ABSTRACT
In an attribute-based encryption (ABE) scheme, a ciphertext is associated with an l-bit public index pind and a message m, and a secret key is associated with a Boolean predicate P. The secret key allows to decrypt the ciphertext and learn m iff P(pind) = 1. Moreover, the scheme should be secure against collusions of users, namely, given secret keys for polynomially many predicates, an adversary learns nothing about the message if none of the secret keys can individually decrypt the ciphertext.
We present attribute-based encryption schemes for circuits of any arbitrary polynomial size, where the public parameters and the ciphertext grow linearly with the depth of the circuit. Our construction is secure under the standard learning with errors (LWE) assumption. Previous constructions of attribute-based encryption were for Boolean formulas, captured by the complexity class NC1.
In the course of our construction, we present a new framework for constructing ABE schemes. As a by-product of our framework, we obtain ABE schemes for polynomial-size branching programs, corresponding to the complexity class LOGSPACE, under quantitatively better assumptions.
- Shweta Agrawal, Dan Boneh, and Xavier Boyen. Efficient lattice (H)IBE in the standard model. In EUROCRYPT, pages 553--572, 2010. Google ScholarDigital Library
- Shweta Agrawal, Dan Boneh, and Xavier Boyen. Lattice basis delegation in fixed dimension and shorter-ciphertext hierarchical IBE. In CRYPTO, pages 98--115, 2010. Google ScholarDigital Library
- Shweta Agrawal, Xavier Boyen, Vinod Vaikuntanathan, Panagiotis Voulgaris, and Hoeteck Wee. Functional encryption for threshold functions (or, fuzzy IBE) from lattices. In Public Key Cryptography, pages 280--297, 2012. Google ScholarDigital Library
- Shweta Agrawal, David Mandell Freeman, and Vinod Vaikuntanathan. Functional encryption for inner product predicates from learning with errors. In ASIACRYPT, pages 21--40, 2011. Google ScholarDigital Library
- Miklós Ajtai. Generating hard instances of the short basis problem. In ICALP, pages 1--9, 1999. Google ScholarDigital Library
- Miklós Ajtai, Ravi Kumar, and D. Sivakumar. A sieve algorithm for the shortest lattice vector problem. In STOC, pages 601--610, 2001. Google ScholarDigital Library
- Benny Applebaum, Yuval Ishai, and Eyal Kushilevitz. From secrecy to soundness: Efficient verification via secure computation. In ICALP (1), pages 152--163, 2010. Google ScholarDigital Library
- Giuseppe Ateniese, Kevin Fu, Matthew Green, and Susan Hohenberger. Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Trans. Inf. Syst. Secur., 9(1):1--30, 2006. Google ScholarDigital Library
- Mihir Bellare, Viet Tung Hoang, and Phillip Rogaway. Foundations of garbled circuits. In ACM CCS, pages 784--796, 2012. Google ScholarDigital Library
- Matt Blaze, Gerrit Bleumer, and Martin Strauss. Divertible protocols and atomic proxy cryptography. In EUROCRYPT, pages 127--144, 1998.Google ScholarCross Ref
- Dan Boneh and Xavier Boyen. Efficient selective-id secure identity-based encryption without random oracles. In EUROCRYPT, pages 223--238, 2004.Google ScholarCross Ref
- Dan Boneh and Matthew K. Franklin. Identity-based encryption from the Weil pairing. In CRYPTO, pages 213--229, 2001. Google ScholarDigital Library
- Dan Boneh, Amit Sahai, and Brent Waters. Functional encryption: Definitions and challenges. In TCC, pages 253--273, 2011. Google ScholarDigital Library
- Xavier Boyen. Attribute-based functional encryption on lattices. In TCC, 2013. To appear. Google ScholarDigital Library
- Zvika Brakerski and Vinod Vaikuntanathan. Efficient fully homomorphic encryption from (standard) LWE. In FOCS, pages 97--106, 2011. Google ScholarDigital Library
- David Cash, Dennis Hofheinz, and Eike Kiltz. How to delegate a lattice basis. Cryptology ePrint Archive, Report 2009/351, 2009.Google Scholar
- David Cash, Dennis Hofheinz, Eike Kiltz, and Chris Peikert. Bonsai trees, or how to delegate a lattice basis. J. Cryptology, 25(4):601--639, 2012.Google ScholarDigital Library
- Kai-Min Chung, Yael Kalai, and Salil P. Vadhan. Improved delegation of computation using fully homomorphic encryption. In CRYPTO, pages 483--501, 2010. Google ScholarDigital Library
- Clifford Cocks. An identity based encryption scheme based on quadratic residues. In IMA Int. Conf., pages 360--363, 2001. Google ScholarDigital Library
- Sanjam Garg, Craig Gentry, and Shai Halevi. Candidate multilinear maps from ideal lattices and applications. Cryptology ePrint Archive, Report 2012/610, 2012.Google Scholar
- Sanjam Garg, Craig Gentry, Shai Halevi, Amit Sahai, and Brent Waters. Attribute-based encryption for circuits from multilinear maps. Cryptology ePrint Archive, Report 2013/128, 2013.Google Scholar
- Rosario Gennaro, Craig Gentry, and Bryan Parno. Non-interactive verifiable computing: Outsourcing computation to untrusted workers. In CRYPTO, pages 465--482, 2010. Google ScholarDigital Library
- Craig Gentry. Fully homomorphic encryption using ideal lattices. In STOC, pages 169--178, 2009. Google ScholarDigital Library
- Craig Gentry, Chris Peikert, and Vinod Vaikuntanathan. Trapdoors for hard lattices and new cryptographic constructions. In STOC, pages 197--206, 2008. Google ScholarDigital Library
