Loading...

Designing Post-Quantum Functional Encryption Scheme based on Rank-Metric Codes

Yousefipoor, Vahid | 2023

0 Viewed
  1. Type of Document: Ph.D. Dissertation
  2. Language: Farsi
  3. Document No: 58191 (05)
  4. University: Sharif University of Technology
  5. Department: Electrical Engineering
  6. Advisor(s): Eghlidos, Taraneh
  7. Abstract:
  8. Functional Encryption (FE) is an encryption scheme used in cloud computing to enhance data security. When data owners outsource encrypted data to the cloud, they may need to perform computations on the data without decrypting it, as the cloud server is not fully trusted. Functional encryption addresses this challenge by allowing authorized users to compute specific functions on the encrypted data. In FE, the data owner holds a private key associated with a particular function. Using this key, an authorized user can only access the result of the function applied to the original data, without revealing any additional information about the underlying data. In functional encryption, significant research efforts have focused on searchable encryption (SE) and attribute-based encryption (ABE), as these schemes are essential for secure cloud computing systems. SE enables keyword-based searches on encrypted data, while ABE enforces access control through specific policies, complementary functionalities that enhance data security and usability. Recently, rank-metric codes have garnered increased attention due to their superior performance compared to Hamming metric codes, particularly in post-quantum cryptographic applications. In this thesis, we leverage these advancements to propose the first post-quantum asymmetric SE and ABE schemes based on rank-metric codes. The proposed searchable encryption scheme demonstrates higher efficiency than both classical and post-quantum alternatives while achieving security against chosen-keyword attacks, keyword-guessing attacks, and reaction attacks. Notably, it enables users to verify the accuracy and completeness of search results returned by the cloud server and perform multi-keyword searches using a single search token. To ensure forward secrecy, user key pairs are efficiently updated in each time period via a hash-based mechanism, eliminating the need for data re-encryption. While the scheme’s communication overhead (~6 KB) remains practical, it is slightly higher than existing solutions, a trade-off that warrants future optimization. The proposed attribute-based encryption scheme provides security against chosen-plaintext attacks and reaction attacks while offering efficient attribute revocation. When a user's access period expires, data associated with their attribute set can be re-encrypted without requiring new keys for other users or significant communication overhead. By employing a hash function and Bloom filter-based approach, the scheme enables data users to verify that the cloud server has returned all attribute-matching data. Performance analysis demonstrates that the scheme maintains acceptable efficiency compared to both classical and post-quantum alternatives. Although the scheme is secure against reaction attacks, formal security proof against general chosen-ciphertext attacks remains an open research question for future investigation
  9. Keywords:
  10. Attribute Based Encryption ; Functional Encryption ; Cloud Computing ; Post-Quantum Cryptography ; Rank-Metric Codes ; Asymmetric Searchable Encryption

 Digital Object List

 Bookmark

No TOC