Paper 2010/556

Definitional Issues in Functional Encryption

Adam O'Neill

Abstract

We provide a formalization of the emergent notion of ``functional encryption,'' as well as introduce various security notions for it, and study relations among the latter. In particular, we show that indistinguishability and semantic security based notions of security are {\em inequivalent} for functional encryption in general; in fact, ``adaptive'' indistinguishability does not even imply ``non-adaptive'' semantic security. This is alarming given the large body of work employing (special cases of) the former. We go on to show, however, that in the ``non-adaptive'' case an equivalence does hold between indistinguishability and semantic security for what we call {\em preimage sampleable} schemes. We take this as evidence that for preimage sampleable schemes an indistinguishability based notion may be acceptable in practice. We show that some common functionalities considered in the literature satisfy this requirement.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Contact author(s)
adamo @ cs utexas edu
History
2011-03-19: last of 13 revisions
2010-11-01: received
See all versions
Short URL
https://ia.cr/2010/556
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2010/556,
      author = {Adam O'Neill},
      title = {Definitional Issues in Functional Encryption},
      howpublished = {Cryptology ePrint Archive, Paper 2010/556},
      year = {2010},
      note = {\url{https://eprint.iacr.org/2010/556}},
      url = {https://eprint.iacr.org/2010/556}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.