Other Publications

Paper: Unbounded ABE via Bilinear Entropy Expansion, Revisted

Authors: Jie Chen, Junqing Gong, Lucas Kowalczyk and Hoeteck Wee


We present simpler and improved constructions of unbounded attribute-based encryption (ABE) schemes with constant-size public parameters under static assumptions in bilinear groups. Concretely, we obtain:

    – a simple and adaptively secure unbounded ABE scheme in composite-order groups, improving upon a previous construction of Lewko andWaters (Eurocrypt ’11) which only achieves selective security;

Paper: Multi-Input Functional Encryption for Inner Products: Function-Hiding Realizations and Constructions without Pairings

Authors: Michel Abdalla, Dario Catalano, Dario Fiore, Romain Gay and Bodgan Ursu


We present new constructions of multi-input functional encryption (MIFE) schemes for the inner-product functionality that improve the state of the art solution of Abdalla et al. (Eurocrypt 2017) in two main directions.

Paper: Decentralized Multi-Client Functional Encryption for Inner Product

Functional Encryption Blockchain Cybersecuirty H2020

Authors: Jérémy Chotard, Edouard Dufour Sans, Romain Gay, Duong Hieu Phan and David Pointcheval


We consider a situation where multiple parties, owning data that have to be frequently updated, agree to share weighted sums of these data with some aggregator, but where they do not wish to reveal their individual data, and do not trust each other. We combine technique from Private Stream Aggregation (PSA) and Functional Encryption (FE), to introduce a primitive we call Decentralized Multi-Client Functional Encryption (DMCFE), for which we give a practical instantiation for Inner Product functionalities. This primitive allows various senders to non-interactively generate ciphertexts which support inner-product evaluation, with functional decryption keys that can also be generated non-interactively, in a distributed way, among the senders. Interactions are required during the setup phase only. We prove adaptive security of our constructions, while allowing corruptions of the clients, in the random oracle model.


Paper: Improved Inner-product Encryption with Adaptive Security and Full Attribute-hiding

Authors: Jie Chen, Junqing Gong and Hoeteck Wee


In this work, we propose two IPE schemes achieving both adaptive security and full attribute-hiding in the prime-order bilinear group, which improve upon the unique existing result satisfying both features from Okamoto and Takashima [Eurocrypt ’12] in terms of efficiency.

– Our first IPE scheme is based on the standard k-LIN assumption and has shorter master public key and shorter secret keys than Okamoto and Takashima’s IPE under weaker DLIN = 2-LIN assumption.

Paper: CCA-secure module lattice-based key encapsulation on ARM


Authors: Angshuman Karmakar, Jose Maria Bermudo Mera, Sujoy Sinha Roy and Ingrid Verbauwhede



The CCA-secure lattice-based post-quantum key encapsulation scheme Saber is a candidate in the NIST’s post-quantum cryptography standardization process. In this paper, we study the implementation aspects of Saber in resourceconstrained microcontrollers from the ARM Cortex-M series which are very popular for realizing IoT applications. In this work, we carefully optimize various parts of Saber for speed and memory. We exploit digital signal processing instructions and efficient memory access for a fast implementation of polynomial multiplication. We also use memory efficient Karatsuba and just-in-time strategy for generating the public matrix of the module lattice to reduce the memory footprint. We also show that our optimizations can be combined with each other seamlessly to provide various speed-memory trade-offs. Our speed optimized software takes just 1,147K, 1,444K, and 1,543K clock cycles on a Cortex-M4 platform for key generation, encapsulation and decapsulation respectively. Our memory efficient software takes 4,786K, 6,328K, and 7,509K clock cycles on an ultra resource-constrained Cortex-M0 platform for key generation, encapsulation, and decapsulation respectively while consuming only 6.2 KB of memory at most. These results show that lattice-based key encapsulation schemes are perfectly practical for securing IoT devices from quantum computing attacks.