research-article

Controlled Functional Encryption

Authors:
Muhammad Naveed

University of Illinois at Urbana-Champaign, Urbana, IL, USA

University of Illinois at Urbana-Champaign, Urbana, IL, USA
View Profile

,
Shashank Agrawal

University of Illinois at Urbana-Champaign, Urbana, IL, USA

University of Illinois at Urbana-Champaign, Urbana, IL, USA
View Profile

,
Manoj Prabhakaran

University of Illinois at Urbana-Champaign, Urbana, IL, USA

University of Illinois at Urbana-Champaign, Urbana, IL, USA
View Profile

,
XiaoFeng Wang

Indiana University Bloomington, Bloomington, IN, USA

Indiana University Bloomington, Bloomington, IN, USA
View Profile

,
Erman Ayday

Ecole polytechnique fédérale de Lausanne, Lausanne, Switzerland

Ecole polytechnique fédérale de Lausanne, Lausanne, Switzerland
View Profile

,
Jean-Pierre Hubaux

École polytechnique fédérale de Lausanne, Lausanne, Switzerland

École polytechnique fédérale de Lausanne, Lausanne, Switzerland
View Profile

,
Carl Gunter

University of Illinois at Urbana-Champaign, Urbana, IL, USA

University of Illinois at Urbana-Champaign, Urbana, IL, USA
View Profile

CCS '14: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications SecurityNovember 2014Pages 1280–1291https://doi.org/10.1145/2660267.2660291

Published:03 November 2014Publication History

CCS '14: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security

Pages 1280–1291

ABSTRACT

Motivated by privacy and usability requirements in various scenarios where existing cryptographic tools (like secure multi-party computation and functional encryption) are not adequate, we introduce a new cryptographic tool called Controlled Functional Encryption (C-FE). As in functional encryption, C-FE allows a user (client) to learn only certain functions of encrypted data, using keys obtained from an authority. However, we allow (and require) the client to send a fresh key request to the authority every time it wants to evaluate a function on a ciphertext. We obtain efficient solutions by carefully combining CCA2 secure public-key encryption (or rerandomizable RCCA secure public-key encryption, depending on the nature of security desired) with Yao's garbled circuit. Our main contributions in this work include developing and for- mally defining the notion of C-FE; designing theoretical and practical constructions of C-FE schemes achieving these definitions for specific and general classes of functions; and evaluating the performance of our constructions on various application scenarios.

