Functional encryption
This article may meet Wikipedia's criteria for speedy deletion as a recently created article with no relevant page history that does not expand upon, detail, or improve information within the existing article(s) on the subject, Encrypted function (compare pages). Note that splits of large articles are not eligible under this criterion. If the title of the page is a plausible redirect to an existing page, it is not eligible for speedy deletion, and should be redirected instead. See CSD A10.
If this article does not meet the criteria for speedy deletion, or you intend to fix it, please remove this notice, but do not remove this notice from pages that you have created yourself. If you created this page and you disagree with the given reason for deletion, you can click the button below and leave a message explaining why you believe it should not be deleted. You can also visit the talk page to check if you have received a response to your message. Note that this article may be deleted at any time if it unquestionably meets the speedy deletion criteria, or if an explanation posted to the talk page is found to be insufficient.
Note to administrators: this article has content on its talk page which should be checked before deletion. Administrators: check links, talk, history (last), and logs before deletion. Consider checking Google.This page was last edited by Vigyani (contribs | logs) at 16:22, 11 April 2013 (UTC) (12 years ago) |
 |
Functional encryption is a type of public-key encryption in which a the decryption of a ciphertext is possible if and only if the plaintext satisfies some functional relation. Functional encryption generalizes several existing primitives including Identity-Based encryption and Attribute-Based Encryption.
Functional encryption was proposed by Sahai and Waters in 2005 and formalized by Boneh, Sahai and Waters in 2010. Until recently, however, most instantiations of Functional Encryption supported only limited function classes such as boolean formulae. In 2012, several researchers developed Functional Encryption schemes for arbitrary circuits.
Background
Functional Encryption is a new vision of public key encryption. Traditionally, we view encryption as a mechanism for a user, Alice, to confidentially encode a data to a target recipient Bob. Alice encrypts the data under the recipients public key such that only Bob, with knowledge of his private key, can decrypt it.
However, in some applications, it may be necessary to share data according to an encryption policy without prior knowledge of who will be receiving the data. Suppose an informant needs to encrypt a message for anyone in a police department's internal affairs office or anyone who is undercover and in the central office -- even though she may not know which officers fit this criteria. The informant will want to encrypt the review with the access policy.
In this system, only users with attributes (credentials) that match this policy should be able to decrypt the document. Traditionally this sort of access control was implemented using a trusted server. With Functional Encryption, however, it is possible to represent the user's access policy using some arbitrary function that takes as input an associated ciphertext tag (that e.g., contains information about the ciphertext). A private key generator subsequently embeds the description of into a secret key, which is given to the user. Functional encryption schemes guarantee that the user may decrypt the ciphertext if an only if when evaluates to 1.
One realization of Functional Encryption is Attribute Based Encryption (ABE). In these schemes, the function is a boolean formula over a set of attributes (e.g., Secret OR Top_Secret AND CIA_Agent). Users obtain keys for specific formulae from a trusted party known as a private key generator. Ciphertexts are encrypted with attributes such that the ciphertext can only be decrypted when the attributes satisfy the policy embedded in the user's key.