# Functional Encryption Without Obfuscation

@inproceedings{Garg2016FunctionalEW,
title={Functional Encryption Without Obfuscation},
author={Sanjam Garg and Craig Gentry and Shai Halevi and Mark Zhandry},
booktitle={TCC},
year={2016}
}
Previously known functional encryption (FE) schemes for general circuits relied on indistinguishability obfuscation, which in turn either relies on an exponential number of assumptions (basically, one per circuit), or a polynomial set of assumptions, but with an exponential loss in the security reduction. Additionally most of these schemes are proved in the weaker selective security model, where the adversary is forced to specify its target before seeing the public parameters. For these…
94 Citations

## Topics from this paper

Functional Encryption: Deterministic to Randomized Functions from Simple Assumptions
• Computer Science, Mathematics
EUROCRYPT
• 2016
This paper gives a selectively secure construction of FE for randomized functionalities in the public-key setting from indistinguishability obfuscation, and stands in stark contrast to FE for deterministic functions which has been realized from a variety of assumptions.
On Removing Graded Encodings from Functional Encryption
• Mathematics, Computer Science
EUROCRYPT
• 2016
This work has shown that beyond the immediate application to computation over encrypted data, variants with succinct ciphertexts are so powerful that they yield the full might of indistinguishability obfuscation (IO), and described how such succinct schemes can be constructed.
Indistinguishability Obfuscation from Functional Encryption
• Mathematics, Computer Science
2015 IEEE 56th Annual Symposium on Foundations of Computer Science
• 2015
This work presents a generic construction of indistinguishability obfuscation from public-key functional encryption with succinct cipher texts and sub-exponential security, and shows the equivalence of incoherent obfuscation and public- key functional encryption.
Indistinguishability Obfuscation from Functional Encryption
• Computer Science
J. ACM
• 2018
This work shows the equivalence of indistinguishability obfuscation and public-key functional encryption, a primitive that has previously seemed to be much weaker, lacking the power and the staggering range of applications of incoherent obfuscation.
From Minicrypt to Obfustopia via Private-Key Functional Encryption
• Computer Science
EUROCRYPT
• 2017
Private-key functional encryption enables fine-grained access to symmetrically-encrypted data and up until recently was not known to imply any public-key primitive, demonstrating poor understanding of this extremely-useful primitive.
From Cryptomania to Obfustopia Through Secret-Key Functional Encryption
• Mathematics, Computer Science
TCC
• 2016
This work shows that subexponentially secure secret-key functional encryption is powerful enough to construct indistinguishability obfuscation if the authors additionally assume the existence of subexponentsially secure plain public-key encryption, and improves on this result by replacing its reliance on the LWE assumption with any plainpublic-keyryption scheme.
From Cryptomania to Obfustopia Through Secret-Key Functional Encryption
• Computer Science
Journal of Cryptology
• 2019
This work shows that (subexponentially secure) secret-key functional encryption is powerful enough to construct indistinguishability obfuscation if the authors additionally assume the existence of (sub expandable secure) plain public-key encryption, and improves on this result by replacing its reliance on the LWE assumption with any plain public -key encryption scheme.
Decomposable Obfuscation: A Framework for Building Applications of Obfuscation from Polynomial Hardness
• Mathematics, Computer Science
TCC
• 2017
There is some evidence that indistinguishability obfuscation (iO) requires either exponentially many assumptions or (sub)exponentially hard assumptions, and indeed, all known ways of building
Indistinguishability Obfuscation Without Multilinear Maps: New Paradigms via Low Degree Weak Pseudorandomness and Security Amplification
• Computer Science
IACR Cryptol. ePrint Arch.
• 2019
The existence of secure indistinguishability obfuscators ($$i\mathcal {O}$$) has far-reaching implications, significantly expanding the scope of problems amenable to cryptographic study. All known
Simple and Efficient FE for Quadratic Functions
• Computer Science, Mathematics
IACR Cryptol. ePrint Arch.
• 2020
Two functional encryption schemes for quadratic functions (or degree-2 polynomials) achieving simulation-based security in the semi-adaptive model with constant-size secret keys are presented.

## References

SHOWING 1-10 OF 43 REFERENCES
Fully Secure Functional Encryption without Obfuscation
• Computer Science
IACR Cryptol. ePrint Arch.
• 2014
The security of the scheme relies only on the polynomial hardness of simple assumptions on multilinear maps, and how to add to existing graded encoding schemes a new extension function, that can be though of as dynamically introducing new encoding levels.
From Selective to Adaptive Security in Functional Encryption
• Computer Science
CRYPTO
• 2015
Adaptive security, where security is guaranteed even for messages that are adaptively chosen at any point in time, seems significantly more challenging than previously thought.
The Trojan Method in Functional Encryption: From Selective to Adaptive Security, Generically
• Computer Science, Mathematics
IACR Cryptol. ePrint Arch.
• 2014
It is shown that any sufficiently expressive selectively-secure functional encryption scheme can be transformed into a fully secure one without introducing any additional assumptions, and a direct black-box transformation is presented, making novel use of hybrid encryption.
A Punctured Programming Approach to Adaptively Secure Functional Encryption
This work proposes the first construction for achieving adaptively secure functional encryption for poly-sized circuits (without complexity leveraging) from indistinguishability obfuscation and develops a “punctured programming” approach to constructing and proving systems where outside of obfuscation the authors rely only on primitives realizable from pseudo random generators.
Indistinguishability Obfuscation from Compact Functional Encryption
• Computer Science
CRYPTO
• 2015
The arrival of indistinguishability obfuscation has transformed the cryptographic landscape by enabling several security goals that were previously beyond the reach, so one of the pressing goals currently is to construct O from well-studied standard cryptographic assumptions.
Indistinguishability Obfuscation from Functional Encryption
• Computer Science
J. ACM
• 2018
This work shows the equivalence of indistinguishability obfuscation and public-key functional encryption, a primitive that has previously seemed to be much weaker, lacking the power and the staggering range of applications of incoherent obfuscation.
Practical Identity-Based Encryption Without Random Oracles
We present an Identity Based Encryption (IBE) system that is fully secure in the standard model and has several advantages over previous such systems – namely, computational efficiency, shorter
Virtual Black-Box Obfuscation for All Circuits via Generic Graded Encoding
• Computer Science, Mathematics
TCC
• 2014
It is proved that the obfuscator exposes no more information than the program’s black- box functionality, and achieves virtual black-box security, in the generic graded encoded scheme model.
Functional Encryption with Bounded Collusions via Multi-party Computation
• Computer Science, Mathematics
CRYPTO
• 2012
These constructions require only semantically secure public-key encryption schemes and pseudorandom generators computable by small-depth circuits known to be implied by most concrete intractability assumptions, and are secure under a strong simulation-based definition of functional encryption.
Definitional Issues in Functional Encryption
It is shown that in the “non-adaptive” case an equivalence does hold between indistinguishability and semantic security for what the authors call preimage sampleable schemes, and it is taken as evidence that for preimage samplesable schemes an indistinguishesability based notion may be acceptable in practice.