Cryptology ePrint Archive: Report 2013/352

Constrained Pseudorandom Functions and Their Applications

Dan Boneh and Brent Waters

Abstract: We put forward a new notion of pseudorandom functions (PRFs) we call constrained PRFs. In a standard PRF there is a master key k that enables one to evaluate the function at all points in the domain of the function. In a constrained PRF it is possible to derive constrained keys kS from the master key k. A constrained key kS enables the evaluation of the PRF at a certain subset S of the domain and nowhere else. We present a formal framework for this concept and show that constrained PRFs can be used to construct powerful primitives such as identity-based key exchange and an optimal private broadcast encryption system. We then construct constrained PRFs for several natural set systems needed for these applications. We conclude with several open problems relating to this new concept.

Category / Keywords: Pseudo Random Functions

Original Publication (with minor differences): IACR-ASIACRYPT-2013

Date: received 6 Jun 2013, last revised 9 Sep 2013

Contact author: bwaters at cs utexas edu

Available format(s): PDF | BibTeX Citation

Version: 20130909:165910 (All versions of this report)

Short URL: ia.cr/2013/352