On the achievability of simulation-based security for functional encryption

Angelo De Caro, Vincenzo Iovino, Abhishek Jain, Adam O'Neill, Omer Paneth, Giuseppe Persiano

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

This work attempts to clarify to what extent simulation-based security (SIM-security) is achievable for functional encryption (FE) and its relation to the weaker indistinguishability-based security (IND-security). Our main result is a compiler that transforms any FE scheme for the general circuit functionality (which we denote by Circuit-FE) meeting indistinguishability-based security (IND-security) to a Circuit-FE scheme meeting SIM-security, where: - In the random oracle model, the resulting scheme is secure for an unbounded number of encryption and key queries, which is the strongest security level one can ask for. - In the standard model, the resulting scheme is secure for a bounded number of encryption and non-adaptive key queries, but an unbounded number of adaptive key queries. This matches known impossibility results and improves upon Gorbunov et al. [CRYPTO'12] (which is only secure for non-adaptive key queries). Our compiler is inspired by the celebrated Fiat-Lapidot-Shamir paradigm [FOCS'90] for obtaining zero-knowledge proof systems from witness-indistinguishable proof systems. As it is currently unknown whether Circuit-FE meeting IND-security exists, the purpose of this result is to establish that it remains a good target for future research despite known deficiencies of IND-security [Boneh et al. - TCC'11, O'Neill - ePrint '10]. We also give a tailored construction of SIM-secure hidden vector encryption (HVE) in composite-order bilinear groups. Finally, we revisit the known negative results for SIM-secure FE, extending them to natural weakenings of the security definition and thus providing essentially a full picture of the (in)achievability of SIM-secure FE.

Original languageEnglish
Title of host publicationAdvances in Cryptology, CRYPTO 2013 - 33rd Annual Cryptology Conference, Proceedings
Pages519-535
Number of pages17
EditionPART 2
DOIs
StatePublished - 2013
Externally publishedYes
Event33rd Annual International Cryptology Conference, CRYPTO 2013 - Santa Barbara, CA, United States
Duration: 18 Aug 201322 Aug 2013

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
NumberPART 2
Volume8043 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference33rd Annual International Cryptology Conference, CRYPTO 2013
Country/TerritoryUnited States
CitySanta Barbara, CA
Period18/08/1322/08/13

Keywords

  • Functional Encryption
  • Hidden Vector Encryption
  • Simulation-Based Security

Fingerprint

Dive into the research topics of 'On the achievability of simulation-based security for functional encryption'. Together they form a unique fingerprint.

Cite this