Paper 2022/1594
Compact FE for Unbounded Attribute-Weighted Sums for Logspace from SXDH
Abstract
This paper presents the first functional encryption (FE) scheme for the attribute-weighted sum (AWS) functionality that supports the uniform model of computation. In such an FE scheme, encryption takes as input a pair of attributes (x,z) where the attribute x is public while the attribute z is private. A secret key corresponds to some weight function f, and decryption recovers the weighted sum f(x)z. This is an important functionality with a wide range of potential real life applications, many of which require the attribute lengths to be flexible rather than being fixed at system setup. In the proposed scheme, the public attributes are considered as binary strings while the private attributes are considered as vectors over some finite field, both having arbitrary polynomial lengths that are not fixed at system setup. The weight functions are modeled as Logspace Turing machines. Prior schemes [Abdalla, Gong, and Wee, CRYPTO 2020 and Datta and Pal, ASIACRYPT 2021] could only support non-uniform Logspace. The proposed scheme is built in asymmetric prime-order bilinear groups and is proven adaptively simulation secure under the well-studied symmetric external Diffie-Hellman (SXDH) assumption against an arbitrary polynomial number of secret key queries both before and after the challenge ciphertext. This is the best possible level of security for FE as noted in the literature. As a special case of the proposed FE scheme, we also obtain the first adaptively simulation secure inner-product FE (IPFE) for vectors of arbitrary length that is not fixed at system setup. On the technical side, our contributions lie in extending the techniques of Lin and Luo [EUROCRYPT 2020] devised for payload hiding attribute-based encryption (ABE) for uniform Logspace access policies avoiding the so-called “one-use” restriction in the indistinguishability-based security model as well as the “three-slot reduction” technique for simulation-secure attribute-hiding FE for non-uniform Logspace devised by Datta and Pal [ASIACRYPT 2021] to the context of simulation-secure attribute-hiding FE for uniform Logspace.
Metadata
- Available format(s)
- Category
- Public-key cryptography
- Publication info
- A major revision of an IACR publication in ASIACRYPT 2022
- Keywords
- functional encryption attribute-weighted sums Logspace Turing machines
- Contact author(s)
-
pratish datta @ ntt-research com
tapas pal wh @ hco ntt co jp
ktakashima @ waseda jp - History
- 2022-11-17: approved
- 2022-11-16: received
- See all versions
- Short URL
- https://ia.cr/2022/1594
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2022/1594, author = {Pratish Datta and Tapas Pal and Katsuyuki Takashima}, title = {Compact {FE} for Unbounded Attribute-Weighted Sums for Logspace from {SXDH}}, howpublished = {Cryptology {ePrint} Archive, Paper 2022/1594}, year = {2022}, url = {https://eprint.iacr.org/2022/1594} }