Matchmaking encryption (ME) is a generalization of attribute-based encryption (ABE) in which both the sender and the receiver (each with their own attributes) can specify access policies the other party must satisfy in order for the message to be revealed. Security guarantees that during decryption nothing is leaked beyond the fact whether a match occurred or not. Similarly to ABE, ME requires a trusted key generation center (KGC) that can potentially decrypt all ciphertexts. We cast ME in the framework of registered encryption, in which the KGC is replaced by an untrusted key curator that registers public keys, attributes and policies of the users, but is not allowed to decrypt ciphertexts. Our main contribution is a black-box construction of registered ME (RME) using registered ABE (RABE) and lockable obfuscation. As we show, our construction can be instantiated under standard assumptions in the plain model yielding RME for expressive classes of policies.
Registered Matchmaking Encryption / Francati, D.; Huang, V.; Venturi, D.. - 15825:(2025), pp. 3-32. ( 23rd International Conference on Applied Cryptography and Network Security, ACNS 2025 Munich; Germany ) [10.1007/978-3-031-95761-1_1].
Registered Matchmaking Encryption
Francati D.
Primo
;Venturi D.
2025
Abstract
Matchmaking encryption (ME) is a generalization of attribute-based encryption (ABE) in which both the sender and the receiver (each with their own attributes) can specify access policies the other party must satisfy in order for the message to be revealed. Security guarantees that during decryption nothing is leaked beyond the fact whether a match occurred or not. Similarly to ABE, ME requires a trusted key generation center (KGC) that can potentially decrypt all ciphertexts. We cast ME in the framework of registered encryption, in which the KGC is replaced by an untrusted key curator that registers public keys, attributes and policies of the users, but is not allowed to decrypt ciphertexts. Our main contribution is a black-box construction of registered ME (RME) using registered ABE (RABE) and lockable obfuscation. As we show, our construction can be instantiated under standard assumptions in the plain model yielding RME for expressive classes of policies.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
