A survey on functional encryption

Functional Encryption (FE) expands traditional public-key encryption in two different ways: it supports fine-grained access control and allows learning a function of the encrypted data. In this paper, we review all FE classes, describing their functionalities and main characteristics. In particular, we mention several schemes for each class, providing their security assumptions and comparing their properties. To our knowledge, this is the first survey that encompasses the entire FE family.

Download Full-text

Privacy-Preserving and Efficient Public Key Encryption with Keyword Search Based on CP-ABE in Cloud

Cryptography ◽

10.3390/cryptography4040028 ◽

2020 ◽

Vol 4 (4) ◽

pp. 28

Author(s):

Yunhong Zhou ◽

Shihui Zheng ◽

Licheng Wang

Keyword(s):

Access Control ◽

Data Privacy ◽

Keyword Search ◽

Good Method ◽

Privacy Preserving ◽

Public Key ◽

Public Key Encryption ◽

Encrypted Data ◽

Fine Grained ◽

Attribute Based Encryption

In the area of searchable encryption, public key encryption with keyword search (PEKS) has been a critically important and promising technique which provides secure search over encrypted data in cloud computing. PEKS can protect user data privacy without affecting the usage of the data stored in the untrusted cloud server environment. However, most of the existing PEKS schemes concentrate on data users’ rich search functionalities, regardless of their search permission. Attribute-based encryption technology is a good method to solve the security issues, which provides fine-grained access control to the encrypted data. In this paper, we propose a privacy-preserving and efficient public key encryption with keyword search scheme by using the ciphertext-policy attribute-based encryption (CP-ABE) technique to support both fine-grained access control and keyword search over encrypted data simultaneously. We formalize the security definition, and prove that our scheme achieves selective indistinguishability security against an adaptive chosen keyword attack. Finally, we present the performance analysis in terms of theoretical analysis and experimental analysis, and demonstrate the efficiency of our scheme.

Download Full-text

On Enabling Attribute-Based Encryption to Be Traceable Against Traitors

The Computer Journal ◽

10.1093/comjnl/bxaa082 ◽

2020 ◽

Author(s):

Zhen Liu ◽

Qiong Huang ◽

Duncan S Wong

Keyword(s):

Access Control ◽

High Efficiency ◽

Black Box ◽

The Other ◽

Encrypted Data ◽

Malicious User ◽

Fine Grained ◽

Other Hand ◽

Attribute Based Encryption

Abstract Attribute-based encryption (ABE) is a versatile one-to-many encryption primitive, which enables fine-grained access control over encrypted data. Due to its promising applications in practice, ABE schemes with high efficiency, security and expressivity have been continuously emerging. On the other hand, due to the nature of ABE, a malicious user may abuse its decryption privilege. Therefore, being able to identify such a malicious user is crucial towards the practicality of ABE. Although some specific ABE schemes in the literature enjoys the tracing function, they are only proceeded case by case. Most of the ABE schemes do not support traceability. It is thus meaningful and important to have a generic way of equipping any ABE scheme with traceability. In this work, we partially solve the aforementioned problem. Namely, we propose a way of transforming (non-traceable) ABE schemes satisfying certain requirements to fully collusion-resistant black-box traceable ABE schemes, which adds only $O(\sqrt{\mathcal{K}})$ elements to the ciphertext where ${\mathcal{K}}$ is the number of users in the system. And to demonstrate the practicability of our transformation, we show how to convert a couple of existing non-traceable ABE schemes to support traceability.

Download Full-text

Public Key Encryption with Keyword Search from Lattices in Multiuser Environments

Mathematical Problems in Engineering ◽

10.1155/2016/6549570 ◽

2016 ◽

Vol 2016 ◽

pp. 1-7 ◽

Cited By ~ 1

Author(s):

Daini Wu ◽

Xiaoming Wang ◽

Qingqing Gan

Keyword(s):

Data Privacy ◽

Keyword Search ◽

Random Oracle Model ◽

Random Oracle ◽

Public Key ◽

Public Key Encryption ◽

Encrypted Data ◽

Cloud Server ◽

Learning With Errors ◽

Multiuser Environments

A public key encryption scheme with keyword search capabilities is proposed using lattices for applications in multiuser environments. The proposed scheme enables a cloud server to check if any given encrypted data contains certain keywords specified by multiple users, but the server would not have knowledge of the keywords specified by the users or the contents of the encrypted data, which provides data privacy as well as privacy for user queries in multiuser environments. It can be proven secure under the standard learning with errors assumption in the random oracle model.

