We introduce the notion of public key encryption with secure key leasing (PKE-SKL). Our notion supports the leasing of decryption keys so that a leased key achieves the decryption functionality but comes with the guarantee that if the quantum decryption key returned by a user passes a validity test, then the user has lost the ability to decrypt. Our notion is similar in spirit to the notion of secure software leasing (SSL) introduced by Ananth and La Placa (Eurocrypt 2021) but captures significantly more general adversarial strategies. In more detail, our adversary is not restricted to use an honest evaluation algorithm to run pirated software. Our results can be summarized as follows: 1. Definitions: We introduce the definition of PKE with secure key leasing and formalize security notions. 2. Constructing PKE with Secure Key Leasing: We provide a construction of PKE-SKL by leveraging a PKE scheme that satisfies a new security notion that we call consistent or inconsistent security against key leasing attacks (CoIC-KLA security). We then construct a CoIC-KLA secure PKE scheme using 1-key Ciphertext-Policy Functional Encryption (CPFE) that in turn can be based on any IND-CPA secure PKE scheme. 3. Identity Based Encryption, Attribute Based Encryption and Functional Encryption with Secure Key Leasing: We provide definitions of secure key leasing in the context of advanced encryption schemes such as identity based encryption (IBE), attribute-based encryption (ABE) and functional encryption (FE). Then we provide constructions by combining the above PKE-SKL with standard IBE, ABE and FE schemes.
翻译:我们引入了使用安全密钥租赁( PKE- SKL) 的公共密钥加密概念。 我们的概念支持租赁解密密密钥, 以便租赁的密钥能够实现解密功能, 但前提是如果用户返回的量子解密密密密钥通过了有效性测试, 那么用户就失去了解密能力。 我们的概念在精神上与Ananth 和 La Placa( Europrypt 2021) 推出的安全软件租赁概念相似, 但也包含了更普遍的对抗策略。 更详细地说, 我们的对手并不局限于使用诚实的评估算法来运行功能性加密软件。 我们的结果可以概括如下: 1. 定义: 我们引入了由安全密钥租赁和正式安全概念返回的公用解密密密钥解密密密密密钥。 我们用一个符合我们称之为安全或不一致的安全安全租赁计划( CoIC- KLA安全) 。 然后, 我们建了一个CO- K- K- K- Cireial- silview 系统, 将S- silview E- sil- silviol- sil- sil- silviewsal 系统 提供 Cy- k- k- K- K- k- k- k- k- k- k- silviewI- sil- sil- silviewmal- k 提供 和 Cil- k- k- k- k- k- k- sil- k- k- k- k- silvii- sil- sil- silvii- sil 提供 系统。