On the Semantic Security of Functional Encryption Schemes
Functional Encryption (FE) is a powerful cryptographic primitive that generalizes many asymmetric encryption systems proposed in recent years. Syntax and security definitions for general FE were recently proposed by Boneh, Sahai, and Waters (BSW) (TCC 2011) and independently by O'Neill. In this paper, the authors revisit these definitions, identify several shortcomings in them, and propose a new definitional approach that overcomes these limitations. Their definitions display good compositionality properties and allow users to obtain new feasibility and impossibility results for adaptive token-extraction attack scenarios that shed further light on the potential reach of general FE for practical applications.