Download Full-text

FUZZY IDENTITY AND ATTRIBUTE BASED ENCRYPTION FOR FINE GRAINED ACCESS CONTROL OF ENCRYPTED DATA

International Journal of Modern Trends in Engineering & Research ◽

10.21884/ijmter.2018.5172.m7iz2 ◽

2018 ◽

Vol 5 (7) ◽

pp. 23-26

Keyword(s):

Access Control ◽

Encrypted Data ◽

Fine Grained ◽

Attribute Based Encryption ◽

Fuzzy Identity

Download Full-text

Functional Encryption for Pattern Matching with a Hidden String

Cryptography ◽

10.3390/cryptography6010001 ◽

2021 ◽

Vol 6 (1) ◽

pp. 1

Author(s):

Jongkil Kim ◽

Yang-Wai Chow ◽

Willy Susilo ◽

Joonsang Baek ◽

Intae Kim

Keyword(s):

Access Control ◽

Pattern Matching ◽

Public Information ◽

Functional Encryption ◽

Fine Grained ◽

Private Key ◽

Diffie Hellman ◽

Data Owner ◽

Security Properties

We propose a new functional encryption for pattern matching scheme with a hidden string. In functional encryption for pattern matching (FEPM), access to a message is controlled by its description and a private key that is used to evaluate the description for decryption. In particular, the description with which the ciphertext is associated is an arbitrary string w and the ciphertext can only be decrypted if its description matches the predicate of a private key which is also a string. Therefore, it provides fine-grained access control through pattern matching alone. Unlike related schemes in the literature, our scheme hides the description that the ciphertext is associated with. In many practical scenarios, the description of the ciphertext cannot be public information as an attacker may abuse the message description to identify the data owner or classify the target ciphertext before decrypting it. Moreover, some data owners may not agree to reveal any ciphertext information since it simply gives greater advantage to the adversary. In this paper, we introduce the first FEPM scheme with a hidden string, such that the adversary cannot get any information about the ciphertext from its description. The security of our scheme is formally analyzed. The proposed scheme provides both confidentiality and anonymity while maintaining its expressiveness. We prove these security properties under the interactive general Diffie–Hellman assumption (i-GDH) and a static assumption introduced in this paper.

Download Full-text

Server-Aided Revocable Attribute-Based Encryption from Lattices

Security and Communication Networks ◽

10.1155/2020/1460531 ◽

2020 ◽

Vol 2020 ◽

pp. 1-13

Author(s):

Xingting Dong ◽

Yanhua Zhang ◽

Baocang Wang ◽

Jiangshan Chen

Keyword(s):

Access Control ◽

Standard Model ◽

Secret Key ◽

Bilinear Maps ◽

Encrypted Data ◽

Fine Grained ◽

Attribute Based Encryption ◽

The Standard Model ◽

Learning With Errors

Attribute-based encryption (ABE) can support a fine-grained access control to encrypted data. When the user’s secret-key is compromised, the ABE system has to revoke its decryption privileges to prevent the leakage of encrypted data. Although there are many constructions about revocable ABE from bilinear maps, the situation with lattice-based constructions is less satisfactory, and a few efforts were made to close this gap. In this work, we propose the first lattice-based server-aided revocable attribute-based encryption (SR-ABE) scheme and thus the first such construction that is believed to be quantum resistant. In the standard model, our scheme is proved to be secure based on the hardness of the Learning With Errors (LWE) problem.

Download Full-text

SPEKS: Forward Private SGX-Based Public Key Encryption with Keyword Search

Applied Sciences ◽

10.3390/app10217842 ◽

2020 ◽

Vol 10 (21) ◽

pp. 7842

Author(s):

Hyundo Yoon ◽

Soojung Moon ◽

Youngki Kim ◽

Changhee Hahn ◽

Wonjun Lee ◽

...

