83 research outputs found
Efficient privacy preserving predicate encryption with fine-grained searchable capability for cloud storage
With the fast development in Cloud storage technologies and ever increasing use of Cloud data centres, data privacy and confidentiality has become a must. Indeed, Cloud data centres store each time more sensitive data such as personal data, organizational and enterprise data, transactional data, etc. However, achieving confidentiality with flexible searchable capability is a challenging issue. In this article, we show how to construct an efficient predicate encryption with fine-grained searchable capability. Predicate Encryption (PEPE) can achieve more sophisticated and flexible functionality compared with traditional public key encryption. We propose an efficient predicate encryption scheme by utilizing the dual system encryption technique, which can also be proved to be IND-AH-CPA (indistinguishable under chosen plain-text attack for attribute-hiding) secure without random oracle. We also carefully analyse the relationship between predicate encryption and searchable encryption. To that end, we introduce a new notion of Public-Key Encryption with Fine-grained Keyword Search (PEFKSPEFKS). Our results show that an IND-AH-CPA secure PE scheme can be used to construct an IND-PEFKS-CPA (indistinguishable under chosen plain-text attack for public-key encryption with fine-grained keyword search) secure PEFKSPEFKS scheme. A new transformation of PE-to-PEFKS is also proposed and used to construct an efficient PEFKSPEFKS scheme based on the transformation from the proposed PEPE scheme. Finally, we design a new framework for supporting privacy preserving predicate encryption with fine-grained searchable capability for Cloud storage. Compared to most prominent frameworks, our framework satisfies more features altogether and can serve as a basis for developing such frameworks for Cloud data centres.Peer ReviewedPostprint (author's final draft
Leakage-resilient Identity-based Encryption in Bounded Retrieval Model with Nearly Optimal Leakage-Ratio
We propose new constructions of leakage-resilient public-key encryption (PKE) and identity-based encryption (IBE) schemes in the bounded retrieval model (BRM). In the BRM, adversaries are allowed to obtain at most -bit leakage from a secret key and we can increase only by increasing the size of secret keys without losing efficiency in any other performance measure. We call leakage-ratio where denotes a bit-length of a secret key.
Several PKE/IBE schemes in the BRM are known. However, none of these constructions achieve a constant leakage-ratio under a standard assumption in the standard model. Our PKE/IBE schemes are the first schemes in the BRM that achieve leakage-ratio for any constant under standard assumptions in the standard model.
As previous works, we use identity-based hash proof systems (IB-HPS) to construct IBE schemes in the BRM. It is known that a parameter for IB-HPS called the universality-ratio is translated into the leakage-ratio of the resulting IBE scheme in the BRM. We construct an IB-HPS with universality-ratio for any constant based on any inner-product predicate encryption (IPE) scheme with compact secret keys. Such IPE schemes exist under the -linear, subgroup decision, learning with errors, or computational bilinear Diffie-Hellman assumptions. As a result, we obtain IBE schemes in the BRM with leakage-ratio under any of these assumptions. Our PKE schemes are immediately obtained from our IBE schemes
Practical Predicate Encryption for Inner Product
Inner product encryption is a powerful cryptographic primitive, where a private key and a ciphertext are both associated with a predicate vector and an attribute vector, respectively. A successful decryption requires the inner product of the predicate vector and the attribute vector to be zero. Most of the existing inner product encryption schemes suffer either long private key or heavy decryption cost. In this manuscript, an efficient inner product encryption is proposed. The length for a private key is only an element in and an element in . Besides, only one pairing computation is needed for decryption. Moreover, both formal security proof and implementation result are demonstrated in this manuscript. To the best of our knowledge, our scheme is the most efficient one in terms of the private key length and the number of pairings computation for decryption
Witness Maps and Applications
We introduce the notion of Witness Maps as a cryptographic notion of
a proof system. A Unique Witness Map (UWM) deterministically maps all
witnesses for an statement to a single representative witness, resulting
in a computationally sound, deterministic-prover, non-interactive witness
independent proof system. A relaxation of UWM, called Compact Witness Map
(CWM), maps all the witnesses to a small number of witnesses, resulting in a
``lossy\u27\u27 deterministic-prover, non-interactive proof-system. We also define
a Dual Mode Witness Map (DMWM) which adds an ``extractable\u27\u27 mode to
a CWM.
