Functional Signcryption

Functional encryption (FE) allows to restrict decryption in a highly sophisticated fashion, whereas, functional signature (FS) enables to enforce arbitrarily complex control on signing capabilities. This paper introduces a new cryptographic primitive, termed as functional signcryption (FSC), which unifies the functionalities of FE and FS into a cost-effective formulation. FSC is a crucial step towards efficient implementation of modern digital communication and storage systems that demand advanced forms of confidentiality and authenticity simultaneously. Precisely, we make the following contributions: -First, we present a formal definition of FSC and carefully formulate its security requirements. -Next, we provide a generic construction of FSC supporting signing and decryption functionalities realizable by general polynomial size circuits, based on fundamental cryptographic tools, namely, indistinguishability obfuscation (IO) for circuits and statistically simulation-sound non-interactive zero-knowledge proof of knowledge (SSS-NIZKPoK). -Finally, we exhibit a number of representative applications of this interesting cryptographic primitive: (i) We develop the first ever attribute-based signcryption (ABSC) scheme for arbitrary polynomial size circuits from FSC. (ii) We show how FSC can be utilized to build SSS-NIZKPoK systems and IO for general circuits. This result in conjunction with our FSC construction can be interpreted as establishing an equivalence between FSC and the other two important cryptographic primitives. (c) 2018 Elsevier Ltd. All rights reserved.