Paper 2022/1124
Unbounded Quadratic Functional Encryption and More from Pairings
, NTT Social Informatics LaboratoriesAbstract
We propose the first unbounded functional encryption (FE) scheme for quadratic functions and its extension, in which the sizes of messages to be encrypted are not a priori bounded. Prior to our work, all FE schemes for quadratic functions are bounded, meaning that the message length is fixed at the setup. In the first scheme, encryption takes $\{x_{i}\}_{i \in S_{c}}$, key generation takes $\{c_{i,j}\}_{i,j \in S_{k}}$, and decryption outputs $\sum_{i,j \in S_{k}} c_{i,j}x_{i}x_{j}$ if and only if $S_{k} \subseteq S_{c}$, where the sizes of $S_{c}$ and $S_{k}$ can be arbitrary. Our second scheme is the extension of the first scheme to partially-hiding FE that computes an arithmetic branching program on a public input and a quadratic function on a private input. Concretely, encryption takes a public input $\vec{u}$ in addition to $\{x_{i}\}_{i \in S_{c}}$, a secret key is associated with arithmetic branching programs $\{f_{i,j}\}_{i,j \in S_{k}}$, and decryption yields $\sum_{i,j \in S_{k}} f_{i,j}(\vec{u})x_{i}x_{j}$ if and only if $S_{k} \subseteq S_{c}$. Both our schemes are based on pairings and secure in the simulation-based model under the standard MDDH assumption.
Note: fixed missing parts
Metadata
- Available format(s)
-
PDF
- Category
- Public-key cryptography
- Publication info
- A major revision of an IACR publication in EUROCRYPT 2023
- Keywords
- functional encryptionunboundedquadratic functionsarithmetic branching programspairings
- Contact author(s)
- tomida junichi @ gmail com
- History
- 2023-11-09: last of 4 revisions
- 2022-08-30: received
- See all versions
- Short URL
- https://ia.cr/2022/1124
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2022/1124,
author = {Junichi Tomida},
title = {Unbounded Quadratic Functional Encryption and More from Pairings},
howpublished = {Cryptology {ePrint} Archive, Paper 2022/1124},
year = {2022},
url = {https://eprint.iacr.org/2022/1124}
}
