Achieving IND-CCA Security for Functional Encryption for Inner Products

摘要

Functional encryption allows the authorised parties to reveal partial information of the plaintext hidden in a ciphertext while in conventional encryption decryption is all-or-nothing. Focusing on the functionality of inner product evaluation (i.e. given vectors x and y, calculate (x, y)), Abdalla et al. (PKC 2015) proposed a functional encryption scheme for inner product functionality (FE-IP) with s-IND-CPA security. In some recent works by Abdalla et al. (eprint: Report 2016/11) and Agrawal et al. (CRYPTO 2016), IND-CPA secure FE-IP schemes have also been proposed. In order to achieve Indistinguishable under Chosen Ciphertext Attacks (IND-CCA security) for FE-IP, in this paper, we propose a generic construction of FE-IP from hash proof systems. We prove the constructed FE-IP is IND-CCA secure, assuming the hardness of the subset membership problem. In addition, we give an instantiation of our generic construction from the DDH assumption.