当前位置:
X-MOL 学术
›
SIAM J. Comput.
›
论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Collusion Resistant Traitor Tracing from Learning with Errors
SIAM Journal on Computing ( IF 1.6 ) Pub Date : 2019-11-05 , DOI: 10.1137/18m1197825 Rishab Goyal , Venkata Koppula , Brent Waters
SIAM Journal on Computing ( IF 1.6 ) Pub Date : 2019-11-05 , DOI: 10.1137/18m1197825 Rishab Goyal , Venkata Koppula , Brent Waters
SIAM Journal on Computing, Ahead of Print.
In this work we provide a traitor tracing construction with ciphertexts that grow polynomially in $\log(n)$, where $n$ is the number of users, and prove it secure under the learning with errors (LWE) assumption. This is the first traitor tracing scheme with such parameters provably secure from a standard assumption. In addition to achieving new traitor tracing results, we believe our techniques push forward the broader area of computing on encrypted data under standard assumptions. Notably, traitor tracing is a substantially different problem from other cryptography primitives that have seen recent progress in LWE solutions. We achieve our results by first conceiving a novel approach to building traitor tracing that starts with a new form of functional encryption that we call Mixed FE. In a Mixed FE system the encryption algorithm is bimodal and works with either a public key or master secret key. Ciphertexts encrypted using the public key can only encrypt one type of functionality. On the other hand, the secret key encryption can be used to encode many different types of programs, but is only secure as long as the attacker sees a bounded number of such ciphertexts. We first show how to combine mixed FE with attribute-based encryption to achieve traitor tracing. Second, we build Mixed FE systems for polynomial-sized branching programs (which corresponds to the complexity class logspace) by relying on the polynomial hardness of the LWE assumption with superpolynomial modulus-to-noise ratio.
中文翻译:
从有错误的学习中追踪共谋叛国者
《 SIAM计算杂志》,预印本。
在这项工作中,我们提供了带有密文的叛徒追踪构造,密文以$ \ log(n)$增长,其中$ n $是用户数,并证明它在学习有错误(LWE)的假设下是安全的。这是第一个叛徒追踪方案,其参数从标准假设可证明是安全的。除了获得新的叛徒追踪结果外,我们相信我们的技术将在标准假设下推动加密数据计算的更广阔领域。值得注意的是,叛逆者追踪与LWE解决方案中最近取得进展的其他密码学原语是一个根本不同的问题。我们通过首先构想一种构建叛逆者追踪的新颖方法来获得我们的结果,该方法始于一种称为混合FE的新形式的功能加密。在混合FE系统中,加密算法是双峰的,并且可以使用公钥或主密钥。使用公共密钥加密的密文只能加密一种功能。另一方面,秘密密钥加密可用于对许多不同类型的程序进行编码,但只有在攻击者看到一定数量的此类密文时,它才是安全的。我们首先展示如何将混合有限元与基于属性的加密结合起来以实现叛徒追踪。第二,我们依靠具有超多项式模噪比的LWE假设的多项式硬度,为多项式大小的分支程序(对应于复杂度类对数空间)构建了混合有限元系统。另一方面,秘密密钥加密可用于对许多不同类型的程序进行编码,但只有在攻击者看到一定数量的此类密文时,它才是安全的。我们首先展示如何将混合有限元与基于属性的加密结合起来以实现叛徒追踪。第二,我们依靠具有超多项式模噪比的LWE假设的多项式硬度,为多项式大小的分支程序(对应于复杂度类对数空间)构建了混合有限元系统。另一方面,秘密密钥加密可用于对许多不同类型的程序进行编码,但只有在攻击者看到一定数量的此类密文时,它才是安全的。我们首先展示如何将混合有限元与基于属性的加密结合起来以实现叛徒追踪。其次,我们依赖于具有超多项式模噪比的LWE假设的多项式硬度,为多项式大小的分支程序(对应于复杂度类对数空间)构建了混合有限元系统。
更新日期:2019-11-05
In this work we provide a traitor tracing construction with ciphertexts that grow polynomially in $\log(n)$, where $n$ is the number of users, and prove it secure under the learning with errors (LWE) assumption. This is the first traitor tracing scheme with such parameters provably secure from a standard assumption. In addition to achieving new traitor tracing results, we believe our techniques push forward the broader area of computing on encrypted data under standard assumptions. Notably, traitor tracing is a substantially different problem from other cryptography primitives that have seen recent progress in LWE solutions. We achieve our results by first conceiving a novel approach to building traitor tracing that starts with a new form of functional encryption that we call Mixed FE. In a Mixed FE system the encryption algorithm is bimodal and works with either a public key or master secret key. Ciphertexts encrypted using the public key can only encrypt one type of functionality. On the other hand, the secret key encryption can be used to encode many different types of programs, but is only secure as long as the attacker sees a bounded number of such ciphertexts. We first show how to combine mixed FE with attribute-based encryption to achieve traitor tracing. Second, we build Mixed FE systems for polynomial-sized branching programs (which corresponds to the complexity class logspace) by relying on the polynomial hardness of the LWE assumption with superpolynomial modulus-to-noise ratio.
中文翻译:
从有错误的学习中追踪共谋叛国者
《 SIAM计算杂志》,预印本。
在这项工作中,我们提供了带有密文的叛徒追踪构造,密文以$ \ log(n)$增长,其中$ n $是用户数,并证明它在学习有错误(LWE)的假设下是安全的。这是第一个叛徒追踪方案,其参数从标准假设可证明是安全的。除了获得新的叛徒追踪结果外,我们相信我们的技术将在标准假设下推动加密数据计算的更广阔领域。值得注意的是,叛逆者追踪与LWE解决方案中最近取得进展的其他密码学原语是一个根本不同的问题。我们通过首先构想一种构建叛逆者追踪的新颖方法来获得我们的结果,该方法始于一种称为混合FE的新形式的功能加密。在混合FE系统中,加密算法是双峰的,并且可以使用公钥或主密钥。使用公共密钥加密的密文只能加密一种功能。另一方面,秘密密钥加密可用于对许多不同类型的程序进行编码,但只有在攻击者看到一定数量的此类密文时,它才是安全的。我们首先展示如何将混合有限元与基于属性的加密结合起来以实现叛徒追踪。第二,我们依靠具有超多项式模噪比的LWE假设的多项式硬度,为多项式大小的分支程序(对应于复杂度类对数空间)构建了混合有限元系统。另一方面,秘密密钥加密可用于对许多不同类型的程序进行编码,但只有在攻击者看到一定数量的此类密文时,它才是安全的。我们首先展示如何将混合有限元与基于属性的加密结合起来以实现叛徒追踪。第二,我们依靠具有超多项式模噪比的LWE假设的多项式硬度,为多项式大小的分支程序(对应于复杂度类对数空间)构建了混合有限元系统。另一方面,秘密密钥加密可用于对许多不同类型的程序进行编码,但只有在攻击者看到一定数量的此类密文时,它才是安全的。我们首先展示如何将混合有限元与基于属性的加密结合起来以实现叛徒追踪。其次,我们依赖于具有超多项式模噪比的LWE假设的多项式硬度,为多项式大小的分支程序(对应于复杂度类对数空间)构建了混合有限元系统。
京公网安备 11010802027423号