How to construct random functions
Journal of the ACM (JACM)
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Proxy signatures for delegating signing operation
CCS '96 Proceedings of the 3rd ACM conference on Computer and communications security
Revocation and Tracing Schemes for Stateless Receivers
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Unique Signatures and Verifiable Random Functions from the DH-DDH Separation
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
FOCS '99 Proceedings of the 40th Annual Symposium on Foundations of Computer Science
Improved proxy re-encryption schemes with applications to secure distributed storage
ACM Transactions on Information and System Security (TISSEC)
Searchable symmetric encryption: improved definitions and efficient constructions
Proceedings of the 13th ACM conference on Computer and communications security
Delegating computation: interactive proofs for muggles
STOC '08 Proceedings of the fortieth annual ACM symposium on Theory of computing
Identity-Based Proxy Re-encryption
ACNS '07 Proceedings of the 5th international conference on Applied Cryptography and Network Security
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
Securely outsourcing linear algebra computations
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Improved delegation of computation using fully homomorphic encryption
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Efficient trace and revoke schemes
International Journal of Information Security - Special Issue on Special Purpose Protocols;Guest Editor:Moti Yung
Verifiable delegation of computation over large datasets
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Practical delegation of computation using multiple servers
Proceedings of the 18th ACM conference on Computer and communications security
A verifiable random function with short proofs and keys
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
How to securely outsource cryptographic computations
TCC'05 Proceedings of the Second international conference on Theory of Cryptography
Keyword search and oblivious pseudorandom functions
TCC'05 Proceedings of the Second international conference on Theory of Cryptography
Secure Proxy Signature Schemes for Delegation of Signing Rights
Journal of Cryptology
Privacy in encrypted content distribution using private broadcast encryption
FC'06 Proceedings of the 10th international conference on Financial Cryptography and Data Security
A scalable, delegatable pseudonym protocol enabling ownership transfer of RFID tags
SAC'05 Proceedings of the 12th international conference on Selected Areas in Cryptography
How to delegate and verify in public: verifiable computation from attribute-based encryption
TCC'12 Proceedings of the 9th international conference on Theory of Cryptography
Anonymous broadcast encryption: adaptive security and efficient constructions in the standard model
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Outsider-Anonymous broadcast encryption with sublinear ciphertexts
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Publicly verifiable delegation of large polynomials and matrix computations, with applications
Proceedings of the 2012 ACM conference on Computer and communications security
Dynamic searchable symmetric encryption
Proceedings of the 2012 ACM conference on Computer and communications security
| Hi-index | 0.00 |
We put forth the problem of delegating the evaluation of a pseudorandom function (PRF) to an untrusted proxy and introduce a novel cryptographic primitive called delegatable pseudorandom functions, or DPRFs for short: A DPRF enables a proxy to evaluate a pseudorandom function on a strict subset of its domain using a trapdoor derived from the DPRF secret key. The trapdoor is constructed with respect to a certain policy predicate that determines the subset of input values which the proxy is allowed to compute. The main challenge in constructing DPRFs is to achieve bandwidth efficiency (which mandates that the trapdoor is smaller than the precomputed sequence of the PRF values conforming to the predicate), while maintaining the pseudorandomness of unknown values against an attacker that adaptively controls the proxy. A DPRF may be optionally equipped with an additional property we call policy privacy, where any two delegation predicates remain indistinguishable in the view of a DPRF-querying proxy: achieving this raises new design challenges as policy privacy and bandwidth efficiency are seemingly conflicting goals. For the important class of policy predicates described as (1-dimensional) ranges, we devise two DPRF constructions and rigorously prove their security. Built upon the well-known tree-based GGM PRF family, our constructions are generic and feature only logarithmic delegation size in the number of values conforming to the policy predicate. At only a constant-factor efficiency reduction, we show that our second construction is also policy private. Finally, we describe that their new security and efficiency properties render our DPRF schemes particularly useful in numerous security applications, including RFID, symmetric searchable encryption, and broadcast encryption.