A Note on the Simpler Construction to Achieve Dynamic FE via IBE
摘要
Functional Encryption (FE) is a crucial cryptographic primitive that enables partial message recovery. In the static bounded model, the number of decryption key queries is fixed at the outset of the system. There have been many constructions in this model. However, it has certain limitations. Recently, Agrawal et al. (Crypto 2021) and Garg et al. (Eurocrypt 2022) introduced the dynamic bounded model, where the collusion bound is no longer fixed globally, but can be selected fluidly by each encryptor. Dynamic bounded FE can be seen as a balance between static bounded FE and normal FE, offering enhanced flexibility and adaptability in various cryptographic applications. Garg et al. (PKC 2024) proposed two general constructions for transitioning from static bounded FE to dynamic bounded FE using identity based encryption (IBE). One construction utilizes a binary tree of garbled circuits, while the other, which is referred to as ’the simpler construction’ henceforth, employs a single garbled circuit. While Garg et al. provided a high-level proof idea for the simpler construction, we present a detailed simulation-based security proof, demonstrating its validity even when the underlying IBE achieves only selective-id security. Furthermore, we demonstrate that in the indistinguishable-style security definition, dynamic bounded FE can be constructed from a selective-tag secure tagged static bounded FE, offering additional pathways for building dynamic bounded FE.