abe

package
v0.0.0-...-a536860 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 10, 2024 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Overview

Package abe includes schemes allowing attribute based encryption.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type DIPPE 

type DIPPE struct {
	G1ToA  data.MatrixG1
	G1ToUA data.MatrixG1
	P      *big.Int // order of the elliptic curve
	// contains filtered or unexported fields
}

DIPPE represents a Decentralized Inner-Product Predicate Encryption (DIPPE) scheme introduced by Y. Michalevsky and M. Joye in: "Decentralized Policy-Hiding Attribute-Based Encryption with Receiver Privacy" https://eprint.iacr.org/2018/753.pdf

func NewDIPPE 

func NewDIPPE(secLevel int) (*DIPPE, error)

NewDIPPE configures a new instance of the scheme. The input parameter defines the security assumption of the scheme, so called k-Lin assumption, where k is the input.

func (DIPPE) AttributeVecInit 

func (d DIPPE) AttributeVecInit(attrib []int, numAttrib int) (data.Vector, error)

AttributeVecInit given the attributes and the number of all possible attributes creates a vector describing the users allowance. The function is needed in the the transformation of the DIPPE scheme into an ABE scheme with threshold or conjugation.

func (DIPPE) ConjunctionPolicyVecInit 

func (d DIPPE) ConjunctionPolicyVecInit(attrib []int, numAttrib int) (data.Vector, error)

ConjunctionPolicyVecInit is used for the transformation of the DIPPE scheme into an ABE scheme with conjugation policy. In particular given a slice of attributes and the number of all possible attributes it creates a policy vector that can be used for the DIPPE encryption. The user will be able to decrypt only if he posses all the demanded attributes.

func (*DIPPE) Decrypt 

func (d *DIPPE) Decrypt(cipher *DIPPECipher, keys []data.VectorG2, v data.Vector, gid string) (string, error)

Decrypt accepts the ciphertext, a slice of keys obtained from the authorities, a vector v representing the users decryption allowance, and a global identifier. If the provided keys are correct and the inner product v times x = 0 for the policy x, the message is decrypted, otherwise an error is returned.

func (*DIPPE) Encrypt 

func (d *DIPPE) Encrypt(msg string, x data.Vector, pubKeys []*DIPPEPubKey) (*DIPPECipher, error)

Encrypt takes as an input a string message msg, a vector x representing a decryption policy and a slice of public keys of the participating authorities. The i-th coordinate of x corresponds to i-th public key of the authority with id i. It returns an encryption of msg. In case of a failed procedure an error is returned.

func (DIPPE) ExactThresholdPolicyVecInit 

func (d DIPPE) ExactThresholdPolicyVecInit(attrib []int, threshold int, numAttrib int) (data.Vector, error)

ExactThresholdPolicyVecInit is used for the transformation of the DIPPE scheme into an ABE scheme with an exact threshold. In particular given a slice of attributes, a threshold value and the number of all possible attributes it creates a policy vector that can be used for the DIPPE encryption. The user will be able to decrypt only if he posses exactly the threshold value of the attributes.

func (*DIPPE) NewDIPPEAuth 

func (d *DIPPE) NewDIPPEAuth(id int) (*DIPPEAuth, error)

NewDIPPEAuth configures a new authority that will be able to produce decryption keys. If the scheme will have n authorities it is assumed that each will have a different id from [0, n).

type DIPPEAuth 

type DIPPEAuth struct {
	ID int
	Sk DIPPESecKey
	Pk DIPPEPubKey
}

DIPPEAuth represents an authority in DIPPE scheme

func (*DIPPEAuth) DeriveKeyShare 

func (a *DIPPEAuth) DeriveKeyShare(v data.Vector, pubKeys []*DIPPEPubKey, gid string) (data.VectorG2, error)

DeriveKeyShare allows an authority to give a partial decryption key. Collecting all such partial keys allows a user to decrypt the message. The input vector v contains an information about the user that will allow him to decrypt iff the inner product v times x = 0 for the policy x. GID is a global identifier of the user and a slice of public keys of the authorities should be given.

type DIPPECipher 

type DIPPECipher struct {
	C0     data.VectorG1
	C      data.MatrixG1
	CPrime *bn256.GT
	X      data.Vector // policy vector
	SymEnc []byte      // symmetric encryption of the message
	Iv     []byte      // initialization vector for symmetric encryption
}

DIPPECipher represents a ciphertext in DIPPE scheme

type DIPPEPubKey 

type DIPPEPubKey struct {
	G1ToWtA   data.MatrixG1
	GToAlphaA data.VectorGT
	G2ToSigma *bn256.G2
}

DIPPEPubKey represents a public key of an authority in DIPPE scheme.

