There is a growing interest in protocols that eliminate trust and let two parties jointly execute some computation. Two-party Private Function Evaluation protocols (PFE) enable the scenario, where the two participants want to jointly calculate a function for which one of the parties (Alice) provides the input and the other (Bob) provides the function. According to the security definition of PFE, the function provider should not learn more than what is revealed by the output of the function and the data provider should not learn anything about the function. However, this approach enables the function provider to arbitrarily gain information about the other party's data. It is possible to him by evaluating the identity function (or other invertible function) to retrieve Alice's entire input without, while she does not notice anything.
The so called Controlled PFE's goal is to eliminate this possible problem of PFE, by aiming to find a compromise between the guarantees of the input and function security. In practice it means that, by reducing the privacy of the function, the input provider can define forbidden (or allowed) functions, that the function provider cannot calculate with her data.
In this Thesis, we investigate CPFE protocols that have functional encryption (FE) and Oblivious transfer (OT) as basic building blocks. Besides researching the related works and notions of the field, we will give a detailed presentation of two cryptographic approaches to guarantee indistinguishable (IND) and simulational (SIM) security. At the end, we will propose a simpler version of CPFE, that has stronger security guarantee that we prove formally.