Functional encryption

Functional encryption
General
Designers	Amit Sahai, Brent Waters, Dan Boneh, Shafi Goldwasser, Yael Kalai
Derived from	Public-key encryption
Related to	Homomorphic encryption

Functional encryption (FE) is a generalization of public-key encryption in which possessing a secret key allows one to learn a function of what the ciphertext is encrypting.

Formal definition[edit]

More precisely, a functional encryption scheme for a given functionality $f$ consists of the following four algorithms:

$({\text{pk}},{\text{msk}})\leftarrow {\textsf {Setup}}(1^{\lambda })$ : creates a public key ${\text{pk}}$ and a master secret key ${\text{msk}}$ .
${\text{sk}}\leftarrow {\textsf {Keygen}}({\text{msk}},f)$ : uses the master secret key to generate a new secret key ${\text{sk}}$ for the function $f$ .
$c\leftarrow {\textsf {Enc}}({\text{pk}},x)$ : uses the public key to encrypt a message $x$ .
$y\leftarrow {\textsf {Dec}}({\text{sk}},c)$ : uses secret key to calculate $y=f(x)$ where $x$ is the value that $c$ encrypts.

The security of FE requires that any information an adversary learns from an encryption of $x$ is revealed by $f(x)$ . Formally, this is defined by simulation.^[1]

Applications[edit]

Functional encryption generalizes several existing primitives including Identity-based encryption (IBE) and attribute-based encryption (ABE). In the IBE case, define $F(k,x)$ to be equal to $x$ when $k$ corresponds to an identity that is allowed to decrypt, and $\perp$ otherwise. Similarly, in the ABE case, define $F(k,x)=x$ when $k$ encodes attributes with permission to decrypt and $\perp$ otherwise.

History[edit]

Functional encryption was proposed by Amit Sahai and Brent Waters in 2005^[2] and formalized by Dan Boneh, Amit Sahai and Brent Waters in 2010.^[3] Until recently, however, most instantiations of Functional Encryption supported only limited function classes such as boolean formulae. In 2012, several researchers developed Functional Encryption schemes that support arbitrary functions.^[1]^[4]^[5]^[6]

References[edit]

^ ^a ^b Goldwasser, Shafi; Kalai, Yael; Ada Popa, Raluca; Vaikuntanathan, Vinod; Zeldovich, Nickolai (2013). Reusable garbled circuits and succinct functional encryption - Stoc 13 Proceedings of the 2013 ACM Symposium on Theory of Computing. New York, NY, USA: ACM. pp. 555–564. ISBN 978-1-4503-2029-0.
^ Amit Sahai; Brent Waters (2005). "Fuzzy Identity-Based Encryption". In Ronald Cramer (ed.). Advances in Cryptology. EUROCRYPT 2005: 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings. Springer. pp. 457–473. ISBN 978-3-540-25910-7. LCCN 2005926095.
^ Boneh, Dan; Amit Sahai; Brent Waters (2011). "Functional Encryption: Definitions and Challenges" (PDF). Proceedings of Theory of Cryptography Conference (TCC) 2011.
^ Gorbunov, Sergey; Hoeteck Wee; Vinod Vaikuntanathan (2013). "Attribute-Based Encryption for Circuits". Proceedings of STOC.
^ Sahai, Amit; Brent Waters (2012). "Attribute-Based Encryption for Circuits from Multilinear Maps" (PDF). arXiv:1210.5287.
^ Goldwasser, Shafi; Yael Kalai; Raluca Ada Popa; Vinod Vaikuntanathan; Nickolai Zeldovich (2013). "How to Run Turing Machines on Encrypted Data" (PDF). Advances in Cryptology – CRYPTO 2013. Crypto 2013. Lecture Notes in Computer Science. Vol. 8043. pp. 536–553. doi:10.1007/978-3-642-40084-1_30. hdl:1721.1/91472. ISBN 978-3-642-40083-4.

[:0-1] Goldwasser, Shafi; Kalai, Yael; Ada Popa, Raluca; Vaikuntanathan, Vinod; Zeldovich, Nickolai (2013). Reusable garbled circuits and succinct functional encryption - Stoc 13 Proceedings of the 2013 ACM Symposium on Theory of Computing. New York, NY, USA: ACM. pp. 555–564. ISBN 978-1-4503-2029-0.

[2] Amit Sahai; Brent Waters (2005). "Fuzzy Identity-Based Encryption". In Ronald Cramer (ed.). Advances in Cryptology. EUROCRYPT 2005: 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings. Springer. pp. 457–473. ISBN 978-3-540-25910-7. LCCN 2005926095.

[3] Boneh, Dan; Amit Sahai; Brent Waters (2011). "Functional Encryption: Definitions and Challenges" (PDF). Proceedings of Theory of Cryptography Conference (TCC) 2011.

[4] Gorbunov, Sergey; Hoeteck Wee; Vinod Vaikuntanathan (2013). "Attribute-Based Encryption for Circuits". Proceedings of STOC.

[5] Sahai, Amit; Brent Waters (2012). "Attribute-Based Encryption for Circuits from Multilinear Maps" (PDF). arXiv:1210.5287.

[6] Goldwasser, Shafi; Yael Kalai; Raluca Ada Popa; Vinod Vaikuntanathan; Nickolai Zeldovich (2013). "How to Run Turing Machines on Encrypted Data" (PDF). Advances in Cryptology – CRYPTO 2013. Crypto 2013. Lecture Notes in Computer Science. Vol. 8043. pp. 536–553. doi:10.1007/978-3-642-40084-1_30. hdl:1721.1/91472. ISBN 978-3-642-40083-4.

[1]

[2]

[3]

[4]

[5]

[6]