Public-Key Function-Private Hidden Vector Encryption (and More)

  • James BartusekEmail author
  • Brent Carmer
  • Abhishek Jain
  • Zhengzhong Jin
  • Tancrède Lepoint
  • Fermi Ma
  • Tal Malkin
  • Alex J. Malozemoff
  • Mariana Raykova
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11923)


We construct public-key function-private predicate encryption for the “small superset functionality,” recently introduced by Beullens and Wee (PKC 2019). This functionality captures several important classes of predicates:
  • Point functions. For point function predicates, our construction is equivalent to public-key function-private anonymous identity-based encryption.

  • Conjunctions. If the predicate computes a conjunction, our construction is a public-key function-private hidden vector encryption scheme. This addresses an open problem posed by Boneh, Raghunathan, and Segev (ASIACRYPT 2013).

  • d-CNFs and read-once conjunctions of d-disjunctions for constant-size d.

Our construction extends the group-based obfuscation schemes of Bishop et al. (CRYPTO 2018), Beullens and Wee (PKC 2019), and Bartusek et al. (EUROCRYPT 2019) to the setting of public-key function-private predicate encryption. We achieve an average-case notion of function privacy, which guarantees that a decryption key \(\mathsf {sk} _f\) reveals nothing about f as long as f is drawn from a distribution with sufficient entropy. We formalize this security notion as a generalization of the (enhanced) real-or-random function privacy definition of Boneh, Raghunathan, and Segev (CRYPTO 2013). Our construction relies on bilinear groups, and we prove security in the generic bilinear group model.



This research was supported in part by ARO and DARPA Safeware under contracts W911NF-15-C-0227, W911NF-15-C-0236, W911NF-16-1-0389, W911NF-15-C-0213, and by NSF grants CNS-1633282, 1562888, 1565208, and 1814919. Any opinions, findings and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the ARO and DARPA.


