witness encryption & witness prf
The concept of witness encryption (WE) is motivated by the problem of designing an encryption scheme that allows users to encrypt messages with respect to an NP statement so that it can only be decrypted by the recipient who knows a valid witness of the NP statement. Another classical application of WE is that it can be used to encrypt messages (e.g. password to a bank account containing the prize money) to any mathematical puzzle or conjecture (e.g. Goldbach’s conjecture, Twin Prime conjecture) and the one who knows how to solve the puzzle or has a valid proof of the conjecture can get the reward by decrypting the ciphertext. It could be particularly useful when the encrypter who announces the prize money is not alive at the time of decryption, that is the witness may not be found during the lifetime of the encrypter.
Tapas Pal and Ratna Dutta: Chosen Ciphertext Secure Functional Encryption from Constrained Witness PRF. In the Proceedings of the 26th Australasian Conference on Information Security and Privacy (ACISP 2021), LNCS , pp. , Springer-Verlag, Perth, Australia, December 1-3, 2021.
Tapas Pal and Ratna Dutta: Semi-Adaptively Secure Offline Witness Encryption from Puncturable Witness PRF. In the Proceeding of the 14th International Conference on Provable and Practical Security (Provsec 2020, accepted), LNCS 12505, pp. 169-189, Singapore, 2020.
Tapas Pal and Ratna Dutta.: Offline Witness Encryption from Witness PRF and Randomized Encoding in CRS model, The 24th Australasian Conference on Information Security and Privacy (ACISP), Christchurch, New Zealand (2019)