References

Cancer facts and statistics. http://www.cancer.org/ research/ cancerfactsstatistics/ .Google Scholar
A combinational multiplier using the xilinx spartan ii fpga. http://ecen3233.okstate.edu/PDF/Labs/Combinational%20Multiplier.pdf .Google Scholar
Fast facts on US hospitals. http://www.aha.org/ research/ rc/ stat-studies/ fast-facts.shtml.Google Scholar
Havasupai tribe and the lawsuit settlement aftermath. http://genetics.ncai.org/ case-study/havasupai-Tribe.cfm.Google Scholar
Indian tribe wins fight to limit research of its dna. http://www.nytimes.com/2010/04/ 22/ us/22dna.html?pagewanted=all&_r=1&.Google Scholar
List of genetic diseases with associated genes and snp's. http://www.eupedia.com/genetics/genetic_diseases.shtml.Google Scholar
Tpm reset attack. http://www.cs.dartmouth.edu/ pkilab/sparks/ .Google Scholar
S. Agrawal, S. Gurbanov, V. Vaikuntanathan, and H. Wee. Functional encryption: New perspectives and lower bounds. In Crypto, 2013.Google ScholarCross Ref
M. J. Atallah and J. Li. Secure outsourcing of sequence comparisons. International Journal of Information Security, 4(4):277--287, 2005. Google ScholarDigital Library
E. Ayday, J. L. Raisaro, and J.-P. Hubaux. Privacy-enhancing technologies for medical tests using genomic data. In NDSS, 2013.Google Scholar
E. Ayday, J. L. Raisaro, P. J. McLaren, J. Fellay, and J.-P. Hubaux. Privacy-preserving computation of disease risk by using genomic, clinical, and environmental data. In HealthTech, 2013.Google Scholar
E. Ayday, J. L. Raisaro, J. Rougemont, and J.-P. Hubaux. Protecting and evaluating genomic privacy in medical tests and personalized medicine. In WPES, 2013. Google ScholarDigital Library
P. Baldi, R. Baronio, E. De Cristofaro, P. Gasti, and G. Tsudik. Countering gattaca: efficient and secure testing of fully-sequenced human genomes. In CCS'11, pages 691--702, 2011. Google ScholarDigital Library
M. Bellare, A. Desai, D. Pointcheval, and P. Rogaway. Relations among notions of security for public-key encryption schemes. InCRYPTO'98, number 1462, pages 26--45. Google ScholarDigital Library
M. Bellare, V. T. Hoang, and P. Rogaway. Foundations of garbled circuits. In CCS'12, pages 784--796, 2012. Google ScholarDigital Library
M. Bellare and P. Rogaway. Optimal asymmetric encryption. In EUROCRYPT, pages 92--111, 1995.Google ScholarCross Ref
J. Bethencourt, A. Sahai, and B. Waters. Ciphertext-policy attribute-based encryption. In IEEE S&P, pages 321--334, 2007. Google ScholarDigital Library
M. Blanton, M. J. Atallah, K. B. Frikken, and Q. Malluhi. Secure and efficient outsourcing of sequence comparisons. In ESORICS, pages 505--522. 2012.Google ScholarCross Ref
D. Boneh, A. Sahai, and B. Waters. Functional encryption: Definitions and challenges. In TCC, pages 253--273, 2011. Google ScholarDigital Library
F. Bruekers, S. Katzenbeisser, K. Kursawe, and P. Tuyls. Privacy-preserving matching of DNA profiles. IACR Cryptology ePrint Archive, 2008:203, 2008.Google Scholar
R. Canetti. Universally composable security: A new paradigm for cryptographic protocols. In FOCS, pages 136--145, 2001. Google ScholarDigital Library
H. Carter, C. Amrutkar, I. Dacosta, and P. Traynor. For your phone only: custom protocols for efficient secure function evaluation on mobile devices. SCN, 2013.Google Scholar
H. Carter, B. Mood, P. Traynor, and K. Butler. Secure outsourced garbled circuit evaluation for mobile devices. In USENIX Security, pages 289--304, 2013. Google ScholarDigital Library
K.-M. Chung, J. Katz, and H.-S. Zhou. Functional encryption from (small) hardware tokens. In ASIACRYPT, pages 120--139. 2013.Google ScholarCross Ref
E. De Cristofaro, S. Faber, P. Gasti, and G. Tsudik. Genodroid: are privacy-preserving genomic tests ready for prime time? In WPES, pages 97--108, 2012. Google ScholarDigital Library
D. Eppstein, M. T. Goodrich, and P. Baldi. Privacy-enhanced methods for comparing compressed DNA sequences. arXiv preprint arXiv:1107.3593, 2011.Google Scholar
E. Fujisaki, T. Okamoto, D. Pointcheval, and J. Stern. RSA-OAEP is secure under the RSA assumption. In CRYPTO, number 2139, pages 260--274. Jan. 2001. Google ScholarDigital Library
S. Garg, C. Gentry, S. Halevi, M. Raykova, A. Sahai, and B. Waters. Candidate indistinguishability obfuscation and functional encryption for all circuits. STOC, pages 40--49, 2013. Google ScholarDigital Library
S. Garg, C. Gentry, S. Halevi, A. Sahai, and B. Waters. Attribute-based encryption for circuits from multilinear maps. In CRYPTO 2013, number 8043, pages 479--499. 2013.Google ScholarCross Ref
S. Goldwasser, Y. Kalai, R. A. Popa, V. Vaikuntanathan, and N. Zeldovich. Reusable garbled circuits and succinct functional encryption. In STOC, pages 555--564, 2013. Google ScholarDigital Library
S. Gorbunov, V. Vaikuntanathan, and H. Wee. Functional encryption with bounded collusions from multiparty computation. In CRYPTO, 2012.Google Scholar
