Paper 2013/774

Multi-Input Functional Encryption

S. Dov Gordon and Jonathan Katz and Feng-Hao Liu and Elaine Shi and Hong-Sheng Zhou

Abstract

\emph{Functional encryption} (FE) is a powerful primitive enabling fine-grained access to encrypted data. In an FE scheme, secret keys (``tokens'') correspond to functions; a user in possession of a ciphertext $\ct = \enc(x)$ and a token $\tkf$ for the function~$f$ can compute $f(x)$ but learn nothing else about~$x$. An active area of research over the past few years has focused on the development of ever more expressive FE schemes. In this work we introduce the notion of \emph{multi-input} functional encryption. Here, informally, a user in possession of a token $\tkf$ for an $n$-ary function $f$ and \emph{multiple} ciphertexts $\ct_1=\enc(x_1)$, \ldots, $\ct_n=\enc(x_n)$ can compute $f(x_1, \ldots, x_n)$ but nothing else about the~$\{x_i\}$. Besides introducing the notion, we explore the feasibility of multi-input FE in the public-key and symmetric-key settings, with respect to both indistinguishability-based and simulation-based definitions of security.