.Google Scholar
- D. Pointcheval and O. Sanders. Short randomizable signatures. In K. Sako, editor, CT-RSA 2016, volume 9610 of LNCS, pages 111--126. Springer, Heidelberg, Feb. / Mar. 2016. Google ScholarDigital Library
- D. Pointcheval and J. Stern. Security proofs for signature schemes. In U. M. Maurer, editor, EUROCRYPT'96, volume 1070 of LNCS, pages 387--398. Springer, Heidelberg, May 1996. Google ScholarDigital Library
- D. Pointcheval and J. Stern. Security arguments for digital signatures and blind signatures. Journal of Cryptology, 13(3):361--396, 2000. Google ScholarDigital Library
- A. Sahai and B. R. Waters. Fuzzy identity-based encryption. In R. Cramer, editor, EUROCRYPT 2005, volume 3494 of LNCS, pages 457--473. Springer, Heidelberg, May 2005. Google ScholarDigital Library
- C.-P. Schnorr. Efficient identification and signatures for smart cards. In G. Brassard, editor, CRYPTO'89, volume 435 of LNCS, pages 239--252. Springer, Heidelberg, Aug. 1990. Google ScholarDigital Library
- C.-P. Schnorr. Efficient identification and signatures for smart cards (abstract) (rump session). In J.-J. Quisquater and J. Vandewalle, editors, EUROCRYPT'89, volume 434 of LNCS, pages 688--689. Springer, Heidelberg, Apr. 1990. Google ScholarDigital Library
- C.-P. Schnorr. Efficient signature generation by smart cards. Journal of Cryptology, 4(3):161--174, 1991. Google ScholarDigital Library
- B. Scholkopf and A. J. Smola. Learning with kernels: support vector machines, regularization, optimization, and beyond. MIT press, 2002. Google ScholarDigital Library
- A. Shamir. How to share a secret. Communications of the Association for Computing Machinery, 22(11):612--613, Nov. 1979. Google ScholarDigital Library
- B. Waters. A punctured programming approach to adaptively secure functional encryption. In R. Gennaro and M. J. B. Robshaw, editors, CRYPTO 2015, Part II, volume 9216 of LNCS, pages 678--697. Springer, Heidelberg, Aug. 2015.Google Scholar
Index Terms
- Functional Encryption with Oblivious Helper
Recommendations
Publicly Auditable Functional Encryption
Applied Cryptography and Network SecurityAbstractWe introduce the notion of publicly auditable functional encryption (PAFE). Compared to standard functional encryption, PAFE operates in an extended setting that includes an entity called auditor, besides key-generating authority, encryptor, and ...
Functional encryption for inner product: achieving constant-size ciphertexts with adaptive security or support for negation
PKC'10: Proceedings of the 13th international conference on Practice and Theory in Public Key CryptographyIn functional encryption (FE) schemes, ciphertexts and private keys are associated with attributes and decryption is possible whenever key and ciphertext attributes are suitably related. It is known that expressive realizations can be obtained from a ...
Impossibility Results for Lattice-Based Functional Encryption Schemes
Advances in Cryptology – EUROCRYPT 2020AbstractFunctional Encryption denotes a form of encryption where a master secret key-holder can control which functions a user can evaluate on encrypted data. Learning With Errors (LWE) (Regev, STOC’05) is known to be a useful cryptographic hardness ...
Comments