分野別セミナー

Functional encryption provides a general control over the encrypting message, where only the receiver with the attributes v that satisfies the control policy function f (i.e., f(v)=1) can decrypt its ciphertext. Special cases of functional encryption include (hierarchical) identity-based encryption, attribute-based encryption, public key encryption with keyword search, spatial encryption, inner-product encryption, hidden-vector encryption and predicate encryption etc. However, as a generic construction with expressive policy, functional encryption needs to proceed a general attribute/message pair challenge query if a policy function implies another function, which means it requires different security models because of the flexibility and extension of the control policy function. Traditional Simulate/Challenge based security model has some weakness when both the message privacy and attribute privacy are simultaneously provided. For instance, the adversary's challenge must satisfy f(v_1)\neq (v_2), but it is uncontrolable if f' implies f. In this paper, we first investigate some functional encryption schemes and give the formal function models for these schemes. We then present the relationship of functions among these schemes when the equivalence of these different policy functions are employed. Finally, we discuss a generic model for the functional encryption to achieve the adaptive security with message privacy and attribute privacy.