Functional encryption resilient to hard-to-invert leakage

Mingwu Zhang, Chunzhi Wang, Tsuyoshi Takagi, Yi Mu

Research output: Contribution to journalArticle

7 Citations (Scopus)

Abstract

Functional encryption (FE) systems provide a flexible and expressive encryption mechanism that private keys and ciphertexts are associated with attributes x{combining right arrow above} and predicate formulae Γ and decryption are possible whenever keys and ciphertexts are related, i.e. Γx{combining right arrow above} = 1. In this work, we put forward a leakage-resilient FE scheme against the amount of leakage output over a hard-to-invert function family. In our scheme, the encryption policy is specified as an arbitrary monotonic formula, and the adversary can learn the arbitrary length output of the master key and the private key from any computationally irreversible function with the input (master) keys. To improve the efficiency, we employ the set of minimal sets to describe the predicate formula or access structure, and initiate the formal model of leakage-resilient FE, which is a generic extension of identity-based encryption and attribute-based encryption in the presence of key leakage with auxiliary inputs. We provide the concrete construction in bilinear groups of composite order, and prove the adaptively leakage-resilient security in the standard model based on static assumptions. Our hard-to-invert leakage resilience employs the Goldreich-Levin theorem and its extension as a hard-core value over large fields. We also give an extensional construction in the case of obtaining the hard-to-invert randomness leakage of the encryption, which uses a strong extractor to prevent leakage of randomness and a hard-to-invert encryption to prevent the leakage of the key. Finally, we analyze and discuss the stepped-up security on master leakage and continual leakage, and the lower bound of the irreversible leakage function.

Original languageEnglish
Pages (from-to)735-749
Number of pages15
JournalComputer Journal
Volume58
Issue number4
DOIs
Publication statusPublished - Sep 16 2013

Fingerprint

Cryptography
Concrete construction
Computer systems
Composite materials

All Science Journal Classification (ASJC) codes

  • Computer Science(all)

Cite this

Functional encryption resilient to hard-to-invert leakage. / Zhang, Mingwu; Wang, Chunzhi; Takagi, Tsuyoshi; Mu, Yi.

In: Computer Journal, Vol. 58, No. 4, 16.09.2013, p. 735-749.

Research output: Contribution to journalArticle

Zhang, M, Wang, C, Takagi, T & Mu, Y 2013, 'Functional encryption resilient to hard-to-invert leakage', Computer Journal, vol. 58, no. 4, pp. 735-749. https://doi.org/10.1093/comjnl/bxt105
Zhang, Mingwu ; Wang, Chunzhi ; Takagi, Tsuyoshi ; Mu, Yi. / Functional encryption resilient to hard-to-invert leakage. In: Computer Journal. 2013 ; Vol. 58, No. 4. pp. 735-749.
@article{8d3bf376b7d04d129ec3e317bc38be00,
title = "Functional encryption resilient to hard-to-invert leakage",
abstract = "Functional encryption (FE) systems provide a flexible and expressive encryption mechanism that private keys and ciphertexts are associated with attributes x{combining right arrow above} and predicate formulae Γ and decryption are possible whenever keys and ciphertexts are related, i.e. Γx{combining right arrow above} = 1. In this work, we put forward a leakage-resilient FE scheme against the amount of leakage output over a hard-to-invert function family. In our scheme, the encryption policy is specified as an arbitrary monotonic formula, and the adversary can learn the arbitrary length output of the master key and the private key from any computationally irreversible function with the input (master) keys. To improve the efficiency, we employ the set of minimal sets to describe the predicate formula or access structure, and initiate the formal model of leakage-resilient FE, which is a generic extension of identity-based encryption and attribute-based encryption in the presence of key leakage with auxiliary inputs. We provide the concrete construction in bilinear groups of composite order, and prove the adaptively leakage-resilient security in the standard model based on static assumptions. Our hard-to-invert leakage resilience employs the Goldreich-Levin theorem and its extension as a hard-core value over large fields. We also give an extensional construction in the case of obtaining the hard-to-invert randomness leakage of the encryption, which uses a strong extractor to prevent leakage of randomness and a hard-to-invert encryption to prevent the leakage of the key. Finally, we analyze and discuss the stepped-up security on master leakage and continual leakage, and the lower bound of the irreversible leakage function.",
author = "Mingwu Zhang and Chunzhi Wang and Tsuyoshi Takagi and Yi Mu",
year = "2013",
month = "9",
day = "16",
doi = "10.1093/comjnl/bxt105",
language = "English",
volume = "58",
pages = "735--749",
journal = "Computer Journal",
issn = "0010-4620",
publisher = "Oxford University Press",
number = "4",

