Privacy-Preserving and Traceable Functional Encryption for Inner Product in Cloud Computing

Cloud computing is a distributed infrastructure that centralizes server resources on a platform in order to provide services over the internet. Traditional public-key encryption protects data confidentiality in cloud computing, while functional encryption provides a more fine-grained decryption method, which only reveals a function of the encrypted data. However, functional encryption in cloud computing faces the problem of key sharing. In order to trace malicious users who share keys with others, traceable FE-IP (TFE-IP) schemes were proposed where the key generation center (KGC) knows users' identities and binds them with different secret keys. Nevertheless, existing schemes fail to protect the privacy of users' identities. The fundamental challenge to construct a privacy-preserving TFE-IP scheme is that KGC needs to bind a key with a user's identity without knowing the identity. To balance privacy and accountability in cloud computing, we propose the concept of privacy-preserving traceable functional encryption for inner product (PPTFE-IP) and give a concrete construction which offers the features: (1) To prevent key sharing, both a user's identity and a vector are bound together in the key; (2) The KGC and a user execute a two-party secure computing protocol to generate a key without the former knowing anything about the latter's identity; (3) Each user can ensure the integrity and correctness of his/her key through verification; (4) The inner product of the two vectors embedded in a ciphertext and in his/her key can be calculated by an authorized user; (5) Only the tracer can trace the identity embedded in a key. We formally reduce the security of the proposed PPTFE-IP to well-known complexity assumptions, and conduct an implementation to evaluate its efficiency. The novelty of our scheme is to protect the user's privacy and provide traceability if required.