Efficient Circuit-Size Independent Public Key Encryption with KDM Security

* Final gross prices may vary according to local VAT.

Get Access

Abstract

Key Dependent Message (KDM) secure encryption is a new area which has attracted much research in recent years. Roughly speaking, a KDM secure scheme w.r.t. a function set \(\mathcal{F}\) provides security even if one encrypts a key dependent message f(sk) for any \(f\in\mathcal{F}\) . We present a construction of an efficient public key encryption scheme which is KDM secure with respect to a large function set \(\mathcal{F}\) . Our function set is a function computable by a polynomial-size Modular Arithmetic Circuit (MAC); we represent the set as Straight Line Programs computing multi-variable polynomials (an extended scheme includes all rational functions whose denominator and numerator are functions as above). Unlike previous schemes, our scheme is what we call flexible: the size of the ciphertext depends on the degree bound for the polynomials, and beyond this all parameters of the scheme are completely independent of the size of the function or the number of secret keys (users). We note that although KDM security has practical applications, all previous works in the standard model are either inefficient feasibility results when dealing with general circuits function sets, or are for a small set of functions such as linear functions. Efficiency of our scheme is dramatically improved compared to the previous feasibility results.