Functional Encryption for Pattern Matching with a Hidden String
Abstract
:1. Introduction
- Our scheme is fully expressive such that it supports any string that describes the ciphertext. In our scheme, another string is used as a predicate, which is associated with a private key. This enables us to select any language, from binary to alphabet letters, for the description and the predicate. For example, we can use a binary string of which characters are simply 0 and 1, and also a string which consists of English alphabets A–Z. Moreover, the predicate can consist of wildcard letters to increase the flexibility of pattern matching.
- In our scheme, the size of the ciphertext only increases linearly with the size of the description, which is an arbitrary string that a ciphertext is associated with. Therefore, it can support a long description, such as a sentence or genetic sequences. Moreover, our scheme does not use Deterministic Finite Automata (DFA) for a private key. Instead, a private key is also associated with a string. Therefore, it does not require evaluation of the description from beginning to end. This may significantly reduce the evaluation time for decryption if the location where two strings, a predicate and a description, match are given.
- We provide formal security proofs of our scheme. In particular, we show that both confidentiality and anonymity of the encrypted message and of a hidden string property hold by providing formal security proofs in our security analysis.
2. Related Work
3. Preliminaries
3.1. Bilinear Pairing
3.2. Definitions
- Setup, n, ) : This algorithm takes as inputs a security parameter k and an integer n defining the maximum size of a string (i.e., a pattern) that one can use as a description associated with a ciphertext. It also takes a finite set , which is a set of alphabet letters for the description, as input. It sets a master secret key and publishes public parameters .
- KeyGen: This algorithm takes as inputs a string W of any size , along with the master secret key, and returns a private key .
- Encrypt: This algorithm takes as inputs a message M and the public parameters along with a string where , such that for all , and returns a ciphertext which encrypts M.
- Decrypt: This deterministic algorithm takes as inputs a ciphertext associating to a string of size m, along with the private key for a string of size . If , then the algorithm returns ⊥. Otherwise, the algorithm decrypts a ciphertext and return M.
- Let . For a string of any size less than or equal to n (i.e., ), will be returned as a private key. For a string , a ciphertext is returned. For a ciphertext and a private , will be returned if there exists an index j such that .
3.3. Security Models
3.3.1. IND-CPA
- Setup: The challenger runs Setup(, n, ) to obtain a public parameter . It gives the public parameter pp.
- Phase I: The adversary queries private keys for strings .
- Challenge: If Phase I is over, outputs messages and with a string with the restriction that there is no private key queried in Phase I to be matched with S. More formally, the challenger outputs ⊥ if and such thatThe challenger randomly selects and runs Encrypt algorithm to obtain and returns C to .
- Phase I: The adversary continues to query private keys for strings under the same restriction that
- Guess: Finally, the adversary outputs a guess and wins the game if .
3.3.2. ANON-CPA
- Setup: The challenger runs Setup(, n, ) to obtain a public parameter . It gives the public parameter pp.
- Phase I: The adversary queries private keys for strings .
- Challenge: If Phase I is over, outputs and with the restriction that there is no trivial trapdoors queried in Phase I to distinguish and . More formally, the challenger outputs ⊥ if and such thatThe challenger randomly selects and runs Encrypt algorithm to obtain and returns C to .
- Phase II: The adversary having accesses to the oracle continue to query private keys for strings with the same restriction that there is no trivial to distinguish and was queried in Phase I.
- Guess: Finally, the adversary outputs a guess and wins the game if .
4. DFOS’s Pattern Matching System
- Setup: The algorithm takes as input a security parameter and the maximum size of the ciphertext n. It selects and and publish .
- KeyGen: It takes as input the set of alphabet letters . It selects random values z and from and sets . It publishes a public key and outputs a secret key .
- Issue: To create a token sk for a string of length , the algorithm generates . For , it sets and . It sets a private key for W as .
- Encrypt: To encrypt a string , for , the algorithm selects a random value and sets and . It outputs the ciphertext .
- Test: The algorithm takes as inputs a public key , a token , and a ciphertext . The algorithm sets . For all , it computes and . If , it add i to . Finally, it outputs the set of indexes .
5. Our Construction
5.1. Our Technique
5.2. FEPM
- Setup: The algorithm takes as input a security parameter , the maximum size of the description n and set of alphabet letters . It selects and . It selects random values , z and from and set . It publishes a public parameter:
- KeyGen: To create a token sk for a string of length , the algorithm generates . For , it sets and . It sets the private key for W as .
- Encrypt: To encrypt a string . It selects random value a and b from and . It sets . For , the algorithm sets , . It outputs the ciphertext .
- Decrypt: The algorithm takes as inputs a public parameter , a private key , and a ciphertext . If , it outputs ⊥. Otherwise, for all , it computes . It then outputs .
6. Security Analysis
- It sets by first defining . This results in .
- It sets and for all where a function f be a random permutation from to (i.e., ).
- It also sets .
