Private Constrained PRFs (and More) from LWE

Author(s)

Brakerski, Zvika; Tsabary, Rotem; Vaikuntanathan, Vinod; Wee, Hoeteck

Abstract

© 2017, International Association for Cryptologic Research. In a constrained PRF, the owner of the PRF key K can generate constrained keys K_f that allow anyone to evaluate the PRF on inputs x that satisfy the predicate f (namely, where f(x) is “true”) but reveal no information about the PRF evaluation on the other inputs. A private constrained PRF goes further by requiring that the constrained key K_f hides the predicate f. Boneh, Kim and Montgomery (EUROCRYPT 2017) recently presented a construction of private constrained PRF for point function constraints, and Canetti and Chen (EUROCRYPT 2017) presented a completely different construction for more general NC1 constraints. In this work, we show two constructions of LWE-based constraint-hiding constrained PRFs for general predicates described by polynomial-size circuits. The two constructions are based on two distinct techniques that we show have further applicability, by constructing weak attribute-hiding predicate encryption schemes. In a nutshell, the first construction imports the technique of modulus switching from the FHE world into the domain of trapdoor extension and homomorphism. The second construction shows how to use the duality between FHE secret-key/randomness and ABE randomness/secret-key to construct a scheme with dual use of the same values for both FHE and ABE purposes.

Date issued

2017

URI

https://hdl.handle.net/1721.1/137864

Department

Massachusetts Institute of Technology. Computer Science and Artificial Intelligence Laboratory
Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science

Publisher

Springer International Publishing

Citation

Brakerski, Zvika, Tsabary, Rotem, Vaikuntanathan, Vinod and Wee, Hoeteck. 2017. "Private Constrained PRFs (and More) from LWE."

Version: Author's final manuscript

ISSN

0302-9743

1611-3349