Paper 2020/209

Adaptive Simulation Security for Inner Product Functional Encryption

Shweta Agrawal, Benoît Libert, Monosij Maitra, and Radu Titiu


Inner product functional encryption (IPFE) [1] is a popular primitive which enables inner product computations on encrypted data. In IPFE, the ciphertext is associated with a vector x, the secret key is associated with a vector y and decryption reveals the inner product <x,y>. Previously, it was known how to achieve adaptive indistinguishability (IND) based security for IPFE from the DDH, DCR and LWE assumptions [8]. However, in the stronger simulation (SIM) based security game, it was only known how to support a restricted adversary that makes all its key requests either before or after seeing the challenge ciphertext, but not both. In more detail, Wee [46] showed that the DDH-based scheme of Agrawal et al. (Crypto 2016) achieves semi-adaptive simulation-based security, where the adversary must make all its key requests after seeing the challenge ciphertext. On the other hand, O'Neill showed that all IND-secure IPFE schemes (which may be based on DDH, DCR and LWE) satisfy SIM-based security in the restricted model where the adversary makes all its key requests before seeing the challenge ciphertext. In this work, we resolve the question of SIM-based security for IPFE by showing that variants of the IPFE constructions by Agrawal et al., based on DDH, Paillier and LWE, satisfy the strongest possible adaptive SIM-based security where the adversary can make an unbounded number of key requests both before and after seeing the (single) challenge ciphertext. This establishes optimal security of the IPFE schemes, under all hardness assumptions on which it can (presently) be based.

Available format(s)
Public-key cryptography
Publication info
Published by the IACR in PKC 2020
Functional encryptioninner-productssimulation-based securitystandard assumptions
Contact author(s)
shweta a @ gmail com
benoit libert @ ens-lyon fr
monosij maitra @ gmail com
radu titiu @ gmail com
2020-02-19: received
Short URL
Creative Commons Attribution


      author = {Shweta Agrawal and Benoît Libert and Monosij Maitra and Radu Titiu},
      title = {Adaptive Simulation Security for Inner Product Functional Encryption},
      howpublished = {Cryptology ePrint Archive, Paper 2020/209},
      year = {2020},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.