S. Gorbunov, V. Vaikuntanathan, and H. Wee. Functional encryption with bounded collusions via multi-party computation. In CRYPTO, pages 162--179. 2012.Google ScholarDigital Library
S. Gorbunov, V. Vaikuntanathan, and H. Wee. Attribute-based encryption for circuits. In STOC, pages 545--554, 2013. Google ScholarDigital Library
V. Goyal, O. Pandey, A. Sahai, and B. Waters. Attribute-based encryption for fine-grained access control of encrypted data. In CCS, pages 89--98, 2006. Google ScholarDigital Library
Y. Huang, D. Evans, and J. Katz. Private set intersection: Are garbled circuits better than custom protocols. In NDSS, 2012.Google Scholar
Y. Huang, D. Evans, J. Katz, and L. Malka. Faster secure two-party computation using garbled circuits. In USENIX Security, volume 201, 2011. Google ScholarDigital Library
Y. Huang, J. Katz, and D. Evans. Quid-pro-quo-tocols: Strengthening semi-honest protocols with dual execution. In IEEE S&P, pages 272--284, 2012. Google ScholarDigital Library
Y. Huang, J. Katz, and D. Evans. Efficient secure two-party computation using symmetric cut-and-choose. In CRYPTO, pages 18--35. 2013.Google ScholarCross Ref
Y. Ishai. Randomization techniques for secure computation. Secure Multi-Party Computation, 10:222--248, 2013.Google Scholar
S. Jha, L. Kruger, and V. Shmatikov. Towards practical privacy for genomic computation. In IEEE S&P, pages 216--230, 2008. Google ScholarDigital Library
A. Joux. Faster index calculus for the medium prime case application to 1175-bit and 1425-bit finite fields. In EUROCRYPT, pages 177--193, 2013.Google ScholarCross Ref
S. Kamara, P. Mohassel, and M. Raykova. Outsourcing multi-party computation. IACR Cryptology ePrint Archive, 2011:272, 2011.Google Scholar
S. Kamara, P. Mohassel, and B. Riva. Salus: a system for server-aided secure function evaluation. In CCS, pages 797--808, 2012. Google ScholarDigital Library
J. Katz, A. Sahai, and B. Waters. Predicate encryption supporting disjunctions, polynomial equations, and inner products. In EUROCRYPT, pages 146--162, 2008. Google ScholarDigital Library
B. Kreuter, B. Mood, A. Shelat, and K. Butler. Pcf: A portable circuit format for scalable two-party secure computation. USENIX Security, 2013. Google ScholarDigital Library
B. Kreuter, A. Shelat, and C.-H. Shen. Billion-gate secure computation with malicious adversaries. In USENIX Security, pages 14--14, 2012. Google ScholarDigital Library
Y. Lindell. Fast cut-and-choose based protocols for malicious and covert adversaries. In CRYPTO, pages 1--17. 2013.Google ScholarCross Ref
D. Malkhi, N. Nisan, B. Pinkas, and Y. Sella. Fairplay-secure two-party computation system. In USENIX Security, pages 287--302, 2004. Google ScholarDigital Library
A. Manichaikul, J. C. Mychaleckyj, S. S. Rich, K. Daly, M. Sale, and W.-M. Chen. Robust relationship inference in genome-wide association studies. Bioinformatics, 26(22):2867--2873, 2010. Google ScholarDigital Library
V. Nikolaenko, S. Ioannidis, U. Weinsberg, M. Joye, N. Taft, and D. Boneh. Privacy-preserving matrix factorization. In CCS, pages 801--812, 2013. Google ScholarDigital Library
V. Nikolaenko, U. Weinsberg, S. Ioannidis, M. Joye, D. Boneh, and N. Taft. Privacy-preserving ridge regression on hundreds of millions of records. In IEEE S&P, pages 334--348, 2013. Google ScholarDigital Library
T. Okamoto and K. Takashima. Fully secure functional encryption with general relations from the decisional linear assumption. In CRYPTO 2010, number 6223, pages 191--208. 2010. Google ScholarDigital Library
A. O'Neill. Definitional issues in functional encryption. Cryptology ePrint Archive, Report 2010/556, 2010.Google Scholar
C. Peikert, V. Vaikuntanathan, and B. Waters. A framework for efficient and composable oblivious transfer. In CRYPTO 2008, number 5157, pages 554--571. 2008. Google ScholarDigital Library
M. Prabhakaran and M. Rosulek. Rerandomizable rcca encryption. In CRYPTO, pages 517--534, 2007. Google ScholarDigital Library
A. Sahai and H. Seyalioglu. Worry-free encryption: functional encryption with public keys. In CCS, pages 463--472, 2010. Google ScholarDigital Library
A. Sahai and B. Waters. Fuzzy identity-based encryption. In EUROCRYPT, pages 457--473, 2005. Google ScholarDigital Library
D. Szajda, M. Pohl, J. Owen, B. G. Lawson, and V. Richmond. Toward a practical data privacy scheme for a distributed implementation of the smith-waterman genome sequence comparison algorithm. In NDSS, 2006.Google Scholar
R. Wang, X. Wang, Z. Li, H. Tang, M. K. Reiter, and Z. Dong. Privacy-preserving genomic computation through program specialization. In CCS, pages 338--347, 2009. Google ScholarDigital Library
A. C.-C. Yao. How to generate and exchange secrets. In FOCS, pages 162--167, 1986. Google ScholarDigital Library
S. Zahur and D. Evans. Circuit structures for improving efficiency of security and privacy tools. In IEEE S&P, pages 493--507, 2013. Google ScholarDigital Library

