Lattice-Based Hierarchical Inner Product Encryption
The notion of inner-product encryption (IPE), introduced by Katz, Sahai, and Waters at Eurocrypt 2008, is a generalization of identity-based encryption in which ciphertexts and secret keys are associated to vectors in some finite field. In an IPE scheme, a ciphertext can only be decrypted by a secret key if the vector associated with the latter is orthogonal to that of the ciphertext. In its hierarchical version, first proposed by Okamoto and Takashima (Asiacrypt’09), there exists an additional delegation mechanism which allows users to delegate their decryption capabilities to other users in the system. In this paper, we propose the first construction of a hierarchical inner-product encryption (HIPE) scheme based on lattices assumptions. To achieve this goal, we extend the lattice-based IPE scheme by Agrawal, Freeman, and Vaikuntanathan (Asiacrypt’11) to the hierarchical setting by employing basis delegation technics by Peikert et al. (Eurocrypt’ 10) and by Agrawal et al. (Eurocrypt’10). As the underlying IPE scheme, our new scheme is shown to be weak selective secure based on the difficulty of the learning with errors (LWE) problem in the standard model, as long as the total number of levels in the hierarchy is a constant. As an application, we show how our new primitive can be used to build new chosen-ciphertext secure IPE and wildcarded identity-based encryption schemes.
KeywordsLattice-based cryptography inner product functional cryptography hierarchical
Unable to display preview. Download preview PDF.
- 3.Agrawal, S., Freeman, D.M., Vaikuntanathan, V.: Functional Encryption for Inner Product Predicates from Learning with Errors. In: Lee, D.H. (ed.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 21–40. Springer, Heidelberg (2011)Google Scholar
- 4.Ajtai, M.: Generating hard instances of lattice problems (extended abstract). In: ACM STOC Annual ACM Symposium on Theory of Computing, pp. 99–108. ACM Press (May 1996)Google Scholar
- 5.Alwen, J., Peikert, C.: Generating shorter bases for hard random lattices. In: STACS 2009, pp. 75–86 (2009)Google Scholar
- 11.Gentry, C., Peikert, C., Vaikuntanathan, V.: Trapdoors for hard lattices and new cryptographic constructions. In: Ladner, R.E., Dwork, C. (eds.) 40th ACM STOC Annual ACM Symposium on Theory of Computing, pp. 197–206. ACM Press (May 2008)Google Scholar
- 12.Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Juels, A., Wright, R.N., Vimercati, S. (eds.) ACM CCS 2006: 13th Conference on Computer and Communications Security, pp. 89–98. ACM Press (October/November 2006)Google Scholar
- 15.Micciancio, D., Regev, O.: Worst-case to average-case reductions based on Gaussian measures. In: 45th FOCS Annual Symposium on Foundations of Computer Science, pp. 372–381. IEEE Computer Society Press (October 2004)Google Scholar
- 18.Peikert, C.: Public-key cryptosystems from the worst-case shortest vector problem: extended abstract. In: Mitzenmacher, M. (ed.) 41st ACM STOC Annual ACM Symposium on Theory of Computing, pp. 333–342. ACM Press (May/June 2009)Google Scholar
- 19.Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In: Gabow, H.N., Fagin, R. (eds.) 37th ACM STOC Annual ACM Symposium on Theory of Computing, pp. 84–93. ACM Press (May 2005)Google Scholar