Cryptology ePrint Archive: Report 2020/1382

Chosen-Ciphertext Secure Multi-Identity and Multi-Attribute Pure FHE

Tapas Pal and Ratna Dutta

Abstract: A multi-identity pure fully homomorphic encryption (MIFHE) enables a server to perform arbitrary computation on the ciphertexts that are encrypted under different identities. In case of multi-attribute pure FHE (MAFHE), the ciphertexts are associated with different attributes. Clear and McGoldrick (CANS 2014) gave the first chosen-plaintext attack secure MIFHE and MAFHE based on indistinguishability obfuscation. In this study, we focus on building MIFHE and MAFHE which are se- cure under type 1 of chosen-ciphertext attack (CCA1) security model. In particular, using witness pseudorandom functions (Zhandry, TCC 2016) and multi-key pure FHE or MFHE (Mukherjee and Wichs, EUROCRYPT 2016) we propose the following constructions: CCA secure identity-based encryption (IBE) that enjoys an optimal size ciphertexts, which we extend to a CCA1 secure MIFHE scheme. CCA secure attribute-based encryption (ABE) having an optimal size ciphertexts, which we transform into a CCA1 secure MAFHE scheme.

By optimal size, we mean that the bit-length of a ciphertext is the bit-length of the message plus a security parameter multiplied with a constant. Known constructions of multi-identity(attribute) FHEs are either leveled, that is, support only bounded depth circuit evaluations or secure in a weaker CPA security model. With our new approach, we achieve both CCA1 security and evaluation on arbitrary depth circuits for multi-identity(attribute) FHE schemes.

Category / Keywords: public-key cryptography / witness pseudorandom function, identity-based encryption, attribute- based encryption, fully homomorphic encryption

Original Publication (with minor differences): CANS 2020

Date: received 4 Nov 2020

Contact author: tapas pal at iitkgp ac in

Available format(s): PDF | BibTeX Citation

Note: It is the extended version of the paper accepted in CANS 2020. It includes appendices that contain security analysis of ABE and MAFHE.

Version: 20201110:123251 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]