Index Terms

Controlled Functional Encryption
1. Security and privacy
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime

Recommendations

Worry-free encryption: functional encryption with public keys
CCS '10: Proceedings of the 17th ACM conference on Computer and communications security

In this work, we put forward the notion of Worry-Free Encryption. This allows Alice to encrypt confidential information under Bob's public key and send it to him, without having to worry about whether Bob has the authority to actually access this ...
Read More
Publicly Auditable Functional Encryption
Applied Cryptography and Network Security
Abstract
We introduce the notion of publicly auditable functional encryption (PAFE). Compared to standard functional encryption, PAFE operates in an extended setting that includes an entity called auditor, besides key-generating authority, encryptor, and ...
Read More
Functional encryption for inner product: achieving constant-size ciphertexts with adaptive security or support for negation
PKC'10: Proceedings of the 13th international conference on Practice and Theory in Public Key Cryptography

In functional encryption (FE) schemes, ciphertexts and private keys are associated with attributes and decryption is possible whenever key and ciphertext attributes are suitably related. It is known that expressive realizations can be obtained from a ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
CCS '14: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security
November 2014
1592 pages
ISBN:9781450329576
DOI:10.1145/2660267
General Chair:
Gail-Joon Ahn
Arizona State University, USA
,
Program Chairs:
Moti Yung
Google -- Columbia University, USA
,
Ninghui Li
Purdue University, USA
Copyright © 2014 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 3 November 2014
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
computation over encrypted data
fine-grained data control
functional encryption
Qualifiers
- research-article
Conference

Acceptance Rates
CCS '14 Paper Acceptance Rate114of585submissions,19%Overall Acceptance Rate1,261of6,999submissions,18%
More
Upcoming Conference
CCS '24

Sponsor:

sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 34
  Total Citations
  View Citations
- 831
  Total Downloads
- Downloads (Last 12 months)33
- Downloads (Last 6 weeks)0
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Controlled Functional Encryption

CCS '14: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security

ABSTRACT

References

Cited By

Index Terms

Recommendations

Worry-free encryption: functional encryption with public keys

Publicly Auditable Functional Encryption

Functional encryption for inner product: achieving constant-size ciphertexts with adaptive security or support for negation