Paper 2014/720

Adaptively Secure Constrained Pseudorandom Functions

Dennis Hofheinz, Akshay Kamath, Venkata Koppula, and Brent Waters


A constrained pseudo random function (PRF) behaves like a standard PRF, but with the added feature that the (master) secret key holder, having secret key K, can produce a constrained key, K_f, that allows for the evaluation of the PRF on a subset of the domain as determined by a predicate function f within some family F. While previous constructions gave constrained PRFs for poly-sized circuits, all reductions for such functionality were based in the selective model of security where an attacker declares which point he is attacking before seeing any constrained keys. In this paper we give new constrained PRF constructions for circuits that have polynomial reductions to indistinguishability obfuscation in the random oracle model. Our solution is constructed from two recently emerged primitives: an adaptively secure Attribute-Based Encryption (ABE) for circuits and a Universal Parameters as introduced by Hofheinz et al. Both primitives are constructible from indistinguishability obfuscation (iO) (and injective pseudorandom generators) with only polynomial loss.

Available format(s)
Publication info
Contact author(s)
dennis hofheinz @ kit edu
kamath @ cs utexas edu
kvenkata @ cs utexas edu
bwaters @ cs utexas edu
2016-12-26: last of 2 revisions
2014-09-16: received
See all versions
Short URL
Creative Commons Attribution


      author = {Dennis Hofheinz and Akshay Kamath and Venkata Koppula and Brent Waters},
      title = {Adaptively Secure Constrained Pseudorandom Functions},
      howpublished = {Cryptology ePrint Archive, Paper 2014/720},
      year = {2014},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.