International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption

Authors:
Allison B. Lewko
Tatsuaki Okamoto
Amit Sahai
Katsuyuki Takashima
Brent Waters
Download:
URL: http://eprint.iacr.org/2010/110
Search ePrint
Search Google
Abstract: In this paper, we present two fully secure functional encryption schemes. Our first result is a fully secure attribute-based encryption (ABE) scheme. Previous constructions of ABE were only proven to be selectively secure. We achieve full security by adapting the dual system encryption methodology recently introduced by Waters and previously leveraged to obtain fully secure IBE and HIBE systems. The primary challenge in applying dual system encryption to ABE is the richer structure of keys and ciphertexts. In an IBE or HIBE system, keys and ciphertexts are both associated with the same type of simple object: identities. In an ABE system, keys and ciphertexts are associated with more complex objects: attributes and access formulas. We use a novel information-theoretic argument to adapt the dual system encryption methodology to the more complicated structure of ABE systems. We construct our system in composite order bilinear groups, where the order is a product of three primes. We prove the security of our system from three static assumptions. Our ABE scheme supports arbitrary monotone access formulas. Our second result is a fully secure (attribute-hiding) predicate encryption (PE) scheme for inner-product predicates. As for ABE, previous constructions of such schemes were only proven to be selectively secure. Security is proven under a non-interactive assumption whose size does not depend on the number of queries. The scheme is comparably efficient to existing selectively secure schemes. We also present a fully secure hierarchical PE scheme under the same assumption. The key technique used to obtain these results is an elaborate combination of the dual system encryption methodology (adapted to the structure of inner product PE systems) and a new approach on bilinear pairings using the notion of dual pairing vector spaces (DPVS) proposed by Okamoto and Takashima.
BibTeX
@misc{eprint-2010-23011,
  title={Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption},
  booktitle={IACR Eprint archive},
  keywords={},
  url={http://eprint.iacr.org/2010/110},
  note={this is a full version of a paper appearing in Eurocrypt 2010. This version has appendices and other extra material that does not appear in the Eurocrypt version. alewko@cs.utexas.edu 14697 received 1 Mar 2010, last revised 29 Mar 2010},
  author={Allison B. Lewko and Tatsuaki Okamoto and Amit Sahai and Katsuyuki Takashima and Brent Waters},
  year=2010
}