1. bookVolume 2021 (2021): Issue 1 (January 2021)
Journal Details
First Published
16 Apr 2015
Publication timeframe
4 times per year
access type Open Access

Controlled Functional Encryption Revisited: Multi-Authority Extensions and Efficient Schemes for Quadratic Functions

Published Online: 09 Nov 2020
Volume & Issue: Volume 2021 (2021) - Issue 1 (January 2021)
Page range: 21 - 42
Received: 31 May 2020
Accepted: 16 Sep 2020
Journal Details
First Published
16 Apr 2015
Publication timeframe
4 times per year

In a Functional Encryption scheme (FE), a trusted authority enables designated parties to compute specific functions over encrypted data. As such, FE promises to break the tension between industrial interest in the potential of data mining and user concerns around the use of private data. FE allows the authority to decide who can compute and what can be computed, but it does not allow the authority to control which ciphertexts can be mined. This issue was recently addressed by Naveed et al., that introduced so-called Controlled Functional encryption (or C-FE), a cryptographic framework that extends FE and allows the authority to exert fine-grained control on the ciphertexts being mined. In this work we extend C-FE in several directions. First, we distribute the role of (and the trust in) the authority across several parties by defining multi-authority C-FE (or mCFE). Next, we provide an efficient instantiation that enables computation of quadratic functions on inputs provided by multiple data-owners, whereas previous work only provides an instantiation for linear functions over data supplied by a single data-owner and resorts to garbled circuits for more complex functions. Our scheme leverages CCA2 encryption and linearly-homomorphic encryption. We also implement a prototype and use it to showcase the potential of our instantiation.


[1] M. Abadi, A. Agarwal, P. Barham, E. Brevdo, Z. Chen, C. Citro, G. S. Corrado, A. Davis, J. Dean, M. Devin, S. Ghemawat, I. Goodfellow, A. Harp, G. Irving, M. Isard, Y. Jia, R. Jozefowicz, L. Kaiser, M. Kudlur, J. Levenberg, D. Mané, R. Monga, S. Moore, D. Murray, C. Olah, M. Schuster, J. Shlens, B. Steiner, I. Sutskever, K. Talwar, P. Tucker, V. Vanhoucke, V. Vasudevan, F. Viégas, O. Vinyals, P. Warden, M. Wattenberg, M. Wicke, Y. Yu, and X. Zheng. TensorFlow: Large-scale machine learning on heterogeneous systems, 2015. Software available from tensorflow.org.Search in Google Scholar

[2] M. Abdalla, F. Benhamouda, M. Kohlweiss, and H. Waldner. Decentralizing inner-product functional encryption. In Public Key Cryptography (2), volume 11443 of Lecture Notes in Computer Science, pages 128–157. Springer, 2019.10.1007/978-3-030-17259-6_5Search in Google Scholar

[3] M. Abdalla, F. Bourse, A. De Caro, and D. Pointcheval. Simple functional encryption schemes for inner products. In PKC 2015, LNCS, pages 733–751. Springer, 2015.10.1007/978-3-662-46447-2_33Search in Google Scholar

[4] M. Abdalla, D. Catalano, D. Fiore, R. Gay, and B. Ursu. Multi-input functional encryption for inner products: Function-hiding realizations and constructions without pairings. In Advances in Cryptology - CRYPTO 2018 - 38th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 19-23, 2018, Proceedings, Part I, pages 597–627, 2018.10.1007/978-3-319-96884-1_20Search in Google Scholar

[5] M. Abdalla, R. Gay, M. Raykova, and H. Wee. Multi-input inner-product functional encryption from pairings. In Advances in Cryptology - EUROCRYPT 2017 - 36th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Paris, France, April 30 - May 4, 2017, Proceedings, Part I, pages 601–626, 2017.10.1007/978-3-319-56620-7_21Search in Google Scholar

