Paper 2025/330
(Multi-Input) FE for Randomized Functionalities, Revisited
Abstract
Randomized functional encryption (rFE) generalizes functional encryption (FE) by incorporating randomized functionalities. Randomized multi-input functional encryption (rMIFE) extends rFE to accommodate multi-input randomized functionalities. In this paper, we reassess the framework of rFE/rMIFE enhancing our understanding of this primitive and laying the groundwork for more secure and flexible constructions in this field. Specifically, we make three key contributions: - New definition: We identify critical gap in the existing indistinguishability-based (IND) security definition for rFE/rMIFE. Notably, current definition fails to adequately address security against malicious encryptors—a crucial requirement for rFE/rMIFE since their introduction. We propose a novel, robust IND security definition that not only addresses threats from malicious decryptors but also quantifies the security against malicious encryptors effectively. - Counterexample: To illustrate the importance of this definitional gap, we provide a counterexample of an insecure rFE scheme that meets IND security under the previous definition but explicitly fails in a natural setting (and where this failure would be precluded by our enhanced definition). Our counterexample scheme is non-trivial and meticulously designed using standard cryptographic tools, namely FE for deterministic functions, pseudorandom function (PRF), public key encryption (PKE), and simulation-sound non-interactive zero-knowledge (NIZK) proof systems. - Adaptive unbounded-message secure construction: The only viable prior construction of rMIFE by Goldwasser et al. [EUROCRYPT 2014] (which uses indistinguishability obfuscation (iO) and other standard assumptions) has significant limitations: it permits only a pre-defined number of messages per encryption slot and operates under selective-security constraints, requiring adversaries to declare challenge ciphertext queries and "corrupted" encryption keys in advance. We address these shortcomings by employing sub-exponentially secure iO. Technically, we build on and adapt methods developed by Goyal et al. [ASIACRYPT 2016] for deterministic MIFE.
Metadata
- Available format(s)
-
PDF
- Category
- Public-key cryptography
- Publication info
- Preprint.
- Keywords
- Functional EncryptionRandomized FunctionalitiesMulti-InputSIM-based SecurityIND-based Security
- Contact author(s)
-
pratish datta @ ntt-research com
jiaxin @ guan io
alexiskorb @ cs ucla edu
sahai @ cs ucla edu - History
- 2025-02-25: approved
- 2025-02-23: received
- See all versions
- Short URL
- https://ia.cr/2025/330
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2025/330, author = {Pratish Datta and Jiaxin Guan and Alexis Korb and Amit Sahai}, title = {(Multi-Input) {FE} for Randomized Functionalities, Revisited}, howpublished = {Cryptology {ePrint} Archive, Paper 2025/330}, year = {2025}, url = {https://eprint.iacr.org/2025/330} }