7. Conclusions
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Data Availability Statement
Conflicts of Interest
References
- Waters, B. Functional Encryption for Regular Languages. In Lecture Notes in Computer Science; Springer: Berlin/Heidelberg, Germany, 2012; Volume 7417, pp. 218–235. [Google Scholar]
- Boneh, D.; Franklin, M.K. Identity-Based Encryption from the Weil Pairing. In Advances in Cryptology—CRYPTO 2001, Proceedings of the 21st Annual International Cryptology Conference, Santa Barbara, CA, USA, 19–23 August 2001; Lecture Notes in Computer Science; Kilian, J., Ed.; Springer: Berlin/Heidelberg, Germany, 2001; Volume 2139, pp. 213–229. [Google Scholar]
- Boyen, X.; Waters, B. Anonymous Hierarchical Identity-Based Encryption (Without Random Oracles). In Advances in Cryptology—CRYPTO 2006, Proceedings of the 26th Annual International Cryptology Conference, Santa Barbara, CA, USA, 20–24 August 2006; Lecture Notes in Computer Science; Dwork, C., Ed.; Springer: Berlin/Heidelberg, Germany, 2006; Volume 4117, pp. 290–307. [Google Scholar]
- Lai, J.; Deng, R.H.; Li, Y. Expressive CP-ABE with partially hidden access structures. In Proceedings of the 7th ACM Symposium on Information, Compuer and Communications Security, ASIACCS ’12, Seoul, Korea, 2–4 May 2012; Youm, H.Y., Won, Y., Eds.; ACM: New York, NY, USA, 2012; pp. 18–19. [Google Scholar]
- Xiong, H.; Zhao, Y.; Peng, L.; Zhang, H.; Yeh, K. Partially policy-hidden attribute-based broadcast encryption with secure delegation in edge computing. Future Gener. Comput. Syst. 2019, 97, 453–461. [Google Scholar] [CrossRef]
- Belguith, S.; Kaaniche, N.; Laurent, M.; Jemai, A.; Attia, R. PHOABE: Securely outsourcing multi-authority attribute based encryption with policy hidden for cloud assisted IoT. Comput. Netw. 2018, 133, 141–156. [Google Scholar] [CrossRef] [Green Version]
- Phuong, T.V.X.; Yang, G.; Susilo, W. Hidden Ciphertext Policy Attribute-Based Encryption Under Standard Assumptions. IEEE Trans. Inf. Forensics Secur. 2016, 11, 35–45. [Google Scholar] [CrossRef]
- Xu, R.; Lang, B. A CP-ABE scheme with hidden policy and its application in cloud computing. Int. J. Cloud Comput. 2015, 4, 279–298. [Google Scholar] [CrossRef]
- Zhou, Z.; Huang, D.; Wang, Z. Efficient Privacy-Preserving Ciphertext-Policy Attribute Based-Encryption and Broadcast Encryption. IEEE Trans. Comput. 2015, 64, 126–138. [Google Scholar] [CrossRef]
- Hao, J.; Huang, C.; Ni, J.; Rong, H.; Xian, M.; Shen, X.S. Fine-grained data access control with attribute-hiding policy for cloud-based IoT. Comput. Netw. 2019, 153, 1–10. [Google Scholar] [CrossRef]
- Bishop, A.; Jain, A.; Kowalczyk, L. Function-Hiding Inner Product Encryption. In Advances in Cryptology—ASIACRYPT 2015 Part I, Proceedings of the 21st International Conference on the Theory and Application of Cryptology and Information Security, Auckland, New Zealand, 29 November–3 December 2015; Lecture Notes in Computer Science; Iwata, T., Cheon, J.H., Eds.; Springer: Berlin/Heidelberg, Germany, 2015; Volume 9452, pp. 470–491. [Google Scholar]
- Kim, S.; Lewi, K.; Mandal, A.; Montgomery, H.; Roy, A.; Wu, D.J. Function-Hiding Inner Product Encryption Is Practical. In Security and Cryptography for Networks, Proceedings of the 11th International Conference, SCN 2018, Amalfi, Italy, 5–7 September 2018; Lecture Notes in Computer Science; Catalano, D., Prisco, R.D., Eds.; Springer: Berlin/Heidelberg, Germany, 2018; Volume 11035, pp. 544–562. [Google Scholar]
- Tomida, J. Tightly Secure Inner Product Functional Encryption: Multi-input and Function-Hiding Constructions. In Advances in Cryptology—ASIACRYPT 2019, Part III, Proceedings of the 25th International Conference on the Theory and Application of Cryptology and Information Security, Kobe, Japan, 8–12 December 2019; Lecture Notes in Computer Science; Galbraith, S.D., Moriai, S., Eds.; Springer: Berlin/Heidelberg, Germany, 2019; Volume 11923, pp. 459–488. [Google Scholar]
