Cryptology ePrint Archive: Report 2012/655

Privacy Preserving Revocable Predicate Encryption Revisited

Kwangsu Lee and Intae Kim and Seong Oun Hwang

Abstract: Predicate encryption (PE) that provides both the access control of ciphertexts and the privacy of ciphertexts is a new paradigm of public-key encryption. An important application of PE is a searchable encryption system in cloud storage, where it enables a client to securely outsource the search of a keyword on encrypted data without revealing the keyword to the cloud server. One practical issue of PE is to devise an efficient revocation method to revoke a user when the secret key of the user is compromised. Privacy preserving revocable PE (RPE) can provide not only revocation, but also the privacy of revoked users.

In this paper, we first define two new security models of privacy preserving RPE: the strongly full-hiding security and the weakly full-hiding security. The strongly full-hiding security provides the full privacy of ciphertexts against outside and inside adversaries, but the weakly full-hiding security provides the full privacy of ciphertexts against an outside adversary who cannot decrypt the challenge ciphertext.

Next, we propose a general RPE construction from any PE scheme, and prove its security in the weakly full-hiding security model. Our generic RPE scheme is efficient since the number of ciphertext elements is not proportional to the number of users in a receiver set. Additionally, our RPE scheme can support polynomial-size circuits if a recently proposed FE scheme for polynomial-size circuits is used as an underlying PE scheme.

Category / Keywords: public-key cryptography / Public-key encryption, Predicate-encryption, Revocation, Privacy, Adaptive security

Original Publication (in the same form): Security and Communication Networks

Date: received 16 Nov 2012, last revised 26 Feb 2014

Contact author: guspin at korea ac kr

Available format(s): PDF | BibTeX Citation

Version: 20140226:222515 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]