}

TY - JOUR

T1 - Functional encryption resilient to hard-to-invert leakage

AU - Zhang, Mingwu

AU - Wang, Chunzhi

AU - Takagi, Tsuyoshi

AU - Mu, Yi

PY - 2013/9/16

Y1 - 2013/9/16

N2 - Functional encryption (FE) systems provide a flexible and expressive encryption mechanism that private keys and ciphertexts are associated with attributes x{combining right arrow above} and predicate formulae Γ and decryption are possible whenever keys and ciphertexts are related, i.e. Γx{combining right arrow above} = 1. In this work, we put forward a leakage-resilient FE scheme against the amount of leakage output over a hard-to-invert function family. In our scheme, the encryption policy is specified as an arbitrary monotonic formula, and the adversary can learn the arbitrary length output of the master key and the private key from any computationally irreversible function with the input (master) keys. To improve the efficiency, we employ the set of minimal sets to describe the predicate formula or access structure, and initiate the formal model of leakage-resilient FE, which is a generic extension of identity-based encryption and attribute-based encryption in the presence of key leakage with auxiliary inputs. We provide the concrete construction in bilinear groups of composite order, and prove the adaptively leakage-resilient security in the standard model based on static assumptions. Our hard-to-invert leakage resilience employs the Goldreich-Levin theorem and its extension as a hard-core value over large fields. We also give an extensional construction in the case of obtaining the hard-to-invert randomness leakage of the encryption, which uses a strong extractor to prevent leakage of randomness and a hard-to-invert encryption to prevent the leakage of the key. Finally, we analyze and discuss the stepped-up security on master leakage and continual leakage, and the lower bound of the irreversible leakage function.

AB - Functional encryption (FE) systems provide a flexible and expressive encryption mechanism that private keys and ciphertexts are associated with attributes x{combining right arrow above} and predicate formulae Γ and decryption are possible whenever keys and ciphertexts are related, i.e. Γx{combining right arrow above} = 1. In this work, we put forward a leakage-resilient FE scheme against the amount of leakage output over a hard-to-invert function family. In our scheme, the encryption policy is specified as an arbitrary monotonic formula, and the adversary can learn the arbitrary length output of the master key and the private key from any computationally irreversible function with the input (master) keys. To improve the efficiency, we employ the set of minimal sets to describe the predicate formula or access structure, and initiate the formal model of leakage-resilient FE, which is a generic extension of identity-based encryption and attribute-based encryption in the presence of key leakage with auxiliary inputs. We provide the concrete construction in bilinear groups of composite order, and prove the adaptively leakage-resilient security in the standard model based on static assumptions. Our hard-to-invert leakage resilience employs the Goldreich-Levin theorem and its extension as a hard-core value over large fields. We also give an extensional construction in the case of obtaining the hard-to-invert randomness leakage of the encryption, which uses a strong extractor to prevent leakage of randomness and a hard-to-invert encryption to prevent the leakage of the key. Finally, we analyze and discuss the stepped-up security on master leakage and continual leakage, and the lower bound of the irreversible leakage function.

UR - http://www.scopus.com/inward/record.url?scp=84926620898&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84926620898&partnerID=8YFLogxK

U2 - 10.1093/comjnl/bxt105

DO - 10.1093/comjnl/bxt105

M3 - Article

AN - SCOPUS:84926620898

VL - 58

SP - 735

EP - 749

JO - Computer Journal

JF - Computer Journal

SN - 0010-4620

IS - 4

ER -