Functional Encryption for Randomized Functionalities in the Private-Key Setting from Minimal Assumptions

We present a construction of a private-key functional encryption scheme for any family of randomized functionalities based on any such scheme for deterministic functionalities that is sufficiently expressive. Instantiating our construction with existing schemes for deterministic functionalities, we obtain schemes for any family of randomized functionalities based on a variety of assumptions (including the LWE assumption, simple assumptions on multilinear maps, and even the existence of any one-way function) offering various trade-offs between security and efficiency. Previously, Goyal et al. (Proceedings of the 12th theory of cryptography conference (TCC), pp 325–351, 2015 ) constructed a public-key functional encryption scheme for any family of randomized functionalities based on indistinguishability obfuscation. One of the key insights underlying our work is that, in the private-key setting, a sufficiently expressive functional encryption scheme may be appropriately utilized for implementing proof techniques that were so far implemented based on obfuscation assumptions [such as the punctured programming technique of Sahai and Waters (Proceedings of the 46th annual ACM symposium on theory of computing (STOC), pp. 475–484, 2014 )]. We view this as a contribution of independent interest that may be found useful in other settings as well.