Skip to main content
Research

Fine-Grained Functional Encryption with Revocation Secures Dynamic Data Access

A novel functional encryption scheme enables precise access control and dynamic revocation over encrypted data, critical for privacy in evolving systems like healthcare.
September 20, 20253 min

A detailed, close-up view showcases a complex blue spherical construct featuring intricate metallic conduits and components. This visual metaphor delves into the underlying mechanisms of blockchain and cryptocurrency systems
A futuristic, metallic device with a prominent, glowing blue circular element, resembling a high-performance blockchain node or cryptographic processor, is dynamically interacting with a transparent, turbulent fluid. This fluid, representative of liquidity pools or high-volume transaction streams, courses over the device's polished surfaces and integrated control buttons, indicating active network consensus processing

Briefing

Managing granular access rights and dynamic revocation in encrypted data systems, particularly for sensitive information like Electronic Health Records, remains a significant challenge for existing cryptographic schemes. This research introduces Inner-product Functional Encryption with Fine-grained Revocation (IPFE-FR), a new primitive that enables selective function computation over encrypted data while supporting precise revocation of access rights and ensuring forward security. This advancement fundamentally enhances data privacy and control for dynamic, multi-user environments, paving the way for more secure and adaptable blockchain architectures in sensitive data management.

A translucent blue, fluid-like structure dynamically interacts with a beige bone fragment, showcasing integrated black and white mechanical components. The intricate composition highlights advanced technological integration within a complex system

Context

Traditional Public Key Encryption (PKE) offers all-or-nothing data access, which is too rigid for complex, multi-stakeholder systems. Attribute-Based Encryption (ABE) provides some access control but typically lacks the ability for fine-grained function-specific revocation and dynamic updates to keys or ciphertexts, leaving a critical gap in managing evolving access permissions over time.

A close-up view reveals a sophisticated, translucent blue electronic device with a central, raised metallic button. Luminous blue patterns resembling flowing energy or data are visible beneath the transparent surface, extending across the device's length

Analysis

The IPFE-FR scheme introduces a system where data is encrypted such that only specific mathematical functions can be computed on it by authorized users, without revealing the underlying data. Its core innovation lies in incorporating system version numbers into cryptographic keys and ciphertexts, enabling a group manager to revoke individual users’ function-specific access rights. When a revocation occurs, the system updates a global version number, and a cloud server, using a special update key, re-encrypts existing data to the new version. This ensures that previously issued keys for revoked users become invalid for both new and old data, providing forward security and preventing collusion by binding user and function keys.

A dynamic splash of clear liquid crests over a sophisticated, circular metallic structure illuminated by electric blue light. This abstract representation captures the essence of blockchain technology and its evolving cryptographic mechanisms

Parameters

  • Core Concept ∞ Inner-product Functional Encryption
  • New System ∞ IPFE-FR Scheme
  • Security AssumptionLearning with Errors (LWE)
  • Key Authors ∞ Yue Han, Jinguang Han, Liqun Chen, Chao Sun
  • Revocation Type ∞ Fine-grained, Indirect
  • Security Properties ∞ Forward Security, Collusion Resistance
  • Application Domain ∞ Electronic Health Records (EHR)

The detailed composition showcases an open mechanical watch movement, its metallic components and precise gear train clearly visible. A substantial blue structure, adorned with intricate circuit-like patterns, connects to the watch, with a metallic arm extending into its core

Outlook

This IPFE-FR scheme establishes a robust foundation for secure and adaptable data sharing, particularly in regulated sectors like healthcare where stringent privacy and access control are paramount. Future research will likely focus on optimizing its efficiency by exploring alternative lattice-based assumptions, such as Ring Learning with Errors (RLWE), to reduce computational overhead. The scheme’s principles could also extend to other privacy-preserving computation paradigms, enabling dynamic access control in decentralized finance (DeFi) for confidential asset management or in supply chain logistics for selective data disclosure.

A detailed, close-up perspective showcases an advanced blue mechanical apparatus, characterized by interwoven, textured tubular elements and metallic structural components. The central focal point is a circular mechanism, accented with polished silver and darker recesses, suggesting a critical functional core for data processing

Verdict

The IPFE-FR scheme represents a pivotal advancement in cryptographic access control, offering unprecedented flexibility and security for dynamic data environments crucial to future decentralized applications.

Signal Acquired from ∞ arxiv.org

Micro Crypto News Feeds

fine-grained revocation

Definition ∞ Fine-grained revocation allows for the precise removal of access rights to specific data or functionalities within a system.

access control

Definition ∞ Access control dictates who or what can view or use resources within a digital system.

forward security

Definition ∞ Forward security is a property of cryptographic systems ensuring that past session keys remain secure even if current or future long-term keys are compromised.

functional encryption

Definition ∞ Functional encryption is a cryptographic scheme that allows specific functions of encrypted data to be computed without decrypting the entire dataset.

learning with errors

Definition ∞ Learning with Errors (LWE) is a mathematical problem that forms the basis for several advanced cryptographic constructions, particularly in post-quantum cryptography.

collusion resistance

Definition ∞ Collusion Resistance is a property of a system where participants cannot conspire to achieve an outcome that benefits them unfairly at the expense of others.

dynamic access

Definition ∞ Dynamic access refers to a system where permissions to data or resources are adjusted in real-time based on changing conditions or user attributes.

security

Definition ∞ Security refers to the measures and protocols designed to protect assets, networks, and data from unauthorized access, theft, or damage.

Tags:

Tags: