(Inner-Product) Functional Encryption with Updatable Ciphertexts

IF 2.3 3区 计算机科学 Q2 COMPUTER SCIENCE, THEORY & METHODS
Valerio Cini, Sebastian Ramacher, Daniel Slamanig, Christoph Striecks, Erkan Tairi
{"title":"(Inner-Product) Functional Encryption with Updatable Ciphertexts","authors":"Valerio Cini, Sebastian Ramacher, Daniel Slamanig, Christoph Striecks, Erkan Tairi","doi":"10.1007/s00145-023-09486-y","DOIUrl":null,"url":null,"abstract":"<p>We propose a novel variant of functional encryption which supports ciphertext updates, dubbed ciphertext-updatable functional encryption. Such a feature further broadens the practical applicability of the functional encryption paradigm and allows for fine-grained access control even after a ciphertext is generated. Updating ciphertexts is carried out via so-called update tokens which a dedicated party can use to convert ciphertexts. However, allowing update tokens requires some care for the security definition. Our contribution is threefold: </p><ol>\n<li>\n<span>(a)</span>\n<p>We define our new primitive with a security notion in the indistinguishability setting. Within CUFE, functional decryption keys <i>and</i> ciphertexts are labeled with tags such that only if the tags of the decryption key and the ciphertext match, then decryption succeeds. Furthermore, we allow ciphertexts to switch their tags to any other tag via update tokens. Such tokens are generated by the holder of the main secret key and can only be used in the desired direction.</p>\n</li>\n<li>\n<span>(b)</span>\n<p>We present a generic construction of CUFE for any functionality as well as predicates different from equality testing on tags which relies on the existence of indistinguishability obfuscation (iO).</p>\n</li>\n<li>\n<span>(c)</span>\n<p>We present a practical construction of CUFE for the inner-product functionality from standard assumptions (i.e., LWE) in the random-oracle model. On the technical level, we build on the recent functional encryption schemes with fine-grained access control and linear operations on encrypted data (Abdalla et al., AC’20) and introduce an additional ciphertext updatability feature. Proving security for such a construction turned out to be non-trivial, particularly when revealing keys for the updated challenge ciphertext is allowed. Overall, such construction enriches the set of known inner-product functional encryption schemes with the additional updatability feature of ciphertexts.</p>\n</li>\n</ol>","PeriodicalId":54849,"journal":{"name":"Journal of Cryptology","volume":"28 1","pages":""},"PeriodicalIF":2.3000,"publicationDate":"2023-12-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Cryptology","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1007/s00145-023-09486-y","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}
引用次数: 0

Abstract

We propose a novel variant of functional encryption which supports ciphertext updates, dubbed ciphertext-updatable functional encryption. Such a feature further broadens the practical applicability of the functional encryption paradigm and allows for fine-grained access control even after a ciphertext is generated. Updating ciphertexts is carried out via so-called update tokens which a dedicated party can use to convert ciphertexts. However, allowing update tokens requires some care for the security definition. Our contribution is threefold:

  1. (a)

    We define our new primitive with a security notion in the indistinguishability setting. Within CUFE, functional decryption keys and ciphertexts are labeled with tags such that only if the tags of the decryption key and the ciphertext match, then decryption succeeds. Furthermore, we allow ciphertexts to switch their tags to any other tag via update tokens. Such tokens are generated by the holder of the main secret key and can only be used in the desired direction.

  2. (b)

    We present a generic construction of CUFE for any functionality as well as predicates different from equality testing on tags which relies on the existence of indistinguishability obfuscation (iO).

  3. (c)

    We present a practical construction of CUFE for the inner-product functionality from standard assumptions (i.e., LWE) in the random-oracle model. On the technical level, we build on the recent functional encryption schemes with fine-grained access control and linear operations on encrypted data (Abdalla et al., AC’20) and introduce an additional ciphertext updatability feature. Proving security for such a construction turned out to be non-trivial, particularly when revealing keys for the updated challenge ciphertext is allowed. Overall, such construction enriches the set of known inner-product functional encryption schemes with the additional updatability feature of ciphertexts.

Abstract Image

(具有可更新密文的(内积)功能加密
我们提出了一种支持密文更新的新型函数加密变体,称为可更新密文的函数加密。这一功能进一步拓宽了函数加密范式的实际应用范围,即使在密文生成后也能实现精细的访问控制。更新密文通过所谓的更新令牌进行,专用方可使用更新令牌转换密文。然而,允许更新令牌需要对安全定义进行一定的处理。我们的贡献有三个方面:(a) 我们用不可区分性设置中的安全概念定义了我们的新基元。在 CUFE 中,功能解密密钥和密码文本都贴有标签,只有当解密密钥和密码文本的标签匹配时,解密才会成功。此外,我们还允许密文通过更新令牌将其标签切换为任何其他标签。这种令牌由主秘钥持有者生成,只能用于所需的方向。(b)我们提出了一种通用的 CUFE 构造,适用于任何功能以及不同于标签相等测试的谓词,而标签相等测试依赖于不可区分性混淆(iO)的存在。(c)我们提出了一种实用的 CUFE 构造,适用于随机密码器模型中标准假设(即 LWE)的内积功能。在技术层面上,我们以最近的功能加密方案为基础,对加密数据进行细粒度访问控制和线性操作(Abdalla 等,AC'20),并引入了额外的密文可更新特性。证明这种结构的安全性并非易事,尤其是在允许泄露更新挑战密文的密钥时。总之,这种结构丰富了已知的内积函数加密算法,增加了密文的可更新性。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
Journal of Cryptology
Journal of Cryptology 工程技术-工程:电子与电气
CiteScore
7.10
自引率
3.30%
发文量
24
审稿时长
18 months
期刊介绍: The Journal of Cryptology is a forum for original results in all areas of modern information security. Both cryptography and cryptanalysis are covered, including information theoretic and complexity theoretic perspectives as well as implementation, application, and standards issues. Coverage includes such topics as public key and conventional algorithms and their implementations, cryptanalytic attacks, pseudo-random sequences, computational number theory, cryptographic protocols, untraceability, privacy, authentication, key management and quantum cryptography. In addition to full-length technical, survey, and historical articles, the journal publishes short notes.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信