- Shafi Goldwasser, Yael Kalai, Raluca Ada Popa, Vinod Vaikuntanathan, and Nickolai Zeldovich. Succinct functional encryption and its power: Reusable garbled circuits and beyond. In STOC, 2013. To appear.Google Scholar
- Shafi Goldwasser, Yael Tauman Kalai, and Guy N. Rothblum. Delegating computation: interactive proofs for muggles. In STOC, pages 113--122, 2008. Google ScholarDigital Library
- Sergey Gorbunov, Vinod Vaikuntanathan, and Hoeteck Wee. Functional encryption with bounded collusions via multi-party computation. In CRYPTO, pages 162--179, 2012.Google ScholarDigital Library
- Vipul Goyal, Omkant Pandey, Amit Sahai, and Brent Waters. Attribute-based encryption for fine-grained access control of encrypted data. In ACM CCS, pages 89--98, 2006. Google ScholarDigital Library
- Susan Hohenberger, Guy N. Rothblum, Abhi Shelat, and Vinod Vaikuntanathan. Securely obfuscating re-encryption. J. Cryptology, 24(4):694--719, 2011. Google ScholarDigital Library
- Allison B. Lewko, Tatsuaki Okamoto, Amit Sahai, Katsuyuki Takashima, and Brent Waters. Fully secure functional encryption: Attribute-based encryption and (hierarchical) inner product encryption. In EUROCRYPT, pages 62--91, 2010. Google ScholarDigital Library
- Allison B. Lewko and Brent Waters. New techniques for dual system encryption and fully secure HIBE with short ciphertexts. In TCC, pages 455--479, 2010. Google ScholarDigital Library
- Allison B. Lewko and Brent Waters. New proof methods for attribute-based encryption: Achieving full security through selective techniques. In CRYPTO, pages 180--198, 2012.Google Scholar
- Silvio Micali. Computationally sound proofs. SIAM J. Comput., 30(4):1253--1298, 2000. Google ScholarDigital Library
- Daniele Micciancio and Chris Peikert. Trapdoors for lattices: Simpler, tighter, faster, smaller. In EUROCRYPT, pages 700--718, 2012. Google ScholarDigital Library
- Daniele Micciancio and Panagiotis Voulgaris. A deterministic single exponential time algorithm for most lattice problems based on voronoi cell computations. In STOC, pages 351--358, 2010. Google ScholarDigital Library
- Tatsuaki Okamoto and Katsuyuki Takashima. Fully secure functional encryption with general relations from the decisional linear assumption. In CRYPTO, pages 191--208, 2010. Google ScholarDigital Library
- Adam O'Neill. Definitional issues in functional encryption. Cryptology ePrint Archive, Report 2010/556, 2010.Google Scholar
- Bryan Parno, Mariana Raykova, and Vinod Vaikuntanathan. How to delegate and verify in public: Verifiable computation from attribute-based encryption. In TCC, pages 422--439, 2012. Google ScholarDigital Library
- Chris Peikert. Public-key cryptosystems from the worst-case shortest vector problem. In STOC, pages 333--342, 2009. Google ScholarDigital Library
- Oded Regev. On lattices, learning with errors, random linear codes, and cryptography. J. ACM, 56(6), 2009. Google ScholarDigital Library
- Oded Regev. On lattices, learning with errors, random linear codes, and cryptography. J. ACM, 56(6), 2009. Google ScholarDigital Library
- Alon Rosen and Gil Segev. Chosen-ciphertext security via correlated products. SIAM J. Comput., 39(7):3058--3088, 2010. Google ScholarDigital Library
- Amit Sahai and Hakan Seyalioglu. Worry-free encryption: functional encryption with public keys. In ACM CCS, pages 463--472, 2010. Google ScholarDigital Library
- Amit Sahai and Brent Waters. Fuzzy identity-based encryption. In EUROCRYPT, pages 457--473, 2005. Google ScholarDigital Library
- Adi Shamir. Identity-based cryptosystems and signature schemes. In CRYPTO, pages 47--53, 1984. Google ScholarDigital Library
- Damien Stehlé and Ron Steinfeld. Faster fully homomorphic encryption. In ASIACRYPT, pages 377--394, 2010.Google ScholarCross Ref
- Brent Waters. Dual system encryption: Realizing fully secure IBE and HIBE under simple assumptions. In CRYPTO, pages 619--636, 2009. Google ScholarDigital Library
- Brent Waters. Functional encryption for regular languages. In CRYPTO, pages 218--235, 2012.Google ScholarDigital Library
Index Terms
- Attribute-based encryption for circuits
Recommendations
Attribute-Based Encryption for Circuits
In an attribute-based encryption (ABE) scheme, a ciphertext is associated with an ℓ-bit public index ind and a message m, and a secret key is associated with a Boolean predicate P. The secret key allows decrypting the ciphertext and learning m if and ...
Comments on Circuit ciphertext-policy attribute-based hybrid encryption with verifiable delegation
Attribute-based encryption (ABE) with outsourced decryption not only allows fine-grained and versatile sharing of encrypted data, but also largely mitigates the decryption overhead and the ciphertext size in the standard ABE schemes. Very recently, Xu ...
Revocable attribute-based encryption from standard lattices
AbstractAttribute-based encryption (ABE) is an attractive extension of public key encryption, which provides fine-grained and role-based access to encrypted data. In its key-policy flavor, the secret key is associated with an access policy and ...
Highlights- Our scheme is based on the learning with errors (LWE) problem, which is believed to be quantum-resistant.
Comments