## Cryptology ePrint Archive: Report 2022/215

Multi-Client Functional Encryption with Fine-Grained Access Control

Ky Nguyen and Duong Hieu Phan and David Pointcheval

Abstract: Multi-Client Functional Encryption ($\mathsf{MCFE}$) has been considered as an important primitive for making functional encryption useful in practice. It covers the ability to compute joint function over data from multiple parties similar to Multi-Input Functional Encryption ($\mathsf{MIFE}$) but it handles information leakage better than $\mathsf{MIFE}$. Both the $\mathsf{MCFE}$ and $\mathsf{MIFE}$ primitives are aimed at applications in multi-user settings where decryption can be correctly output for legitimate users only. In such a setting, the problem of dealing with access control in a fine-grained manner is particularly relevant. In this paper, we introduce a framework for $\mathsf{MCFE}$ with fine-grained access control and propose constructions for both single-client and multi-client settings, with selective and adaptive security. The only known work that combines functional encryption in multi-user setting with access control was proposed by Abdalla $\mathit{et al.}$ (Asiacrypt '20), which relies on a generic transformation from the single-client schemes to obtain $\mathsf{MIFE}$ schemes that suffer a quadratic factor of $n$ (where $n$ denotes the number of clients) in the ciphertext size. We present a {duplicate-and-compress} technique to transform the single-client scheme and obtain a $\mathsf{MCFE}$ with fine-grained access control scheme with only a linear factor of $n$ in the ciphertext size. Our final scheme thus outperforms the Abdalla $\mathit{et al.}$'s scheme by a factor $n$, while $\mathsf{MCFE}$ is more difficult to achieve than $\mathsf{MIFE}$ (one can obtain $\mathsf{MIFE}$ from $\mathsf{MCFE}$ by making all the labels in $\mathsf{MCFE}$ a fixed public constant).

Category / Keywords: public-key cryptography / Multi-client functional encryption, access control, adaptive security.

Date: received 21 Feb 2022, last revised 21 Feb 2022

Contact author: ky nguyen at ens fr, david pointcheval at ens fr, hieu phan at telecom-paris fr

Available format(s): PDF | BibTeX Citation

Short URL: ia.cr/2022/215

[ Cryptology ePrint archive ]