Predicate Fully Homomorphic Encryption: Achieving Fine-Grained Access Control over Manipulable Ciphertext

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10726)


With the popularity of cloud computing, there is an increasing demand for enforcing access control over outsourced files and performing versatile operations on encrypted data. To meet this demand, a novel primitive called predicate fully homomorphic encryption (PFHE) is introduced and modeled in this work, which can provide the security guarantee that neither cloud computing server nor invalid cloud users can acquire any extra information about the processed data, while the server can still process the data correctly. We give a generic construction for PFHE, from any predicate key encapsulation mechanism (PKEM) and any LWE-based multi-key fully homomorphic encryption (MFHE). Compared with previously proposed generic construction for attribute-based fully homomorphic encryption (ABFHE), which can naturally be extended to one for PFHE, our construction has advantages in both time for encryption and space for encrypted data storage. In addition, our construction can achieve CCA1-secure. Thus it directly implies approaches for CCA1-secure FHE, CCA1-secure PFHE and CCA1-secure MFHE. The latter two have not been touched in previous work. In addition, we give a conversion which results a CCA1-secure PFHE scheme from a CPA-secure one, drawing on the techniques for CCA2-secure PE schemes.


Fine-grained access control Cloud computing security Fully homomorphic encryption Predicate encryption 



Qianhong Wu is the corresponding author. This paper is supported by the National Key Research and Development Program of China through project 2017YFB0802505, the Natural Science Foundation of China through projects 61772538, 61672083, 61370190, 61532021, 61472429 and 61402029, and by the National Cryptography Development Fund through project MMJJ20170106.


