# Function-Private Subspace-Membership Encryption and Its Applications

**Authors:**

*D. Boneh, A. Raghunathan, and G. Segev*

** Abstract: **

Boneh, Raghunathan, and Segev (CRYPTO '13) have recently put forward the
notion of *function privacy* and applied it to identity-based
encryption, motivated by the need for providing predicate privacy in
public-key searchable encryption. Intuitively, their notion asks that
decryption keys reveal essentially no information on their corresponding
identities, beyond the absolute minimum necessary. While Boneh et al.
showed how to construct function-private identity-based encryption (which
implies predicate-private encrypted keyword search), searchable encryption
typically requires a richer set of predicates.

In this paper we significantly extend the function privacy framework.
First, we introduce the new notion of *subspace-membership* encryption,
a generalization of inner-product encryption, and formalize a meaningful
and realistic notion for capturing its function privacy. Then, we present a
generic construction of a *function-private* subspace-membership
encryption scheme based on *any* inner-product encryption scheme. This
is the first generic construction that yields a function-private encryption
scheme based on a non-function-private one.

Finally, we present various applications of function-private
subspace-membership encryption. Among our applications, we significantly
improve the function privacy of the identity-based encryption schemes of
Boneh et al.: whereas their schemes are function private only for
identities that are highly unpredictable (with min-entropy of at least
*λ + ω(log λ)* bits, where *λ* is the
security parameter), we obtain function-private schemes assuming only the
*minimal* required unpredictability (i.e., min-entropy of only
*ω(log λ)* bits). This improvement offers a much more realistic
function privacy guarantee.

** Reference:**

In Proceedings of Asiacrypt 2013.

**Full paper:**
PDF