Afficher la notice abrégée

A tighter proof for CCA secure inner product functional encryption: Genericity meets efficiency

hal.structure.identifierLithe and fast algorithmic number theory [LFANT]
dc.contributor.authorCASTAGNOS, Guilhem
hal.structure.identifierExact Computing [LIRMM | ECO]
dc.contributor.authorLAGUILLAUMIE, Fabien
hal.structure.identifierInstitute IMDEA Software [Madrid]
dc.contributor.authorTUCKER, Ida
dc.date.accessioned2024-04-04T02:40:27Z
dc.date.available2024-04-04T02:40:27Z
dc.date.issued2022-05
dc.identifier.issn1879-2294
dc.identifier.urihttps://oskar-bordeaux.fr/handle/20.500.12278/191066
dc.description.abstractEnInner product functional encryption (IPFE) is a primitive which produces, from a master secret key, decryption keys sk k associated to vectors k over some specified base ring. Decrypting an encryption of vector m with sk k only reveals <k, m>. Benhamouda et al. [BBL17] provided a generic construction for CCA-secure IPFE from projective hash functions (PHFs), unfortunately their security reduction suffers an exponential loss. Their only instantiation capable of decrypting inner products of large sizes, which relies on the decisional composite residuosity (DCR) assumption, is impractical due to the large size of ciphertexts, decryption keys, and the prohibitive speed of the scheme. Our core contribution is a new approach to proving CCA security. Our constructions maintain the genericity of [BBL17], while our security proof relaxes the requirements on the underlying PHFs and gains in reduction tightness. We instantiate these constructions from the DCR assumption, an assumption in class groups (HSM CL) and the decision Diffie Hellman (DDH) assumption. Our CCA-secure constructions from DCR and HSM CL are the first such schemes to efficiently decrypt inner products of large size, improving by multiple orders of magnitude upon the work of [BBL17]. A single-core C implementation of these schemes shows that, for a 112 bit security, and 100−dimensional vectors, their DCR-based scheme takes 1h20min to encrypt, and over 5min to decrypt, whereas our slowest scheme takes 5.2s to encrypt and 0.5s to decrypt. Similarly a ciphertext for their scheme is of 283MB; those of our HSM CL-based scheme are of 30kB.
dc.description.sponsorshipCalcul réparti sécurisé : Cryptographie, Combinatoire, Calcul Formel - ANR-21-CE39-0006
dc.language.isoen
dc.publisherElsevier
dc.subject.enPublic key cryptography
dc.subject.enFunctional encryption for inner products
dc.subject.enCryptography based on class groups of an imaginary quadratic field
dc.subject.enSecurity proofs
dc.subject.enProjective hash functions
dc.title.enA tighter proof for CCA secure inner product functional encryption: Genericity meets efficiency
dc.typeArticle de revue
dc.identifier.doi10.1016/j.tcs.2022.02.014
dc.subject.halInformatique [cs]/Cryptographie et sécurité [cs.CR]
dc.description.sponsorshipEuropeCryptography for Privacy and Integrity of Computation on Untrusted Machines
bordeaux.journalTheoretical Computer Science
bordeaux.page84-113
bordeaux.volume914
bordeaux.hal.laboratoriesInstitut de Mathématiques de Bordeaux (IMB) - UMR 5251*
bordeaux.institutionUniversité de Bordeaux
bordeaux.institutionBordeaux INP
bordeaux.institutionCNRS
bordeaux.peerReviewedoui
hal.identifierhal-03780500
hal.version1
hal.popularnon
hal.audienceInternationale
hal.origin.linkhttps://hal.archives-ouvertes.fr//hal-03780500v1
bordeaux.COinSctx_ver=Z39.88-2004&amp;rft_val_fmt=info:ofi/fmt:kev:mtx:journal&amp;rft.jtitle=Theoretical%20Computer%20Science&amp;rft.date=2022-05&amp;rft.volume=914&amp;rft.spage=84-113&amp;rft.epage=84-113&amp;rft.eissn=1879-2294&amp;rft.issn=1879-2294&amp;rft.au=CASTAGNOS,%20Guilhem&amp;LAGUILLAUMIE,%20Fabien&amp;TUCKER,%20Ida&amp;rft.genre=article


Fichier(s) constituant ce document

FichiersTailleFormatVue

Il n'y a pas de fichiers associés à ce document.

Ce document figure dans la(les) collection(s) suivante(s)

Afficher la notice abrégée