Cryptology ePrint Archive: Report 2016/784

Verifiable and Delegatable Constrained Pseudorandom Functions for Unconstrained Inputs

Pratish Datta and Ratna Dutta and Sourav Mukhopadhyay

Abstract: Constrained pseudorandom functions (CPRF) are a fundamental extension of the notion of traditional pseudorandom functions (PRF). A CPRF enables a master PRF key holder to issue constrained keys corresponding to specific constraint predicates over the input domain. A constrained key can be used to evaluate the PRF only on those inputs which are accepted by the associated constraint predicate. However, the PRF outputs on the rest of the inputs still remain computationally indistinguishable from uniformly random values. A constrained verifiable pseudorandom function (CVPRF) enhances a CPRF with a non-interactive public verification mechanism for checking the correctness of PRF evaluations. A delegatable constrained pseudorandom function (DCPRF) is another extension which augments a CPRF to empower constrained key holders to delegate further constrained keys that allow PRF evaluations on inputs accepted by more restricted constraint predicates compared to ones embedded in their own constrained keys. Until recently, all the proposed constructions of CPRF’s and their extensions(i) either could handle only bounded length inputs, (ii) or were based on risky knowledge-type assumptions. In EUROCRYPT 2016, Deshpande et al. have presented a CPRF construction supporting inputs of unconstrained polynomial length based on indistinguishability obfuscation and injective pseudorandom generators, which they have claimed to be selectively secure. In this paper, we first identify a flaw in their security argument and resolve this by carefully modifying their construction and suitably redesigning the security proof. Our alteration does not involve any additional heavy duty cryptographic tools. Next, employing only standard public key encryption (PKE), we extend our CPRF construction, presenting the first ever CVPRF and DCPRF constructions that can handle inputs of unbounded polynomial length. Finally, we apply our ideas to demonstrate the first known attribute-based signature (ABS) scheme for general signing policies supporting signing attributes of arbitrary polynomial length.

Category / Keywords: foundations / constrained pseudorandom functions, verifiable constrained pseudorandom function, key delegation, indistinguishability obfuscation

Date: received 16 Aug 2016

Contact author: pratishdatta at gmail com

Available format(s): PDF | BibTeX Citation

Version: 20160818:163133 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]