  1. 1.
    Boneh, D., Canetti, R., Halevi, S., Katz, J.: Chosen-ciphertext security from identity-based encryption. SIAM J. Comput. 36(5), 1301–1328 (2007)MathSciNetCrossRefMATHGoogle Scholar
  2. 2.
    Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001). CrossRefGoogle Scholar
  3. 3.
    Boneh, D., Gentry, C., Gorbunov, S., Halevi, S., Nikolaenko, V., Segev, G., Vaikuntanathan, V., Vinayagamurthy, D.: Fully key-homomorphic encryption, arithmetic circuit ABE and compact garbled circuits. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 533–556. Springer, Heidelberg (2014). CrossRefGoogle Scholar
  4. 4.
    Boneh, D., Sahai, A., Waters, B.: Functional encryption: definitions and challenges. In: Ishai, Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 253–273. Springer, Heidelberg (2011). CrossRefGoogle Scholar
  5. 5.
    Brakerski, Z., Cash, D., Tsabary, R., Wee, H.: Targeted homomorphic attribute-based encryption. In: Hirt, M., Smith, A. (eds.) TCC 2016. LNCS, vol. 9986, pp. 330–360. Springer, Heidelberg (2016). CrossRefGoogle Scholar
  6. 6.
    Brakerski, Z., Gentry, C., Vaikuntanathan, V.: (Leveled) fully homomorphic encryption without bootstrapping. In: ITCS, pp. 309–325 (2012)Google Scholar
  7. 7.
    Brakerski, Z., Perlman, R.: Lattice-based fully dynamic multi-key FHE with short ciphertexts. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 190–213. Springer, Heidelberg (2016). CrossRefGoogle Scholar
  8. 8.
    Canetti, R., Raghuraman, S., Richelson, S., Vaikuntanathan, V.: Chosen-ciphertext secure fully homomorphic encryption. In: Fehr, S. (ed.) PKC 2017. LNCS, vol. 10175, pp. 213–240. Springer, Heidelberg (2017). CrossRefGoogle Scholar
  9. 9.
    Cash, D., Hofheinz, D., Kiltz, E., Peikert, C.: Bonsai trees, or how to delegate a lattice basis. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 523–552. Springer, Heidelberg (2010). CrossRefGoogle Scholar
  10. 10.
    Castiglione, A., Santis, A.D., Masucci, B., Palmieri, F., Castiglione, A., Huang, X.: Cryptographic hierarchical access control for dynamic structures. IEEE Trans. Inf. Forensics Secur. 11(10), 2349–2364 (2016)CrossRefMATHGoogle Scholar
  11. 11.
    Castiglione, A., Santis, A.D., Masucci, B., Palmieri, F., Castiglione, A., Li, J., Huang, X.: Hierarchical and shared access control. IEEE Trans. Inf. Forensics Secur. 11(4), 850–865 (2016)Google Scholar
  12. 12.
    Chen, X., Li, J., Ma, J., Tang, Q., Lou, W.: New algorithms for secure outsourcing of modular exponentiations. IEEE Trans. Parallel Distrib. Syst. 25(9), 2386–2396 (2014)CrossRefGoogle Scholar
  13. 13.
    Clear, M., McGoldrick, C.: Multi-identity and multi-key leveled FHE from learning with errors. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9216, pp. 630–656. Springer, Heidelberg (2015). CrossRefGoogle Scholar
  14. 14.
    Galbraith, S.D., Paterson, K.G., Smart, N.P.: Pairings for cryptographers. Discrete Appl. Math. 156(16), 3113–3121 (2008)MathSciNetCrossRefMATHGoogle Scholar
  15. 15.
    Gentry, C.: Fully homomorphic encryption using ideal lattices. In: STOC, pp. 169–178 (2009)Google Scholar
  16. 16.
    Gentry, C., Peikert, C., Vaikuntanathan, V.: Trapdoors for hard lattices and new cryptographic constructions. In: STOC, pp. 197–206 (2008)Google Scholar
  17. 17.
    Gentry, C., Sahai, A., Waters, B.: Homomorphic encryption from learning with errors: conceptually-simpler, asymptotically-faster, attribute-based. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 75–92. Springer, Heidelberg (2013). CrossRefGoogle Scholar
  18. 18.
    Gorbunov, S., Vaikuntanathan, V., Wee, H.: Attribute-based encryption for circuits. In: STOC, pp. 545–554 (2013)Google Scholar
  19. 19.
    Gorbunov, S., Vaikuntanathan, V., Wee, H.: Predicate encryption for circuits from LWE. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9216, pp. 503–523. Springer, Heidelberg (2015). CrossRefGoogle Scholar
  20. 20.
    Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: CCS, pp. 89–98 (2006)Google Scholar
  21. 21.
    Hoffstein, J., Pipher, J., Silverman, J.H.: NTRU: a ring-based public key cryptosystem. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 267–288. Springer, Heidelberg (1998). CrossRefGoogle Scholar
  22. 22.
    Huang, X., Liu, J.K., Tang, S., Xiang, Y., Liang, K., Xu, L., Zhou, J.: Cost-effective authentic and anonymous data sharing with forward security. IEEE Trans. Comput. 64(4), 971–983 (2015)MathSciNetCrossRefMATHGoogle Scholar
  23. 23.
    Indyk, P.: Stable distributions, pseudorandom generators, embeddings and data stream computation. In: FOCS, pp. 189–197 (2000)Google Scholar
  24. 24.
    Katz, J., Sahai, A., Waters, B.: Predicate encryption supporting disjunctions, polynomial equations, and inner products. In: Smart, N. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 146–162. Springer, Heidelberg (2008). CrossRefGoogle Scholar
  25. 25.
    Liu, J.K., Au, M.H., Huang, X., Lu, R., Li, J.: Fine-grained two-factor access control for web-based cloud computing services. IEEE Trans. Inf. Forensics Secur. 11(3), 484–497 (2016)CrossRefGoogle Scholar
  26. 26.
    López-Alt, A., Tromer, E., Vaikuntanathan, V.: On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption. In: STOC, pp. 1219–1234 (2012)Google Scholar
  27. 27.
    Mukherjee, P., Wichs, D.: Two round multiparty computation via multi-key FHE. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9666, pp. 735–763. Springer, Heidelberg (2016). CrossRefGoogle Scholar
  28. 28.
    Peikert, C.: A decade of lattice cryptography. Found. Trends Theor. Comput. Sci. 10(4), 283–424 (2016)MathSciNetCrossRefMATHGoogle Scholar
  29. 29.
    Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In: STOC, pp. 84–93 (2005)Google Scholar
  30. 30.
    Rivest, R.L., Adleman, L., Dertouzos, M.L.: On data banks and privacy homomorphisms. Found. Secur. Comput. 4(11), 169–180 (1978)MathSciNetGoogle Scholar
  31. 31.
    Shaltiel, R.: An introduction to randomness extractors. In: Aceto, L., Henzinger, M., Sgall, J. (eds.) ICALP 2011. LNCS, vol. 6756, pp. 21–41. Springer, Heidelberg (2011). CrossRefGoogle Scholar
  32. 32.
    Stehlé, D., Steinfeld, R.: Making NTRU as secure as worst-case problems over ideal lattices. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 27–47. Springer, Heidelberg (2011). CrossRefGoogle Scholar
  33. 33.
    Wu, Q., Qin, B., Zhang, L., Domingo-Ferrer, J., Farràs, O., Manjón, J.A.: Contributory broadcast encryption with efficient encryption and short ciphertexts. IEEE Trans. Comput. 65(2), 466–479 (2016)MathSciNetCrossRefMATHGoogle Scholar
  34. 34.
    Yamada, S., Attrapadung, N., Santoso, B., Schuldt, J.C.N., Hanaoka, G., Kunihiro, N.: Verifiable predicate encryption and applications to CCA security and anonymous predicate authentication. In: Fischlin, M., Buchmann, J., Manulis, M. (eds.) PKC 2012. LNCS, vol. 7293, pp. 243–261. Springer, Heidelberg (2012). CrossRefGoogle Scholar
  35. 35.
    Yang, K., Jia, X., Ren, K.: Attribute-based fine-grained access control with efficient revocation in cloud storage systems. In: ASIACCS, pp. 523–528 (2013)Google Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature 2018

Authors and Affiliations

  • Hanwen Feng
    • 1
    • 2
  • Jianwei Liu
    • 1
  • Qianhong Wu
    • 1
  • Weiran Liu
    • 1
  1. 1.School of Electronic and Information EngineeringBeihang UniversityBeijingChina
  2. 2.State Key Laboratory of CryptologyBeijingChina

Personalised recommendations