Cryptology ePrint Archive: Report 2015/913

Functional Signcryption: Notion, Construction, and Applications

Pratish Datta and Ratna Dutta and Sourav Mukhopadhyay

Abstract: Functional encryption (FE) enables sophisticated control over decryption rights in a multi-user scenario, while functional signature (FS) allows to enforce complex constraints on signing capabilities. This paper introduces the concept of functional signcryption (FSC) that aims to provide the functionalities of both FE and FS in an unified cost-effective primitive. FSC provides a solution to the problem of achieving confidentiality and authenticity simultaneously in digital communication and storage systems involving multiple users with better efficiency compared to a sequential implementation of FE and FS. We begin by providing formal definition of FSC and formulating its security requirements. Next, we present a generic construction of this challenging primitive that supports arbitrary polynomial-size signing and decryption functions from known cryptographic building blocks, namely, indistinguishability obfuscation (IO) and statistically simulation-sound noninteractive zero-knowledge proof of knowledge (SSS-NIZKPoK). Finally, we exhibit a number of representative applications of FSC: (I) We develop the first construction of attribute-based signcryption (ABSC) supporting signing and decryption policies representable by general polynomial-size circuits from FSC. (II) We show how FSC can serve as a tool for building SSS-NIZKPoK system and IO, a result which in conjunction with our generic FSC construction can also be interpreted as establishing an equivalence between FSC and the other two fundamental cryptographic primitives.

Category / Keywords: public-key cryptography / functional signcryption, IO, SSS-NIZKPoK, polynomial-size circuits

Original Publication (with major differences): ProvSec 2015

Date: received 20 Sep 2015

Contact author: pratishdatta at gmail com

Available format(s): PDF | BibTeX Citation

Version: 20150922:205721 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]