## Cryptology ePrint Archive: Report 2019/746

Public-Key Function-Private Hidden Vector Encryption (and More)

James Bartusek and Brent Carmer and Abhishek Jain and Zhengzhong Jin and Tancrède Lepoint and Fermi Ma and Tal Malkin and Alex J. Malozemoff and Mariana Raykova

Abstract: We construct public-key function-private predicate encryption for the small superset functionality,'' recently introduced by Beullens and Wee (PKC 2019). This functionality captures several important classes of predicates:

- Point functions. For point function predicates, our construction is equivalent to public-key function-private anonymous identity-based encryption.

- Conjunctions. If the predicate computes a conjunction, our construction is a public-key function-private hidden vector encryption scheme. This addresses an open problem posed by Boneh, Raghunathan, and Segev (ASIACRYPT 2013).

- $d$-CNFs and read-once conjunctions of $d$-disjunctions for constant-size $d$.

Our construction extends the group-based obfuscation schemes of Bishop et al. (CRYPTO 2018), Beullens and Wee (PKC 2019), and Bartusek et al. (EUROCRYPT 2019) to the setting of public-key function-private predicate encryption. We achieve an average-case notion of function privacy, which guarantees that a decryption key $sk_f$ reveals nothing about $f$ as long as $f$ is drawn from a distribution with sufficient entropy. We formalize this security notion as a generalization of the (enhanced) real-or-random function privacy definition of Boneh, Raghunathan, and Segev (CRYPTO 2013). Our construction relies on bilinear groups, and we prove security in the generic bilinear group model.

Category / Keywords: public-key cryptography / function privacy, obfuscation, conjunctions, small superset, generic group