Keyword(s):

Keyword Search ◽

Information Leakage ◽

Computation Time ◽

Public Key ◽

Public Key Encryption ◽

Encrypted Data ◽

Performance Improvements ◽

Security Proof ◽

Processing Cost ◽

Definition Of

Public key encryption with keyword search (PEKS) enables users to search over encrypted data outsourced to an untrusted server. Unfortunately, updates to the outsourced data may incur information leakage by exploiting the previously submitted queries. Prior works addressed this issue by means of forward privacy, but most of them suffer from significant performance degradation. In this paper, we present a novel forward private PEKS scheme leveraging Software Guard Extension (SGX), a trusted execution environment provided by Intel. The proposed scheme presents substantial performance improvements over prior work. Specifically, we reduce the query processing cost from O(n) to O(1), where n is the number of encrypted data. According to our performance analysis, the overall computation time is reduced by 80% on average. Lastly, we provide a formal security definition of SGX-based forward private PEKS, as well as a rigorous security proof of the proposed scheme.

Download Full-text

Certificates and Public Key Infrastructure

Cryptography and Security Services ◽

10.4018/978-1-59904-837-6.ch009 ◽

2008 ◽

pp. 217-245

Author(s):

Manuel Mogollon

Keyword(s):

Access Control ◽

Digital Signature ◽

Public Key Infrastructure ◽

Public Key ◽

Comprehensive System ◽

Public Key Encryption ◽

Control Data ◽

The Public ◽

Digital Certificates ◽

Public Keys

In public-key encryption, the secrecy of the public key is not required, but the authenticity of the public key is necessary to guarantee its integrity and to avoid spoofing and playback attacks. A user’s public key can be authenticated (signed) by a certificate authority that verifies that a public key belongs to a specific user. In this chapter, digital certificates, which are used to validate public keys, and certificate authorities are discussed. When public-key is used, it is necessary to have a comprehensive system that provides public key encryption and digital signature services to ensure confidentiality, access control, data integrity, authentication, and non-repudiation. That system, public-key infrastructure or PKI, is also discussed in this chapter.

Download Full-text

Distributed Searchable Asymmetric Encryption

Indonesian Journal of Electrical Engineering and Computer Science ◽

10.11591/ijeecs.v4.i3.pp684-694 ◽

2016 ◽

Vol 4 (3) ◽

pp. 684

Author(s):

Shoulin Yin ◽

Lin Teng ◽

Jie Liu

Keyword(s):

Keyword Search ◽

The Other ◽

Public Key ◽

Search Pattern ◽

Public Key Encryption ◽

Information Protection ◽

Encrypted Data ◽

Private Key ◽

Asymmetric Encryption ◽

Encryption Decryption

Searchable asymmetric encryption (SAE) can also be called Public Key Encryption with Keyword Search (PEKS), which allows us to search the keyword on the data of having been encrypted. The essence of Asymmetric searchable encryption is that users exchange the data of encryption, one party sends a ciphertext with key encryption, the other party with another key receives the ciphertext. Encryption key is not the same as the decryption key, and cannot deduce another key from any one of the key, thus it greatly enhances the information protection, and can prevent leakage the user's search criteria—Search Pattern. Secure schemes of SAE are practical, sometimes, however the speed of encryption/decryption in Public-key encryption is slower than private key. In order to get higher efficiency and security in information retrieval, in this paper we introduce the concept of distributed SAE, which is useful for security and can enable search operations on encrypted data. Moreover, we give the proof of security.

Download Full-text

A CIPHERTEXT-POLICY ATTRIBUTE-BASED SEARCHABLE ENCRYPTION SCHEME IN NON-INTERACTIVE MODEL

Journal of Computer Science and Cybernetics ◽

10.15625/1813-9663/0/0/13667 ◽

2019 ◽

Vol 35 (3) ◽

pp. 233-249

Author(s):

Van Anh Trinh ◽

Viet Cuong Trinh

Keyword(s):

Keyword Search ◽

Public Key ◽

Communication Overhead ◽

Encryption Scheme ◽

Public Key Encryption ◽

Encrypted Data ◽

Attribute Based Encryption ◽

Encrypt Data ◽

Cryptographic Primitive ◽

Ciphertext Policy

We address the problem of searching on encrypted data with expressive searching predicate and multi-writer/multi-reader, a cryptographic primitive which has many concrete application scenarios such as cloud computing, email gateway application and so on. In this paper, we propose a public-key encryption with keyword search scheme relied on the ciphertext-policy attribute-based encryption scheme. In our system, we consider the model where a user can generate trapdoors by himself/herself, we thus can remove the Trusted Trapdoor Generator which can save the resource and communication overhead. We also investigate the problem of combination of a public key encryption used to encrypt data and a public-key encryption with keyword search used to encrypt keywords, which can save the storage of the whole system

Download Full-text