Abstract: Functional encryption keys can be selected based on a set of criteria that facilitates efficient decryption of ciphertexts. The method includes electronically storing one or more decryption key metadata parameters for a plurality of candidate decryption keys for a functional encryption ciphertext, storing a functional encryption ciphertext, extracting a scheme type of functional input from the ciphertext, extracting a functional input from the ciphertext, searching the metadata parameters to identify a set of candidate keys matching the scheme type of the ciphertext, searching the set of candidate keys to identify a key matching the extracted functional input, and selecting one of the identified candidate keys matching the scheme type and the extracted functional input as a decryption key for the functional encryption ciphertext.

Abstract: A method for secure transmission of a message encrypted under an attribute based encryption scheme is provided. A first and a second authority parameter may be received from one or more authorities. A policy is generated based on the parameters. The generated policy comprises a flexible access control structure. A ciphertext is constructed based on the policy. To decrypt the ciphertext, key components are received from one or more authorities, the key components associated with a decryptor identifier. A decryption key is generated based on the policy and the key components. A plaintext is generated by decrypting the ciphertext.

Abstract: Functional encryption (FE) ciphertext is transformed into partially-decrypted (PD) ciphertext. The PD ciphertext has a shorter bit length than the FE ciphertext, or the decryption time of the PD ciphertext is less than the decryption time of the FE ciphertext. The FE ciphertext can be an attribute-based encryption ciphertext. The transformation can be performed with a transformation key generated by an authority with a master key or by a user with a decryption key. The transformation can also be performed, without a transformation key, based on unencrypted components of the FE ciphertext and on auxiliary information associated with the unencrypted components of the FE ciphertext. The PD ciphertext can require less transmission time across a network than the FE ciphertext. The PD ciphertext can require less time to decrypt than the FE ciphertext, particularly when the computational resources performing the decryption are limited.