Paper 2022/1124
Unbounded Quadratic Functional Encryption and More from Pairings
Abstract
We propose the first unbounded functional encryption (FE) scheme for quadratic functions and its extension, in which the sizes of messages to be encrypted are not a priori bounded. Prior to our work, all FE schemes for quadratic functions are bounded, meaning that the message length is fixed at the setup. In the first scheme, encryption takes $\{x_{i}\}_{i \in S_{c}}$, key generation takes $\{c_{i,j}\}_{i,j \in S_{k}}$, and decryption outputs $\sum_{i,j \in S_{k}} c_{i,j}x_{i}x_{j}$ if and only if $S_{k} \subseteq S_{c}$, where the sizes of $S_{c}$ and $S_{k}$ can be arbitrary. Our second scheme is the extension of the first scheme to partially-hiding FE that computes an arithmetic branching program on a public input and a quadratic function on a private input. Concretely, encryption takes a public input $\vec{u}$ in addition to $\{x_{i}\}_{i \in S_{c}}$, a secret key is associated with arithmetic branching programs $\{f_{i,j}\}_{i,j \in S_{k}}$, and decryption yields $\sum_{i,j \in S_{k}} f_{i,j}(\vec{u})x_{i}x_{j}$ if and only if $S_{k} \subseteq S_{c}$. Both our schemes are based on pairings and secure in the simulation-based model under the standard MDDH assumption.
Note: fixed missing parts
Metadata
- Available format(s)
- Category
- Public-key cryptography
- Publication info
- A major revision of an IACR publication in EUROCRYPT 2023
- Keywords
- functional encryptionunboundedquadratic functionsarithmetic branching programspairings
- Contact author(s)
- tomida junichi @ gmail com
- History
- 2023-11-09: last of 4 revisions
- 2022-08-30: received
- See all versions
- Short URL
- https://ia.cr/2022/1124
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2022/1124, author = {Junichi Tomida}, title = {Unbounded Quadratic Functional Encryption and More from Pairings}, howpublished = {Cryptology {ePrint} Archive, Paper 2022/1124}, year = {2022}, url = {https://eprint.iacr.org/2022/1124} }