Cryptology ePrint Archive: Report 2016/1179

Updatable Functional Encryption

Afonso Arriaga and Vincenzo Iovino and Qiang Tang

Abstract: Functional encryption (FE) allows an authority to issue tokens associated with various functions, allowing the holder of some token for function f to learn only f(D) from a ciphertext that encrypts D. The standard approach is to model f as a circuit, which yields inefficient evaluations over large inputs. Here, we propose a new primitive that we call updatable functional encryption (UFE), where instead of circuits we deal with RAM programs, which are closer to how programs are expressed in von Neumann architecture. We impose strict efficiency constrains in that the run-time of a token P' on ciphertext CT is proportional to the run-time of its clear-form counterpart (program P on memory D) up to a polylogarithmic factor in the size of D, and we envision tokens that are capable to update the ciphertext, over which other tokens can be subsequently executed. We define a security notion for our primitive and propose a candidate construction from obfuscation, which serves as a starting point towards the realization of other schemes and contributes to the study on how to compute RAM programs over public-key encrypted data.

Category / Keywords: public-key cryptography / Updatable functional encryption, RAM model, Persistent memory

Original Publication (in the same form): Mycrypt 2016: Paradigm-shifting Crypto

Date: received 24 Dec 2016

Contact author: afonso arriaga at gmail com

Available format(s): PDF | BibTeX Citation

Version: 20161230:194449 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]