- Attrapadung, N. Dual System Encryption via Doubly Selective Security: Framework, Fully Secure Functional Encryption for Regular Languages, and More. In Advances in Cryptology—EUROCRYPT 2014, Proceedings of the 33rd Annual International Conference on the Theory and Applications of Cryptographic Techniques, Copenhagen, Denmark, 11–15 May 2014; Lecture Notes in Computer Science; Nguyen, P.Q., Oswald, E., Eds.; Springer: Berlin/Heidelberg, Germany, 2014; Volume 8441, pp. 557–577. [Google Scholar]
- Waters, B. Dual System Encryption: Realizing Fully Secure IBE and HIBE under Simple Assumptions. In Advances in Cryptology—CRYPTO 2009, Proceedings of the 29th Annual International Cryptology Conference, Santa Barbara, CA, USA, 16–20 August 2009; Lecture Notes in Computer Science; Halevi, S., Ed.; Springer: Berlin/Heidelberg, Germany, 2009; Volume 5677, pp. 619–636. [Google Scholar]
- Desmoulins, N.; Fouque, P.; Onete, C.; Sanders, O. Pattern Matching on Encrypted Streams. In Advances in Cryptology—ASIACRYPT 2018, Part I, Proceedings of the 24th International Conference on the Theory and Application of Cryptology and Information Security, Brisbane, QLD, Australia, 2–6 December 2018; Lecture Notes in Computer Science; Peyrin, T., Galbraith, S.D., Eds.; Springer: Berlin/Heidelberg, Germany, 2018; Volume 11272, pp. 121–148. [Google Scholar]
- Bkakria, A.; Cuppens, N.; Cuppens, F. Privacy-Preserving Pattern Matching on Encrypted Data. In Advances in Cryptology—ASIACRYPT 2020, Part II, Proceedings of the 26th International Conference on the Theory and Application of Cryptology and Information Security, Daejeon, Korea, 7–11 December 2020; Lecture Notes in Computer Science; Moriai, S., Wang, H., Eds.; Springer: Berlin/Heidelberg, Germany, 2020; Volume 12492, pp. 191–220. [Google Scholar]
- Kim, J.; Susilo, W.; Chow, Y.W.; Baek, J.; Kim, I. Pattern Matching over Encrypted Data with a Short Ciphertext. In Proceedings of the Information Security Applications—WISA 2021, Jeju, Korea, 11–13 August 2021; Lecture Notes in Computer Science. Kim, H., Ed.; Springer: Berlin/Heidelberg, Germany, 2021; Volume 13009, pp. 132–143. [Google Scholar]
- Sherry, J.; Lan, C.; Popa, R.A.; Ratnasamy, S. BlindBox: Deep Packet Inspection over Encrypted Traffic. In Proceedings of the ACM SIGCOMM 2015, London, UK, 17–21 August 2015; ACM: New York, NY, USA, 2015; pp. 213–226. [Google Scholar]
- Kim, J.; Camtepe, S.; Baek, J.; Susilo, W.; Pieprzyk, J.; Nepal, S. P2DPI: Practical and Privacy-Preserving Deep Packet Inspection. In Proceedings of the ASIA CCS ’21: ACM Asia Conference on Computer and Communications Security, Virtual Event, Hong Kong, China, 7–11 June 2021; Cao, J., Au, M.H., Lin, Z., Yung, M., Eds.; ACM: New York, NY, USA, 2021; pp. 135–146. [Google Scholar]
- Ning, J.; Poh, G.S.; Loh, J.; Chia, J.; Chang, E. PrivDPI: Privacy-Preserving Encrypted Traffic Inspection with Reusable Obfuscated Rules. In Proceedings of the 2019 ACMCCS 2019, London, UK, 11–15 November 2019; Cavallaro, L., Kinder, J., Wang, X., Katz, J., Eds.; ACM: New York, NY, USA, 2019; pp. 1657–1670. [Google Scholar]
- Canard, S.; Diop, A.; Kheir, N.; Paindavoine, M.; Sabt, M. BlindIDS: Market-Compliant and Privacy-Friendly Intrusion Detection System over Encrypted Traffic. In Proceedings of the ACM AsiaCCS 2017, Abu Dhabi, United Arab Emirates, 2–6 April 2017; ACM: New York, NY, USA, 2017; pp. 561–574. [Google Scholar]
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations. |
© 2021 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Kim, J.; Chow, Y.-W.; Susilo, W.; Baek, J.; Kim, I. Functional Encryption for Pattern Matching with a Hidden String. Cryptography 2022, 6, 1. https://doi.org/10.3390/cryptography6010001
Kim J, Chow Y-W, Susilo W, Baek J, Kim I. Functional Encryption for Pattern Matching with a Hidden String. Cryptography. 2022; 6(1):1. https://doi.org/10.3390/cryptography6010001
Chicago/Turabian StyleKim, Jongkil, Yang-Wai Chow, Willy Susilo, Joonsang Baek, and Intae Kim. 2022. "Functional Encryption for Pattern Matching with a Hidden String" Cryptography 6, no. 1: 1. https://doi.org/10.3390/cryptography6010001