[Busec] Crypto reading group: Next monday Nov 21, 9:30-11:00 @ MSR: Dana Dachman-Soled

Ran Canetti canetti at tau.ac.il
Mon Nov 14 19:40:12 EST 2011

Hi All,
Next monday Dana Dachman-Soled will present and bring us back to functional 

Towards understanding the result of Agrawal, Freeman and Vaikuntanathan 
"Functional Encryption for Inner Product Predicates from Learning with 
Errors", we will first look at the simpler construction of Agrawal, Boneh, 
and Boyen "Efficient Lattice (H)IBE in the Standard Model".  The result of 
Agrawal, Freeman and Vaikuntanathan builds on the IBE construction and if 
time permits, we will begin to look at this result as well.

Below are the title/abstracts of the two papers cited above:

1.  Functional Encryption for Inner Product Predicates from Learning with 

Shweta Agrawal and David Mandell Freeman and Vinod Vaikuntanathan

Abstract: We propose a lattice-based functional encryption scheme for inner 
product predicates whose security follows from the difficulty of the 
"learning with errors" (LWE) problem. This construction allows us to 
achieve applications such as range and subset queries, polynomial 
evaluation, and CNF/DNF formulas on encrypted data. Our scheme supports 
inner products over small fields, in contrast to earlier works based on 
bilinear maps.

Our construction is the first functional encryption scheme based on lattice 
techniques that goes beyond basic identity-based encryption. The main 
technique in our scheme is a novel twist to the identity-based encryption 
scheme of Agrawal, Boneh and Boyen (Eurocrypt 2010).

2.  Efficient Lattice (H)IBE in the Standard Model

Shweta Agrawal, Dan Boneh and Xavier Boyen

We construct an efficient identity based encryption system based on the 
standard learning with errors (LWE) problem. Our security proof holds in 
the standard model. The key step in the construction is a family of 
lattices for which there are two distinct trapdoors for finding short 
vectors. One trapdoor enables the real system to generate short vectors in 
all lattices in the family. The other trapdoor enables the simulator to 
generate short vectors for all lattices in the family except for one. We 
extend this basic technique to an adaptively-secure IBE and a Hierarchical IBE.

More information about the Busec mailing list