Advertisement

Traceable Inner Product Functional Encryption

  • Xuan Thanh DoEmail author
  • Duong Hieu Phan
  • David Pointcheval
Conference paper
  • 49 Downloads
Part of the Lecture Notes in Computer Science book series (LNCS, volume 12006)

Abstract

Functional Encryption (FE) has been widely studied in the last decade, as it provides a very useful tool for restricted access to sensitive data: from a ciphertext, it allows specific users to learn a function of the underlying plaintext. In practice, many users may be interested in the same function on the data, say the mean value of the inputs, for example. The conventional definition of FE associates each function to a secret decryption functional key and therefore all the users get the same secret key for the same function. This induces an important problem: if one of these users (called a traitor) leaks or sells the decryption functional key to be included in a pirate decryption tool, then there is no way to trace back its identity. Our objective is to solve this issue by introducing a new primitive, called Traceable Functional Encryption: the functional decryption key will not only be specific to a function, but to a user too, in such a way that if some users collude to produce a pirate decoder that successfully evaluates a function on the plaintext, from the ciphertext only, one can trace back at least one of them.

We propose a concrete solution for Inner Product Functional Encryption (IPFE). We first remark that the ElGamal-based IPFE from Abdalla et al. in PKC ’15 shares many similarities with the Boneh-Franklin traitor tracing from CRYPTO ’99. Then, we can combine these two schemes in a very efficient way, with the help of pairings, to obtain a Traceable IPFE with black-box confirmation.

Keywords

Functional Encryption IPFE Traceability 

Notes

Acknowledgments

This work was supported in part by the European Community’s Seventh Framework Programme (FP7/2007-2013 Grant Agreement no. 339563 – CryptoCloud) and the ANR ALAMBIC (ANR16-CE39-0006).

