Paper 2022/1284

(Inner-Product) Functional Encryption with Updatable Ciphertexts

Valerio Cini, AIT Austrian Institute of Technology
Sebastian Ramacher, AIT Austrian Institute of Technology
Daniel Slamanig, AIT Austrian Institute of Technology
Christoph Striecks, AIT Austrian Institute of Technology
Erkan Tairi, TU Wien

We propose a novel variant of functional encryption which supports ciphertext updates, dubbed ciphertext updatable functional encryption (CUFE). Such a feature further broadens the practical applicability of the functional encryption paradigm and is carried out via so-called update tokens. However, allowing update tokens requires some care for the security definition as we want that updates can be done by any semi-trusted third party and only on ciphertexts. Our contribution is three-fold: a) We define our new primitive with a security notion in the indistinguishability setting. Within CUFE, functional decryption keys and ciphertexts are labeled with tags such that only if the tag of the decryption key and the ciphertext match, then decryption succeeds. Furthermore, we allow ciphertexts to switch their tags to any other tag via update tokens. Such tokens are generated by the holder of the main secret key and can only be used in the desired direction. b) We present a generic construction of CUFE for any functionality as well as predicates different from equality testing on tags, which relies on the existence of (probabilistic) indistinguishability obfuscation (iO). c) We present a practical construction of CUFE for the inner-product functionality from standard assumptions (i.e., LWE) in the random-oracle model. On the technical level, we build on the recent functional encryption schemes with fine-grained access control and linear operations on encrypted data (Abdalla et al., AC'20) and introduce an additional ciphertext updatability feature. Proving security for such a construction turned out to be non-trivial, particularly when revealing keys for the updated challenge ciphertext is allowed. Overall, such construction enriches the set of known inner-product functional-encryption schemes with the additional updatability feature of ciphertexts.

Available format(s)
Public-key cryptography
Publication info
functional encryption updatable cryptography obfuscation lattices
Contact author(s)
valerio cini @ ait ac at
sebastian ramacher @ ait ac at
daniel slamanig @ ait ac at
christoph striecks @ ait ac at
erkan tairi @ tuwien ac at
2022-09-28: approved
2022-09-27: received
See all versions
Short URL
Creative Commons Attribution


      author = {Valerio Cini and Sebastian Ramacher and Daniel Slamanig and Christoph Striecks and Erkan Tairi},
      title = {(Inner-Product) Functional Encryption with Updatable Ciphertexts},
      howpublished = {Cryptology ePrint Archive, Paper 2022/1284},
      year = {2022},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.