[6] S. Agrawal, B. Libert, and D. Stehlé. Fully secure functional encryption for inner products, from standard assumptions. LNCS, pages 333–362. Springer, Aug. 2016.10.1007/978-3-662-53015-3_12Search in Google Scholar

[7] D. F. Aranha and C. P. L. Gouvêa. RELIC is an Efficient LIbrary for Cryptography. https://github.com/relic-toolkit/relic.Search in Google Scholar

[8] S. Badrinarayanan, D. Gupta, A. Jain, and A. Sahai. Multi-input functional encryption for unbounded arity functions. In Advances in Cryptology – ASIACRYPT 2015, Part I, volume 9452 of LNCS, pages 27–51. Springer, Dec. 2015.10.1007/978-3-662-48797-6_2Search in Google Scholar

[9] C. E. Z. Baltico, D. Catalano, D. Fiore, and R. Gay. Practical functional encryption for quadratic functions with applications to predicate encryption. In Advances in Cryptology - CRYPTO 2017 - 37th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 20-24, 2017, Proceedings, Part I, pages 67–98, 2017.10.1007/978-3-319-63688-7_3Search in Google Scholar

[10] M. Barbosa, D. Catalano, and D. Fiore. Labeled homomorphic encryption. In S. N. Foley, D. Gollmann, and E. Snekkenes, editors, Computer Security – ESORICS 2017, pages 146–166, Cham, 2017. Springer International Publishing.10.1007/978-3-319-66402-6_10Search in Google Scholar

[11] A. Bishop, A. Jain, and L. Kowalczyk. Function-hiding inner product encryption. In Advances in Cryptology – ASIACRYPT 2015, Part I, volume 9452 of LNCS, pages 470–491. Springer, Dec. 2015.10.1007/978-3-662-48797-6_20Search in Google Scholar

[12] D. Boneh, A. Raghunathan, and G. Segev. Function-private identity-based encryption: Hiding the function in functional encryption. In R. Canetti and J. A. Garay, editors, CRYPTO 2013, Part II, volume 8043 of LNCS, pages 461–478. Springer, Aug. 2013.10.1007/978-3-642-40084-1_26Search in Google Scholar

[13] D. Boneh, A. Raghunathan, and G. Segev. Function-private subspace-membership encryption and its applications. In K. Sako and P. Sarkar, editors, ASIACRYPT 2013, Part I, volume 8269 of LNCS, pages 255–275. Springer, Dec. 2013.10.1007/978-3-642-42033-7_14Search in Google Scholar

[14] D. Boneh, A. Sahai, and B. Waters. Functional encryption: Definitions and challenges. In Y. Ishai, editor, TCC 2011, volume 6597 of LNCS, pages 253–273. Springer, Mar. 2011.10.1007/978-3-642-19571-6_16Search in Google Scholar

[15] R. Bost, R. A. Popa, S. Tu, and S. Goldwasser. Machine learning classification over encrypted data. In 22nd Annual Network and Distributed System Security Symposium, NDSS 2015, San Diego, California, USA, February 8-11, 2015, 2015.10.14722/ndss.2015.23241Search in Google Scholar

[16] E. Boyle, K.-M. Chung, and R. Pass. On extractability obfuscation. In Y. Lindell, editor, TCC 2014, volume 8349 of LNCS, pages 52–73. Springer, Feb. 2014.10.1007/978-3-642-54242-8_3Search in Google Scholar

[17] Z. Brakerski and G. Segev. Function-private functional encryption in the private-key setting. In TCC 2015: 12th Theory of Cryptography Conference, Part II, volume 9015 of LNCS, pages 306–324. Springer, 2015.10.1007/978-3-662-46497-7_12Search in Google Scholar

[18] D. Catalano and D. Fiore. Using linearly-homomorphic encryption to evaluate degree-2 functions on encrypted data. In ACM CCS 15, pages 1518–1529. ACM Press, 2015.10.1145/2810103.2813624Search in Google Scholar

