Paper 2008/279

Delegating Capabilities in Predicate Encryption Systems

Elaine Shi and Brent Waters

Abstract

In predicate encryption systems, given a capability, one can evaluate one or more predicates on the encrypted data, while all other information about the plaintext remains hidden. We consider the first such systems to permit delegation of capabilities. In a system that supports delegation, a user Alice who has a capability can delegate to Bob a more restrictive capability, which allows him to learn less about encrypted data than she did. We formally define delegation in predicate encryption systems, and propose a new security definition for delegation. In addition, we present an efficient construction supporting conjunctive queries. The security of our construction can be reduced to the general 3-party Bilinear Diffie-Hellman assumption, and the Bilinear Decisional Diffie-Hellman assumption in composite-order bilinear groups.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. full version of a paper in ICALP08
Keywords
predicate encryptiondelegationbilinear groups
Contact author(s)
rshi @ cmu edu
History
2008-06-24: received
Short URL
https://ia.cr/2008/279
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2008/279,
      author = {Elaine Shi and Brent Waters},
      title = {Delegating Capabilities in Predicate Encryption Systems},
      howpublished = {Cryptology {ePrint} Archive, Paper 2008/279},
      year = {2008},
      url = {https://eprint.iacr.org/2008/279}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.