PDF Abstract - IIT Kgp

(1)

Abstract

The purpose of this thesis is to construct and analyze advanced cryptographic primitives, namelywitness encryption (WE) with anofflinephase,fully homomorphic encryption (FHE) in identity-based and attribute-based settings and functional encryption (FE) for expressive functionalities. More precisely, the contri- butions are listed as follows:

• We construct an efficient selectively secureoffline witness encryption(OWE) scheme from randomized encoding (RE) in common reference string (CRS) model. We introduce the notion ofpuncturable witness pseudorandom function (PWPRF) and give a construction from indistinguishability obfuscation (iO) andpuncturablePRF (PPRF). We employ ourPWPRFto build asemi- adaptively secure (a notion stronger than selective security)OWE which enjoys anoptimal size ciphertext. Moreover, theOWEs are extended tooffline functional witness encryption (OFWE) scheme achieving similar efficiency and providing finer control over data.

• In cloud computing, the notion of FHEis an essential and primary primitive that enables us to use the computing power of a server while preserving privacy of our data. We present the first generic constructions of multi- identity pure FHE (MIFHE) and multi-attribute pure FHE (MAFHE) secure under the type one ofchosen ciphertext attacks (CCA1). The goal is achieved in two steps. First, we build a CCA secure identity-based encryption (IBE) scheme (respectively,attribute-based encryption (ABE) scheme) fromWPRF and then bootstrap the construction to aCCA1 secureMIFHE(respectively, MAFHE) using a multi-key pure FHE (MFHE). On the way to achieving MAFHE, we design the first CCA secure ABE for all circuits that enjoys an optimal size ciphertext.

• We propose several FE schemes having useful functionalities and practi- cal security models. We present a non-generic construction of CCA secure attribute-hiding non-zero inner product encryption (AHNIPE) from the plain decisional Diffie-Hellman (DDH) assumption. We exhibit applications of AHNIPEin designinganonymous identity-based revocation (ANON-IBR) and anonymous identity-based trace and revoke (ANON-IBTR) schemes.

Next, we demonstrate how to realize finer access control over inner product functional encryption (IPFE) by constructing a primitive called attribute- based IPFE (ABIPFE). The ABIPFE is the first of its kind where we can embed any boolean function into the secret-keys of the system. We design selectively secureABIPFEfrom the standard learning with errors (LWE) assumption. Furthermore, we extend it to anattribute-based multi-input inner

(2)

product functional encryption (ABMIPFE) where secret-keys are associated with multiple policies subject to different encryption slots.

Finally, we provide a generic construction of CCA secure public-key FE (PKFE) for all polynomial-size circuits. The goal is accomplished in two steps. First, we formalize the notion of constrained WPRF (CWPRF) by generalizing the primitive PWPRF and give a construction of CWPRF from iO and constrained PRF (CPRF). Then, we utilize the pseudorandomness property of PWPRF and function privacy property of CWPRF to build the first CCA securePKFEfor all circuits. The PKFEproducessuccinct cipher- texts that are independent of the size and depth of the circuit class under consideration.

Keywords: offline witness encryption, randomized encoding, obfuscation, witness pseudorandom function, selective security, semi-adaptive security, identity- based encryption, attribute-based encryption, multi-identity pure fully homomorphic encryption, multi-attribute pure fully homomorphic encryption, chosen ciphertext attacks, functional encryption, non-zero inner product functional encryption, attribute-hiding, attribute-based inner product functional encryption, public-key functional encryption.