[19] N. Chandran, V. Goyal, A. Jain, and A. Sahai. Functional encryption: Decentralised and delegatable. IACR Cryptology ePrint Archive, 2015:1017, 2015.Search in Google Scholar

[20] J. Chotard, E. Dufour Sans, R. Gay, D. H. Phan, and D. Pointcheval. Decentralized multi-client functional encryption for inner product. In Advances in Cryptology -ASIACRYPT 2018 - 24th International Conference on the Theory and Application of Cryptology and Information Security, Brisbane, QLD, Australia, December 2-6, 2018, Proceedings, Part II, pages 703–732, 2018.10.1007/978-3-030-03329-3_24Search in Google Scholar

[21] H. Corrigan-Gibbs and D. Boneh. Prio: Private, robust, and scalable computation of aggregate statistics. In 14th USENIX Symposium on Networked Systems Design and Implementation, NSDI 2017, Boston, MA, USA, March 27-29, 2017, pages 259–282, 2017.Search in Google Scholar

[22] V. Cortier, D. Galindo, S. Glondu, and M. Izabachène. Distributed elgamal à la pedersen: Application to helios. In Proceedings of the 12th annual ACM Workshop on Privacy in the Electronic Society, WPES 2013, Berlin, Germany, November 4, 2013, pages 131–142, 2013.10.1145/2517840.2517852Search in Google Scholar

[23] R. Cramer and V. Shoup. A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. In H. Krawczyk, editor, CRYPTO’98, volume 1462 of LNCS, pages 13–25. Springer, Aug. 1998.10.1007/BFb0055717Search in Google Scholar

[24] P. Datta, R. Dutta, and S. Mukhopadhyay. Functional encryption for inner product with full function privacy. LNCS, pages 164–195. Springer, 2016.10.1007/978-3-662-49384-7_7Search in Google Scholar

[25] A. De Santis, Y. Desmedt, Y. Frankel, and M. Yung. How to share a function securely. In Proceedings of the Twenty-Sixth Annual ACM Symposium on Theory of Computing, STOC ’94, page 522–533, New York, NY, USA, 1994. Association for Computing Machinery.10.1145/195058.195405Search in Google Scholar

[26] T. ElGamal. A public key cryptosystem and a signature scheme based on discrete logarithms. In G. R. Blakley and D. Chaum, editors, CRYPTO’84, volume 196 of LNCS, pages 10–18. Springer, Aug. 1984.10.1007/3-540-39568-7_2Search in Google Scholar

[27] B. Fisch, D. Vinayagamurthy, D. Boneh, and S. Gorbunov. IRON: functional encryption using intel SGX. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS 2017, Dallas, TX, USA, October 30 - November 03, 2017, pages 765–782, 2017.Search in Google Scholar

[28] S. Garg, C. Gentry, S. Halevi, M. Raykova, A. Sahai, and B. Waters. Candidate indistinguishability obfuscation and functional encryption for all circuits. In 54th FOCS, pages 40–49. IEEE Computer Society Press, Oct. 2013.10.1109/FOCS.2013.13Search in Google Scholar

[29] S. Garg, C. Gentry, S. Halevi, and M. Zhandry. Functional encryption without obfuscation. In E. Kushilevitz and T. Malkin, editors, TCC 2016-A: 13th Theory of Cryptography Conference, Part II, volume 9563 of LNCS, pages 480–511, Tel Aviv, Israel, Jan. 10–13, 2016. Springer.10.1007/978-3-662-49099-0_18Search in Google Scholar

[30] S. Goldwasser, S. D. Gordon, V. Goyal, A. Jain, J. Katz, F.-H. Liu, A. Sahai, E. Shi, and H.-S. Zhou. Multi-input functional encryption. In P. Q. Nguyen and E. Oswald, editors, EUROCRYPT 2014, volume 8441 of LNCS, pages 578–602. Springer, May 2014.10.1007/978-3-642-55220-5_32Search in Google Scholar

