Cryptology ePrint Archive: Report 2020/1382
Chosen-Ciphertext Secure Multi-Identity and Multi-Attribute Pure FHE
Tapas Pal and Ratna Dutta
Abstract: A multi-identity pure fully homomorphic encryption (MIFHE) enables a server to perform arbitrary computation on the ciphertexts that are encrypted under different identities. In case of multi-attribute pure FHE (MAFHE), the ciphertexts are associated with different attributes. Clear and McGoldrick (CANS 2014) gave the first chosen-plaintext attack secure MIFHE and MAFHE based on indistinguishability obfuscation. In this study, we focus on building MIFHE and MAFHE which are se-
cure under type 1 of chosen-ciphertext attack (CCA1) security model. In particular, using witness pseudorandom functions (Zhandry, TCC 2016) and multi-key pure FHE or MFHE (Mukherjee and Wichs, EUROCRYPT 2016) we propose the following constructions:
– CCA secure identity-based encryption (IBE) that enjoys an optimal size ciphertexts, which we extend to a CCA1 secure MIFHE scheme.
– CCA secure attribute-based encryption (ABE) having an optimal size ciphertexts, which we transform into a CCA1 secure MAFHE scheme.
By optimal size, we mean that the bit-length of a ciphertext is the bit-length of the message plus a security parameter multiplied with a constant. Known constructions of multi-identity(attribute) FHEs are either leveled, that is, support only bounded depth circuit evaluations or secure in a weaker CPA security model. With our new approach, we achieve
both CCA1 security and evaluation on arbitrary depth circuits for multi-identity(attribute) FHE schemes.
Category / Keywords: public-key cryptography / witness pseudorandom function, identity-based encryption, attribute- based encryption, fully homomorphic encryption
Original Publication (with minor differences): CANS 2020 https://cans2020.at/accepted-papers/
Date: received 4 Nov 2020
Contact author: tapas pal at iitkgp ac in
Available format(s): PDF | BibTeX Citation
Note: It is the extended version of the paper accepted in CANS 2020. It includes appendices that contain security analysis of ABE and MAFHE.
Version: 20201110:123251 (All versions of this report)
Short URL: ia.cr/2020/1382
[ Cryptology ePrint archive ]