  1. [AAB+15]
    Agrawal, S., Agrawal, S., Badrinarayanan, S., Kumarasubramanian, A., Prabhakaran, M., Sahai, A.: On the practical security of inner product functional encryption. In: Katz, J. (ed.) PKC 2015. LNCS, vol. 9020, pp. 777–798. Springer, Heidelberg (2015). Scholar
  2. [ABF16]
    Arriaga, A., Barbosa, M., Farshim, P.: Private functional encryption: indistinguishability-based definitions and constructions from obfuscation. In: Dunkelman, O., Sanadhya, S.K. (eds.) INDOCRYPT 2016. LNCS, vol. 10095, pp. 227–247. Springer, Cham (2016). Scholar
  3. [BBC+14]
    Barak, B., Bitansky, N., Canetti, R., Kalai, Y.T., Paneth, O., Sahai, A.: Obfuscation for evasive functions. In: Lindell, Y. (ed.) TCC 2014. LNCS, vol. 8349, pp. 26–51. Springer, Heidelberg (2014). Scholar
  4. [BCKP14]
    Bitansky, N., Canetti, R., Kalai, Y.T., Paneth, O.: On virtual grey box obfuscation for general circuits. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8617, pp. 108–125. Springer, Heidelberg (2014). Scholar
  5. [BF01]
    Boneh, D., Franklin, M.K.: Identity-based encryption from the Weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001). Scholar
  6. [BGI+01]
    Barak, B., et al.: On the (im)possibility of obfuscating programs. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 1–18. Springer, Heidelberg (2001). Scholar
  7. [BGMZ18]
    Bartusek, J., Guan, J., Ma, F., Zhandry, M.: Return of GGH15: provable security against zeroizing attacks. In: Beimel, A., Dziembowski, S. (eds.) TCC 2018. LNCS, vol. 11240, pp. 544–574. Springer, Cham (2018). Scholar
  8. [BKM+18]
    Bishop, A., Kowalczyk, L., Malkin, T., Pastro, V., Raykova, M., Shi, K.: A simple obfuscation scheme for pattern-matching with wildcards. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10993, pp. 731–752. Springer, Cham (2018). Scholar
  9. [BLMZ19]
    Bartusek, J., Lepoint, T., Ma, F., Zhandry, M.: New techniques for obfuscating conjunctions. In: Ishai, Y., Rijmen, V. (eds.) EUROCRYPT 2019. LNCS, vol. 11478, pp. 636–666. Springer, Cham (2019). Scholar
  10. [BMSZ16]
    Badrinarayanan, S., Miles, E., Sahai, A., Zhandry, M.: Post-zeroizing obfuscation: new mathematical tools, and the case of evasive circuits. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9666, pp. 764–791. Springer, Heidelberg (2016). Scholar
  11. [BR13]
    Brakerski, Z., Rothblum, G.N.: Obfuscating conjunctions. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8043, pp. 416–434. Springer, Heidelberg (2013). Scholar
  12. [BR17]
    Brakerski, Z., Rothblum, G.N.: Obfuscating conjunctions. J. Crypt. 30(1), 289–320 (2017)MathSciNetCrossRefGoogle Scholar
  13. [BRS13a]
    Boneh, D., Raghunathan, A., Segev, G.: Function-private identity-based encryption: hiding the function in functional encryption. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8043, pp. 461–478. Springer, Heidelberg (2013). Scholar
  14. [BRS13b]
    Boneh, D., Raghunathan, A., Segev, G.: Function-private subspace-membership encryption and its applications. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013. LNCS, vol. 8269, pp. 255–275. Springer, Heidelberg (2013). Scholar
  15. [BSW09]
    Bethencourt, J., Song, D., Waters, B.: New techniques for private stream searching. ACM Trans. Inf. Syst. Secur. (TISSEC) 12(3), 16 (2009)CrossRefGoogle Scholar
  16. [BW07]
    Boneh, D., Waters, B.: Conjunctive, subset, and range queries on encrypted data. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 535–554. Springer, Heidelberg (2007). Scholar
  17. [BW19]
    Beullens, W., Wee, H.: Obfuscating simple functionalities from knowledge assumptions. In: Lin, D., Sako, K. (eds.) PKC 2019. LNCS, vol. 11443, pp. 254–283. Springer, Cham (2019). Scholar
  18. [Can97]
    Canetti, R.: Towards realizing random oracles: hash functions that hide all partial information. In: Kaliski, B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 455–469. Springer, Heidelberg (1997). Scholar
  19. [CRV10]
    Canetti, R., Rothblum, G.N., Varia, M.: Obfuscation of hyperplane membership. In: Micciancio, D. (ed.) TCC 2010. LNCS, vol. 5978, pp. 72–89. Springer, Heidelberg (2010). Scholar
  20. [DS05]
    Dodis, Y., Smith, A.: Correcting errors without leaking partial information. In: 37th ACM STOC (2005)Google Scholar
  21. [GKW17]
    Goyal, R., Koppula, V., Waters, B.: Lockable obfuscation. In: 58th FOCS (2017)Google Scholar
  22. [GW11]
    Gentry, C., Wichs, D.: Separating succinct non-interactive arguments from all falsifiable assumptions. In: 43rd ACM STOC (2011)Google Scholar
  23. [ITZ16]
    Iovino, V., Tang, Q., Zebrowski, K.: On the power of public-key function-private functional encryption. In: CANS 2016 (2016)Google Scholar
  24. [Jou04]
    Joux, A.: A one round protocol for tripartite Diffie-Hellman. J. Cryptol. 17(4), 263–276 (2004)MathSciNetCrossRefGoogle Scholar
  25. [KLM+18]
    Kim, S., Lewi, K., Mandal, A., Montgomery, H., Roy, A., Wu, D.J.: Function-hiding inner product encryption is practical. In: Catalano, D., De Prisco, R. (eds.) SCN 2018. LNCS, vol. 11035, pp. 544–562. Springer, Cham (2018). Scholar
  26. [KSW08]
    Katz, J., Sahai, A., Waters, B.: Predicate encryption supporting disjunctions, polynomial equations, and inner products. In: Smart, N. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 146–162. Springer, Heidelberg (2008). Scholar
  27. [KSW13]
    Katz, J., Sahai, A., Waters, B.: Predicate encryption supporting disjunctions, polynomial equations, and inner products. J. Cryptol. 26(2), 191–224 (2013)MathSciNetCrossRefGoogle Scholar
  28. [LPS04]
    Lynn, B., Prabhakaran, M., Sahai, A.: Positive results and techniques for obfuscation. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 20–39. Springer, Heidelberg (2004). Scholar
  29. [Mau05]
    Maurer, U.M.: Abstract models of computation in cryptography. In: Smart, N.P. (ed.) Cryptography and Coding 2005. LNCS, vol. 3796, pp. 1–12. Springer, Heidelberg (2005). Scholar
  30. [Nao03]
    Naor, M.: On cryptographic assumptions and challenges. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 96–109. Springer, Heidelberg (2003). Scholar
  31. [Nec94]
    Nechaev, V.I.: Complexity of a determinate algorithm for the discrete logarithm. Math. Notes 55(2), 165–172 (1994)MathSciNetCrossRefGoogle Scholar
  32. [OS07]
    Ostrovsky, R., Skeith, W.E.: Private searching on streaming data. J. Cryptol. 20(4), 397–430 (2007)MathSciNetCrossRefGoogle Scholar
  33. [PM18]
    Patranabis, S., Mukhopadhyay, D.: New lower bounds on predicate entropy for function private public-key predicate encryption. Cryptology ePrint Archive, Report 2018/190 (2018).
  34. [PMR19]
    Patranabis, S., Mukhopadhyay, D., Ramanna, S.C.: Function private predicate encryption for low min-entropy predicates. In: Lin, D., Sako, K. (eds.) PKC 2019. LNCS, vol. 11443, pp. 189–219. Springer, Cham (2019). Scholar
  35. [Sho97]
    Shoup, V.: Lower bounds for discrete logarithms and related problems. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 256–266. Springer, Heidelberg (1997). Scholar
  36. [SSW09]
    Shen, E., Shi, E., Waters, B.: Predicate privacy in encryption systems. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 457–473. Springer, Heidelberg (2009). Scholar
  37. [SWP00]
    Song, D.X., Wagner, D., Perrig, A.: Practical techniques for searches on encrypted data. In: 2000 IEEE Symposium on Security and Privacy (2000)Google Scholar
  38. [Wee05]
    Wee, H.: On obfuscating point functions. In: 37th ACM STOC (2005)Google Scholar
  39. [WZ17]
    Wichs, D., Zirdelis, G.: Obfuscating compute-and-compare programs under LWE. In: 58th FOCS (2017)Google Scholar

Copyright information

© International Association for Cryptologic Research 2019

Authors and Affiliations

  • James Bartusek
    • 1
    Email author
  • Brent Carmer
    • 2
  • Abhishek Jain
    • 3
  • Zhengzhong Jin
    • 3
  • Tancrède Lepoint
    • 4
  • Fermi Ma
    • 5
  • Tal Malkin
    • 6
  • Alex J. Malozemoff
    • 2
  • Mariana Raykova
    • 4
  1. 1.UC BerkeleyBerkeleyUSA
  2. 2.GaloisPortlandUSA
  3. 3.Johns Hopkins UniversityBaltimoreUSA
  4. 4.GoogleMountain ViewUSA
  5. 5.Princeton UniversityPrincetonUSA
  6. 6.Columbia UniversityNew YorkUSA

Personalised recommendations