Function-Private Subspace-Membership Encryption and Its Applications

  • Dan Boneh
  • Ananth Raghunathan
  • Gil Segev
Conference paper

DOI: 10.1007/978-3-642-42033-7_14

Part of the Lecture Notes in Computer Science book series (LNCS, volume 8269)
Cite this paper as:
Boneh D., Raghunathan A., Segev G. (2013) Function-Private Subspace-Membership Encryption and Its Applications. In: Sako K., Sarkar P. (eds) Advances in Cryptology - ASIACRYPT 2013. ASIACRYPT 2013. Lecture Notes in Computer Science, vol 8269. Springer, Berlin, Heidelberg

Abstract

Boneh, Raghunathan, and Segev (CRYPTO ’13) have recently put forward the notion of function privacy and applied it to identity-based encryption, motivated by the need for providing predicate privacy in public-key searchable encryption. Intuitively, their notion asks that decryption keys reveal essentially no information on their corresponding identities, beyond the absolute minimum necessary. While Boneh et al. showed how to construct function-private identity-based encryption (which implies predicate-private encrypted keyword search), searchable encryption typically requires a richer set of predicates.

In this paper we significantly extend the function privacy framework. First, we consider the notion of subspace-membership encryption, a generalization of inner-product encryption, and formalize a meaningful and realistic notion for capturing its function privacy. Then, we present a generic construction of a function-private subspace-membership encryption scheme based on any inner-product encryption scheme. This is the first generic construction that yields a function-private encryption scheme based on a non-function-private one.

Finally, we present various applications of function-private subspacemembership encryption. Among our applications, we significantly improve the function privacy of the identity-based encryption schemes of Boneh et al.: whereas their schemes are function private only for identities that are highly unpredictable (with min-entropy of at least λ + ω(log λ) bits, where λ is the security parameter), we obtain functionprivate schemes assuming only the minimal required unpredictability (i.e., min-entropy of only ω(log λ) bits). This improvement offers a much more realistic function privacy guarantee.

Keywords

Function privacy functional encryption 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Dan Boneh
    • 1
  • Ananth Raghunathan
    • 1
  • Gil Segev
    • 2
  1. 1.Stanford UniversityUSA
  2. 2.Hebrew UniversityIsrael

Personalised recommendations