Practical functional encryption : constructions and extensions

Abstract

Functional Encryption (FE) is an advanced notion for encryption. It extremely extends the traditional Public-Key Encryption, which allows users to learn only functional values from the encrypted data. However, before Functional Encryption can be of practical use, some problems need to be solved. In this thesis, we address these problems, aiming at making Practical Functional Encryption schemes.

In the first part, we will focus on Function Hiding problem in Practical Functional Encryption. We firstly put up a new definition that describes the security for Function Hiding Functional Encryption for Inner Product in public key setting. We show that the existed public key setting Functional Encryption for Inner Product works are not secure under this definition. Secondly, under our new definition, we show a generic construction which can be instantiated from any given Public key encryption with some necessary properties. Then, we give an instantiation of our construction based on ElGamal encryption, as well as the implementation of our construction. Finally, we give our Function Hiding Multi-Client IPFE construction as well as the instantiation based on standard assumptions.

In the second part, we focus on the access control of decryption result in Practical Functional Encryption. Since all legitimate users get the same decryption results in existing FE schemes. Functional encryption that allows users to get different decryption results based on user attributes/policies has many useful practical applications. For example, a company may only authorize department heads of other sections to query the average sale figures of the sales department from the encrypted sales database. We combine techniques from Ciphertext-Policy Attribute Based Encryption(CP-ABE) and Function Encryption to propose a primitive that we call "Attribute Based Functional Encryption (ABFE)" which allows only authorized users to obtain functional values based on the users' attributes/policies, and develop the first Attribute-based functional encryption (ABFE) scheme from simple and well-studied assumptions that can enable a user to obtain a functional value of the encrypted data, based on the user's attributes.

In the third part, we address the Multi-Client scenario of Practical Functional Encryption, in which multiple parties agree to share their data together, but none of them want to reveal their private data. What's more, these parties do not trust each other. Taking consideration of this situation, we combine techniques from Key-Policy Attribute Based Encryption(KP-ABE) and Multi-Client Functional Encryption, and develop the first Multi-client Attribute based functional encryption scheme(MCABFE) scheme for inner product functionality from simple and well-studied assumptions.

In the last part, we address the Decentralization problem. In order to remove the requirement for a trusted central third party in the Practical Functional Encryption scheme, we try to remove the need of the authority, in order to make our scheme well suited for practical applications. We extend our new primitive MCABFE in the third part, and propose a ``Decentralized Multi-client Attribute based functional encryption scheme (DMCABFE)'' in which no trusted party is required in the setup phase and the generation of functional decryption keys, and also give an instantiation for inner product functionality.