Paper 2010/110

Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption

Allison Lewko, Tatsuaki Okamoto, Amit Sahai, Katsuyuki Takashima, and Brent Waters

Abstract

In this paper, we present two fully secure functional encryption schemes. Our first result is a fully secure attribute-based encryption (ABE) scheme. Previous constructions of ABE were only proven to be selectively secure. We achieve full security by adapting the dual system encryption methodology recently introduced by Waters and previously leveraged to obtain fully secure IBE and HIBE systems. The primary challenge in applying dual system encryption to ABE is the richer structure of keys and ciphertexts. In an IBE or HIBE system, keys and ciphertexts are both associated with the same type of simple object: identities. In an ABE system, keys and ciphertexts are associated with more complex objects: attributes and access formulas. We use a novel information-theoretic argument to adapt the dual system encryption methodology to the more complicated structure of ABE systems. We construct our system in composite order bilinear groups, where the order is a product of three primes. We prove the security of our system from three static assumptions. Our ABE scheme supports arbitrary monotone access formulas. Our second result is a fully secure (attribute-hiding) predicate encryption (PE) scheme for inner-product predicates. As for ABE, previous constructions of such schemes were only proven to be selectively secure. Security is proven under a non-interactive assumption whose size does not depend on the number of queries. The scheme is comparably efficient to existing selectively secure schemes. We also present a fully secure hierarchical PE scheme under the same assumption. The key technique used to obtain these results is an elaborate combination of the dual system encryption methodology (adapted to the structure of inner product PE systems) and a new approach on bilinear pairings using the notion of dual pairing vector spaces (DPVS) proposed by Okamoto and Takashima.

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. this is a full version of a paper appearing in Eurocrypt 2010. This version has appendices and other extra material that does not appear in the Eurocrypt version.
Contact author(s)
alewko @ cs utexas edu
History
2011-12-27: last of 2 revisions
2010-03-01: received
See all versions
Short URL
https://ia.cr/2010/110
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2010/110,
      author = {Allison Lewko and Tatsuaki Okamoto and Amit Sahai and Katsuyuki Takashima and Brent Waters},
      title = {Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption},
      howpublished = {Cryptology {ePrint} Archive, Paper 2010/110},
      year = {2010},
      url = {https://eprint.iacr.org/2010/110}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.