\medskip
Our main construction is a DMWM for all relations, assuming
sub-exponentially secure indistinguishability obfuscation (), along with
standard cryptographic assumptions. The DMWM construction relies on a CWM
and a new primitive called Cumulative All-Lossy-But-One Trapdoor
Functions (C-ALBO-TDF),
both of which are in turn instantiated based on and other primitives.
Our instantiation of a CWM is in fact a UWM; in turn, we show that a UWM
implies Witness Encryption. Along the way to constructing UWM and
C-ALBO-TDF, we also construct, from standard assumptions, Puncturable
Digital Signatures and a new primitive called Cumulative Lossy
Trapdoor Functions (C-LTDF). The former improves up on a construction of
Bellare et al. (Eurocrypt 2016), who relied on sub-exponentially secure
and sub-exponentially secure OWF.
\medskip
As an application of our constructions, we show how to use a DMWM to
construct the first leakage and tamper-resilient signatures
with a deterministic signer, thereby solving a decade old open
problem posed by Katz and Vaikunthanathan (Asiacrypt 2009), by Boyle, Segev
and Wichs (Eurocrypt 2011), as well as by Faonio and Venturi (Asiacrypt
2016). Our construction achieves the optimal leakage rate of
Minicrypt Primitives with Algebraic Structure and Applications
Algebraic structure lies at the heart of much of Cryptomania as we know it. An interesting question is the following: instead of building (Cryptomania) primitives from concrete assumptions, can we build them from simple Minicrypt primitives endowed with additional algebraic structure? In this work, we affirmatively answer this question by adding algebraic structure to the following Minicrypt primitives:
• One-Way Function (OWF)
• Weak Unpredictable Function (wUF)
• Weak Pseudorandom Function (wPRF)
The algebraic structure that we consider is group homomorphism over the input/output spaces of these primitives. We also consider a “bounded” notion of homomorphism where the primitive only supports an a priori bounded number of homomorphic operations in order to capture lattice-based and other “noisy” assumptions. We show that these structured primitives can be used to construct many cryptographic protocols. In particular, we prove that:
• (Bounded) Homomorphic OWFs (HOWFs) imply collision-resistant hash functions, Schnorr-style signatures, and chameleon hash functions.
• (Bounded) Input-Homomorphic weak UFs (IHwUFs) imply CPA-secure PKE, non-interactive key exchange, trapdoor functions, blind batch encryption (which implies anonymous IBE, KDM-secure and leakage-resilient PKE), CCA2 deterministic PKE, and hinting PRGs (which in turn imply transformation of CPA to CCA security for ABE/1-sided PE).
• (Bounded) Input-Homomorphic weak PRFs (IHwPRFs) imply PIR, lossy trapdoor functions, OT and MPC (in the plain model).
In addition, we show how to realize any CDH/DDH-based protocol with certain properties in a generic manner using IHwUFs/IHwPRFs, and how to instantiate such a protocol from many concrete assumptions. We also consider primitives with substantially richer structure, namely Ring IHwPRFs and L-composable IHwPRFs. In particular, we show the following:
• Ring IHwPRFs with certain properties imply FHE.
• 2-composable IHwPRFs imply (black-box) IBE, and -composable IHwPRFs imply non-interactive
-party key exchange.
Our framework allows us to categorize many cryptographic protocols based on which structured Minicrypt primitive implies them. In addition, it potentially makes showing the existence of many cryptosystems from novel assumptions substantially easier in the future
- …