Open AccessReceiver‐ and sender‐deniable functional encryption
Author(s) -
De Caro Angelo,
Iovino Vincenzo,
O'Neill Adam
Publication year - 2018
Publication title -
iet information security
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.308
H-Index - 34
eISSN - 1751-8717
pISSN - 1751-8709
DOI - 10.1049/iet-ifs.2017.0040
Subject(s) - encryption , computer science , communication source , probabilistic encryption , key (lock) , public key cryptography , computer security , multiple encryption , theoretical computer science , construct (python library) , scheme (mathematics) , computer network , mathematics , mathematical analysis
Deniable encryption, first introduced by Canetti et al . 1997, allows equivocation of encrypted communication. In this work, the authors generalise its study to functional encryption (FE). The authors’ results are summarised as follows: They first put forward and motivate the concept of receiver‐deniable FE, for which they consider two models. In the first model, as previously considered by O'Neill et al . 2011 in the case of identity‐based encryption, a receiver gets assistance from the master authority to generate a fake secret key. In the second model, there are ‘normal’ and ‘deniable’ secret keys, and a receiver in possession of a deniable secret key can produce a fake but authentic‐looking normal key on its own. In the first model, they show a compiler from any FE scheme for circuits to a FE scheme having receiver deniability. In addition, they show an efficient receiver‐deniable FE scheme for Boolean formulae from bilinear maps. In the second (multi‐distributional) model, they present a specific FE scheme for circuits having receiver deniability. To the authors’ knowledge, a scheme in the multi‐distributional model was not previously known even for the special case of identity‐based encryption. Finally, they construct the first sender (non‐multi‐distributional) deniable FE scheme.