Paper 2019/1358

Traceable Inner Product Functional Encryption

Xuan Thanh Do, Duong Hieu Phan, and David Pointcheval


Functional Encryption (FE) has been widely studied in the last decade, as it provides a very useful tool for restricted access to sensitive data: from a ciphertext, it allows specific users to learn a function of the underlying plaintext. In practice, many users may be interested in the same function on the data, say the mean value of the inputs, for example. The conventional definition of FE associates each function to a secret decryption functional key and therefore all the users get the same secret key for the same function. This induces an important problem: if one of these users (called a traitor) leaks or sells the decryption functional key to be included in a pirate decryption tool, then there is no way to trace back its identity. Our objective is to solve this issue by introducing a new primitive, called Traceable Functional Encryption: the functional decryption key will not only be specific to a function, but to a user too, in such a way that if some users collude to produce a pirate decoder that successfully evaluates a function on the plaintext, from the ciphertext only, one can trace back at least one of them. We propose a concrete solution for Inner Product Functional Encryption (IPFE). We first remark that the ElGamal-based IPFE from Abdalla et. al. in PKC '15 shares many similarities with the Boneh-Franklin traitor tracing from CRYPTO '99. Then, we can combine these two schemes in a very efficient way, with the help of pairings, to obtain a Traceable IPFE with black-box confirmation.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Minor revision. CT-RSA 2020
Functional EncryptionIPFETraceability
Contact author(s)
thanhkhtn @ gmail com
2019-11-27: received
Short URL
Creative Commons Attribution


      author = {Xuan Thanh Do and Duong Hieu Phan and David Pointcheval},
      title = {Traceable Inner Product Functional Encryption},
      howpublished = {Cryptology ePrint Archive, Paper 2019/1358},
      year = {2019},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.