[31] T. Graepel, K. E. Lauter, and M. Naehrig. ML confidential: Machine learning on encrypted data. In Information Security and Cryptology - ICISC 2012 - 15th International Conference, Seoul, Korea, November 28-30, 2012, Revised Selected Papers, pages 1–21, 2012.10.1007/978-3-642-37682-5_1Search in Google Scholar

[32] H. Kilinc and A. Küpçü. Optimally efficient multi-party fair exchange and fair secure multi-party computation. 04 2015.10.1007/978-3-319-16715-2_18Search in Google Scholar

[33] Y. LeCun and C. Cortes. MNIST handwritten digit database. 2010.Search in Google Scholar

[34] H. Lin and S. Tessaro. Indistinguishability obfuscation from trilinear maps and block-wise local PRGs. LNCS, pages 630–660. Springer, 2017.10.1007/978-3-319-63688-7_21Search in Google Scholar

[35] L. Melis, G. Danezis, and E. D. Cristofaro. Efficient private statistics with succinct sketches. In 23rd Annual Network and Distributed System Security Symposium, NDSS 2016, San Diego, California, USA, February 21-24, 2016, 2016.10.14722/ndss.2016.23175Search in Google Scholar

[36] P. Mohassel and Y. Zhang. Secureml: A system for scalable privacy-preserving machine learning. In 2017 IEEE Symposium on Security and Privacy, SP 2017, San Jose, CA, USA, May 22-26, 2017, pages 19–38, 2017.10.1109/SP.2017.12Search in Google Scholar

[37] M. Naveed, S. Agrawal, M. Prabhakaran, X. Wang, E. Ayday, J.-P. Hubaux, and C. A. Gunter. Controlled functional encryption. In G.-J. Ahn, M. Yung, and N. Li, editors, ACM CCS 14, pages 1280–1291. ACM Press, Nov. 2014.10.1145/2660267.2660291Search in Google Scholar

[38] V. I. Nechaev. Complexity of a determinate algorithm for the discrete logarithm. Mathematical Notes, 55(2):165–172, Feb 1994.10.1007/BF02113297Search in Google Scholar

[39] V. Nikolaenko, S. Ioannidis, U. Weinsberg, M. Joye, N. Taft, and D. Boneh. Privacy-preserving matrix factorization. In A.-R. Sadeghi, V. D. Gligor, and M. Yung, editors, ACM CCS 13, pages 801–812. ACM Press, Nov. 2013.10.1145/2508859.2516751Search in Google Scholar

[40] A. O’Neill. Definitional issues in functional encryption. IACR Cryptology ePrint Archive, 2010:556, 2010.Search in Google Scholar

[41] P. Paillier. Public-key cryptosystems based on composite degree residuosity classes. In J. Stern, editor, EUROCRYPT’99, volume 1592 of LNCS, pages 223–238. Springer, May 1999.10.1007/3-540-48910-X_16Search in Google Scholar

[42] E. D. Sans, R. Gay, and D. Pointcheval. Reading in the dark: Classifying encrypted digits with functional encryption. Cryptology ePrint Archive, Report 2018/206, 2018. https://eprint.iacr.org/2018/206.Search in Google Scholar

[43] E. Shen, E. Shi, and B. Waters. Predicate privacy in encryption systems. In O. Reingold, editor, TCC 2009, volume 5444 of LNCS, pages 457–473. Springer, Mar. 2009.10.1007/978-3-642-00457-5_27Search in Google Scholar

[44] H. Spaeth. Mathematical algorithms for linear regression. Academic Press, page 304, 1991.Search in Google Scholar

[45] B. Waters. A punctured programming approach to adaptively secure functional encryption. In CRYPTO 2015, Part II, LNCS, pages 678–697. Springer, Aug. 2015.10.1007/978-3-662-48000-7_33Search in Google Scholar

Recommended articles from Trend MD

Plan your remote conference with Sciendo