Paper 2014/840
Constrained PRFs for Unbounded Inputs
Hamza Abusalah, Georg Fuchsbauer, and Krzysztof Pietrzak
Abstract
A constrained pseudorandom function $F: K \times X \to Y$ for a family $T$ of subsets of $X$ is a function where for any key $k \in K$ and set $S \in T$ one can efficiently compute a constrained key $k_S$ which allows to evaluate $F(k,.)$ on all inputs $x\in S$, while even given this key, the outputs on all inputs $x \notin S$ look random. At Asiacrypt'13 Boneh and Waters gave a construction which supports the most general set family so far. Its keys $k_C$ are defined for sets decided by boolean circuits $C$ and enable evaluation of the PRF on any $x \in X$ where $C(x)=1$. In their construction the PRF input length and the size of the circuits $C$ for which constrained keys can be computed must be fixed beforehand during key generation. We construct a constrained PRF that has an unbounded input length and whose constrained keys can be defined for any set recognized by a Turing machine. The only a priori bound we make is on the description size of the machines. We prove our construction secure assuming publiccoin differinginput obfuscation. As applications of our constrained PRF we build a broadcast encryption scheme where the number of potential receivers need not be fixed at setup (in particular, the length of the keys is independent of the number of parties) and the first identitybased noninteractive key exchange protocol with no bound on the number of parties that can agree on a shared key.
Note: We revised the main construction so it only requires *publiccoin* differinginput obfuscation.
Metadata
 Available format(s)
 Publication info
 Published elsewhere. MAJOR revision.CTRSA 2016
 Keywords
 Constrained PRFsbroadcast encryptionidentitybased noninteractive key exchange
 Contact author(s)
 gfuchsbauer @ ist ac at
 History
 20151118: last of 4 revisions
 20141020: received
 See all versions
 Short URL
 https://ia.cr/2014/840
 License

CC BY
BibTeX
@misc{cryptoeprint:2014/840, author = {Hamza Abusalah and Georg Fuchsbauer and Krzysztof Pietrzak}, title = {Constrained PRFs for Unbounded Inputs}, howpublished = {Cryptology ePrint Archive, Paper 2014/840}, year = {2014}, note = {\url{https://eprint.iacr.org/2014/840}}, url = {https://eprint.iacr.org/2014/840} }