toplogo
Masuk

Optimal Bounds for Functional Encryption in the Bounded Quantum Storage Model


Konsep Inti
It is possible to construct non-interactive functional encryption schemes with information-theoretic simulation-based security in the bounded quantum storage model, but there are fundamental limits on the efficiency of such schemes. The authors also show how to construct functional encryption schemes with computational security in the bounded classical storage model.
Abstrak

The paper explores the feasibility of functional encryption (FE) in the bounded quantum storage model (BQSM) and the bounded classical storage model (BCSM).

In the BQSM:

  • The authors construct a non-interactive FE (NI-FE) scheme that satisfies information-theoretic simulation-based security, with the quantum memory required by the honest user scaling as O(√s/r), where s is the adversary's quantum memory bound and r is the number of times the memory bound is applied.
  • They prove a matching lower bound, showing that it is impossible to achieve information-theoretic security with quantum memory less than √s/r.
  • They also construct a computationally secure FE scheme in the BQSM, assuming the existence of one-way functions and puncturable pseudorandom functions.

In the BCSM:

  • The authors construct a non-interactive (2n, nℓ)-FE scheme over any ℓ-encodable class of circuits, satisfying information-theoretic subexponential simulation-based security, assuming the existence of (n, n^2) subexponential grey-box obfuscation.
  • They show that this assumption is minimal by constructing subexponential grey-box obfuscation from non-interactive FE in the BCSM.
  • They also obtain a computationally secure FE scheme in the BCSM, assuming grey-box obfuscation and one-way functions.

All the constructions satisfy certain notions of "disappearing" security, where the ciphertexts or functional keys become unusable after some time.

edit_icon

Kustomisasi Ringkasan

edit_icon

Tulis Ulang dengan AI

edit_icon

Buat Sitasi

translate_icon

Terjemahkan Sumber

visual_icon

Buat Peta Pikiran

visit_icon

Kunjungi Sumber

Statistik
The paper presents the following key metrics and figures: The quantum memory required by the honest user in the BQSM NI-FE scheme is O(√s/r), where s is the adversary's quantum memory bound and r is the number of times the memory bound is applied. The authors prove a lower bound showing that information-theoretic security is impossible with quantum memory less than √s/r for the BQSM NI-FE scheme. The BCSM NI-FE scheme assumes the existence of (n, n^2) subexponential grey-box obfuscation, where n is the required memory to run the scheme honestly and n^2 is the needed memory to break security.
Kutipan
"Functional encryption is a powerful paradigm for public-key encryption that allows for controlled access to encrypted data." "Achieving the ideal simulation based security for this primitive is generally impossible in the plain model, so we investigate possibilities in the bounded quantum storage model (BQSM) and the bounded classical storage model (BCSM), where adversaries are limited with respect to their quantum and classical memories, respectively." "We then show that our scheme is optimal by proving that it is impossible to attain information-theoretically secure functional encryption with q < √s/r."

Wawasan Utama Disaring Dari

by Mohammed Bar... pada arxiv.org 04-03-2024

https://arxiv.org/pdf/2309.06702.pdf
Functional Encryption in the Bounded Storage Models

Pertanyaan yang Lebih Dalam

How can the efficiency of the one-time programs used in the BQSM constructions be further improved

To improve the efficiency of the one-time programs used in the Bounded Quantum Storage Model (BQSM) constructions, several strategies can be implemented: Optimizing Program Size: One approach is to optimize the size of the programs used in the construction. By reducing the size of the programs, the computational and memory requirements can be minimized, leading to more efficient operations. Enhancing Program Encoding: Improving the encoding of the programs can also contribute to efficiency. By utilizing more efficient encoding techniques, the programs can be transmitted and processed more effectively, reducing the overall computational load. Streamlining Program Execution: Streamlining the execution of the programs can help in enhancing efficiency. By optimizing the steps involved in program execution, the overall performance can be improved, leading to faster and more efficient operations. Utilizing Quantum Algorithms: Leveraging quantum algorithms and techniques can also enhance the efficiency of the one-time programs. Quantum algorithms can offer advantages in terms of speed and computational complexity, leading to more efficient operations in the BQSM constructions. By implementing these strategies and possibly exploring new approaches tailored to the specific requirements of the BQSM constructions, the efficiency of the one-time programs can be further improved.

Can information-theoretic USIM security be achieved for FE in the BCSM, or is subexponential simulation security the best possible

Achieving information-theoretic Universal Simulation (USIM) security for Functional Encryption (FE) in the Bounded Classical Storage Model (BCSM) presents significant challenges. The impossibility results and limitations in the plain model suggest that achieving information-theoretic USIM security may not be feasible in the BCSM. Subexponential Simulation (subexpSIM) security, on the other hand, offers a practical and achievable level of security for FE in the BCSM. While information-theoretic USIM security is a desirable goal, the constraints and limitations of the BCSM may make it challenging to attain. Therefore, subexponential simulation security could be considered the best possible security level for FE in the BCSM, providing a balance between security guarantees and practical feasibility within the bounded storage model framework.

What other cryptographic primitives could benefit from the bounded storage model approach, and what are the fundamental limits for those primitives

The bounded storage model approach can benefit various cryptographic primitives beyond Functional Encryption (FE). Some of the cryptographic primitives that could benefit from this approach include: Symmetric Key Encryption: By applying the bounded storage model principles to symmetric key encryption schemes, it may be possible to enhance the security and efficiency of encryption algorithms while limiting the storage capabilities of adversaries. Digital Signatures: Implementing digital signature schemes within the bounded storage model framework can strengthen the security of signatures by restricting the storage capacity of adversaries, thereby reducing the risk of key exposure and unauthorized access. Key Agreement Protocols: Utilizing the bounded storage model for key agreement protocols can enhance the confidentiality and integrity of key exchange processes by imposing limitations on the storage capabilities of malicious parties. The fundamental limits for these primitives in the bounded storage model context revolve around balancing security guarantees with practical constraints such as memory limitations, computational complexity, and efficiency. Understanding and optimizing these factors are crucial for designing secure and efficient cryptographic schemes within the bounded storage model.
0
star