Our key contribution in this work is a generic transformation that converts any general-purpose, public-key FE scheme for deterministic functionalities into one that supports randomized functionalities. Our transformation uses the underlying FE scheme in a black-box way and can be instantiated using very standard number-theoretic assumptions (for instance, the DDH and RSA assumptions suffice). When applied to existing FE constructions, we obtain several adaptively-secure, public-key functional encryption schemes for randomized functionalities with security against malicious encrypters from many different assumptions such as concrete assumptions on multilinear maps, indistinguishability obfuscation, and in the bounded-collusion setting, the existence of public-key encryption, together with standard number-theoretic assumptions.
Additionally, we introduce a new, stronger definition for malicious security as the existing one falls short of capturing an important class of correlation attacks. In realizing this definition, our compiler combines ideas from disparate domains like related-key security for pseudorandom functions and deterministic encryption in a novel way. We believe that our techniques could be useful in expanding the scope of new variants of functional encryption (e.g., multi-input, hierarchical, and others) to support randomized functionalities.Category / Keywords: public-key cryptography / functional encryption, randomized functionalities, malicious security, generic transformation Original Publication (with major differences): IACR-EUROCRYPT-2017 Date: received 19 May 2016, last revised 13 Feb 2017 Contact author: dwu4 at cs stanford edu Available format(s): PDF | BibTeX Citation Version: 20170213:221518 (All versions of this report) Short URL: ia.cr/2016/482 Discussion forum: Show discussion | Start new discussion