References

  1. 1.
    Abdalla, M., Bourse, F., De Caro, A., Pointcheval, D.: Simple functional encryption schemes for inner products. In: Katz, J. (ed.) PKC 2015. LNCS, vol. 9020, pp. 733–751. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-46447-2_33CrossRefGoogle Scholar
  2. 2.
    Abdalla, M., Dent, A.W., Malone-Lee, J., Neven, G., Phan, D.H., Smart, N.P.: Identity-based traitor tracing. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 361–376. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-71677-8_24CrossRefGoogle Scholar
  3. 3.
    Agrawal, S., Bhattacherjee, S., Phan, D.H., Stehlé, D., Yamada, S.: Efficient public trace and revoke from standard assumptions: extended abstract. In: Thuraisingham, B.M., Evans, D., Malkin, T., Xu, D. (eds.) ACM CCS 2017, pp. 2277–2293. ACM Press, October/November 2017Google Scholar
  4. 4.
    Agrawal, S., Libert, B., Stehlé, D.: Fully secure functional encryption for inner products, from standard assumptions. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016, Part III. LNCS, vol. 9816, pp. 333–362. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53015-3_12CrossRefGoogle Scholar
  5. 5.
    Au, M.H., Huang, Q., Liu, J.K., Susilo, W., Wong, D.S., Yang, G.: Traceable and retrievable identity-based encryption. In: Bellovin, S.M., Gennaro, R., Keromytis, A., Yung, M. (eds.) ACNS 2008. LNCS, vol. 5037, pp. 94–110. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-68914-0_6CrossRefGoogle Scholar
  6. 6.
    Baltico, C.E.Z., Catalano, D., Fiore, D., Gay, R.: Practical functional encryption for quadratic functions with applications to predicate encryption. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017, Part I. LNCS, vol. 10401, pp. 67–98. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-63688-7_3CrossRefGoogle Scholar
  7. 7.
    Boneh, D., Franklin, M.: An efficient public key traitor tracing scheme. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 338–353. Springer, Heidelberg (1999).  https://doi.org/10.1007/3-540-48405-1_22CrossRefGoogle Scholar
  8. 8.
    Boneh, D., Sahai, A., Waters, B.: Fully collusion resistant traitor tracing with short ciphertexts and private keys. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 573–592. Springer, Heidelberg (2006).  https://doi.org/10.1007/11761679_34CrossRefGoogle Scholar
  9. 9.
    Boneh, D., Sahai, A., Waters, B.: Functional encryption: definitions and challenges. In: Ishai, Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 253–273. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-19571-6_16CrossRefGoogle Scholar
  10. 10.
    Boneh, D., Zhandry, M.: Multiparty key exchange, efficient traitor tracing, and more from indistinguishability obfuscation. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014, Part I. LNCS, vol. 8616, pp. 480–499. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-44371-2_27CrossRefGoogle Scholar
  11. 11.
    Chabanne, H., Phan, D.H., Pointcheval, D.: Public traceability in traitor tracing schemes. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 542–558. Springer, Heidelberg (2005).  https://doi.org/10.1007/11426639_32CrossRefzbMATHGoogle Scholar
  12. 12.
    Chen, Y., Vaikuntanathan, V., Waters, B., Wee, H., Wichs, D.: Traitor-tracing from LWE made simple and attribute-based. In: Beimel, A., Dziembowski, S. (eds.) TCC 2018, Part II. LNCS, vol. 11240, pp. 341–369. Springer, Cham (2018).  https://doi.org/10.1007/978-3-030-03810-6_13CrossRefGoogle Scholar
  13. 13.
    Chor, B., Fiat, A., Naor, M.: Tracing traitors. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 257–270. Springer, Heidelberg (1994).  https://doi.org/10.1007/3-540-48658-5_25CrossRefGoogle Scholar
  14. 14.
    Fazio, N., Nicolosi, A., Phan, D.H.: Traitor tracing with optimal transmission rate. In: Garay, J.A., Lenstra, A.K., Mambo, M., Peralta, R. (eds.) ISC 2007. LNCS, vol. 4779, pp. 71–88. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-75496-1_5CrossRefGoogle Scholar
  15. 15.
    Goyal, R., Koppula, V., Waters, B.: Collusion resistant traitor tracing from learning with errors. In: Diakonikolas, I., Kempe, D., Henzinger, M. (eds.) 50th ACM STOC, pp. 660–670. ACM Press, June 2018Google Scholar
  16. 16.
    Goyal, V.: Reducing trust in the PKG in identity based cryptosystems. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 430–447. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-74143-5_24CrossRefGoogle Scholar
  17. 17.
    Kiayias, A., Yung, M.: Traitor tracing with constant transmission rate. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 450–465. Springer, Heidelberg (2002).  https://doi.org/10.1007/3-540-46035-7_30CrossRefGoogle Scholar
  18. 18.
    Ling, S., Phan, D.H., Stehlé, D., Steinfeld, R.: Hardness of k-LWE and applications in traitor tracing. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014, Part I. LNCS, vol. 8616, pp. 315–334. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-44371-2_18CrossRefzbMATHGoogle Scholar
  19. 19.
    Liu, Z., Cao, Z., Wong, D.S.: Blackbox traceable CP-ABE: how to catch people leaking their keys by selling decryption devices on eBay. In: Sadeghi, A.-R., Gligor, V.D., Yung, M. (eds.) ACM CCS 2013, pp. 475–486. ACM Press, November 2013Google Scholar
  20. 20.
    Liu, Z., Wong, D.S.: Practical ciphertext-policy attribute-based encryption: traitor tracing, revocation, and large universe. In: Malkin, T., Kolesnikov, V., Lewko, A.B., Polychronakis, M. (eds.) ACNS 2015. LNCS, vol. 9092, pp. 127–146. Springer, Cham (2015).  https://doi.org/10.1007/978-3-319-28166-7_7CrossRefGoogle Scholar
  21. 21.
    Liu, Z., Wong, D.S.: Traceable CP-ABE on prime order groups: fully secure and fully collusion-resistant blackbox traceable. In: Qing, S., Okamoto, E., Kim, K., Liu, D. (eds.) ICICS 2015. LNCS, vol. 9543, pp. 109–124. Springer, Cham (2016).  https://doi.org/10.1007/978-3-319-29814-6_10CrossRefGoogle Scholar
  22. 22.
    Ning, J., Cao, Z., Dong, X., Wei, L., Lin, X.: Large universe ciphertext-policy attribute-based encryption with white-box traceability. In: Kutyłowski, M., Vaidya, J. (eds.) ESORICS 2014, Part II. LNCS, vol. 8713, pp. 55–72. Springer, Cham (2014).  https://doi.org/10.1007/978-3-319-11212-1_4CrossRefGoogle Scholar
  23. 23.
    Nishimaki, R., Wichs, D., Zhandry, M.: Anonymous traitor tracing: how to embed arbitrary information in a key. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016, Part II. LNCS, vol. 9666, pp. 388–419. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-49896-5_14CrossRefzbMATHGoogle Scholar
  24. 24.
    Phan, D.H., Trinh, V.C.: Identity-based trace and revoke schemes. In: Boyen, X., Chen, X. (eds.) ProvSec 2011. LNCS, vol. 6980, pp. 204–221. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-24316-5_15CrossRefGoogle Scholar
  25. 25.
    Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005).  https://doi.org/10.1007/11426639_27CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  • Xuan Thanh Do
    • 1
    • 2
    Email author
  • Duong Hieu Phan
    • 2
  • David Pointcheval
    • 3
    • 4
  1. 1.Department of MathematicsVietnam National UniversityHanoiVietnam
  2. 2.XLIM, University of Limoges, CNRSLimogesFrance
  3. 3.DIENS, École Normale Supérieure, CNRS, PSL UniversityParisFrance
  4. 4.InriaParisFrance

Personalised recommendations