type DIPPESecKey 

type DIPPESecKey struct {
	Sigma *big.Int
	W     data.Matrix
	Alpha data.Vector
}

DIPPESecKey represents a secret key of an authority in DIPPE scheme.

type FAME 

type FAME struct {
	P *big.Int // order of the elliptic curve
}

FAME represents a FAME scheme.

func NewFAME 

func NewFAME() *FAME

NewFAME configures a new instance of the scheme.

func (*FAME) Decrypt 

func (a *FAME) Decrypt(cipher *FAMECipher, key *FAMEAttribKeys, pk *FAMEPubKey) (string, error)

Decrypt takes as an input a cipher and an FAMEAttribKeys and tries to decrypt the cipher. This is possible only if the set of possessed attributes (and corresponding keys FAMEAttribKeys) suffices the encryption policy of the cipher. If this is not possible, an error is returned.

func (*FAME) Encrypt 

func (a *FAME) Encrypt(msg string, msp *MSP, pk *FAMEPubKey) (*FAMECipher, error)

Encrypt takes as an input a message msg represented as an element of an elliptic curve, a MSP struct representing the decryption policy, and a public key pk. It returns an encryption of the message. In case of a failed procedure an error is returned. Note that safety of the encryption is only proved if the mapping msp.RowToAttrib from the rows of msp.Mat to attributes is injective.

func (*FAME) GenerateAttribKeys 

func (a *FAME) GenerateAttribKeys(gamma []string, sk *FAMESecKey) (*FAMEAttribKeys, error)

GenerateAttribKeys given a set of attributes gamma and the master secret key generates keys that can be used for the decryption of any ciphertext encoded with a policy for which attributes gamma are sufficient.

func (*FAME) GenerateMasterKeys 

func (a *FAME) GenerateMasterKeys() (*FAMEPubKey, *FAMESecKey, error)

GenerateMasterKeys generates a new set of public keys, needed for encrypting data, and master secret keys needed for generating keys for decrypting.

type FAMEAttribKeys 

type FAMEAttribKeys struct {
	K0        [3]*bn256.G2
	K         [][3]*bn256.G1
	KPrime    [3]*bn256.G1
	AttribToI map[string]int
}

FAMEAttribKeys represents keys corresponding to attributes possessed by an entity and used for decrypting in a FAME scheme.

type FAMECipher 

type FAMECipher struct {
	Ct0     [3]*bn256.G2
	Ct      [][3]*bn256.G1
	CtPrime *bn256.GT
	Msp     *MSP
	SymEnc  []byte // symmetric encryption of the message
	Iv      []byte // initialization vector for symmetric encryption
}

FAMECipher represents a ciphertext of a FAME scheme.

type FAMEPubKey 

type FAMEPubKey struct {
	PartG2 [2]*bn256.G2
	PartGT [2]*bn256.GT
}

FAMEPubKey represents a public key of a FAME scheme.

type FAMESecKey 

type FAMESecKey struct {
	PartInt [4]*big.Int
	PartG1  [3]*bn256.G1
}

FAMESecKey represents a master secret key of a FAME scheme.

type GPSW 

type GPSW struct {
	Params *GPSWParams
}

GPSW represents an GPSW ABE-scheme.

func NewGPSW 

func NewGPSW(l int) *GPSW

NewGPSW configures a new instance of the scheme. It accepts l the number of attributes possibly used in the scheme. Attributes' names will be considered as elements of a set {0, 1,..., l-1}.

func (*GPSW) Decrypt 

func (a *GPSW) Decrypt(cipher *GPSWCipher, key *GPSWKey) (string, error)

Decrypt takes as an input a cipher and an GPSWKey key and tries to decrypt the cipher. If the GPSWKey is properly generated, this is possible if and only if the set of attributes associated with the ciphertext satisfies the policy (boolean expression) of the key. This is if and only if the rows of the msp matrix in the key associated with the attributes of the ciphertext span the vector [1, 1,..., 1]. If this is not possible, an error is returned.

func (*GPSW) Encrypt 

func (a *GPSW) Encrypt(msg string, gamma interface{}, pk *GPSWPubKey) (*GPSWCipher, error)

Encrypt takes as an input a message msg given as a string, gamma a set (slice) of attributes that will be associated with the encryption and a public key pk. It returns an encryption of msg. In case of a failed procedure an error is returned.

func (*GPSW) GenerateMasterKeys 

func (a *GPSW) GenerateMasterKeys() (*GPSWPubKey, data.Vector, error)

GenerateMasterKeys generates a new set of public keys, needed for encrypting data, and secret keys needed for generating keys for decryption.

func (*GPSW) GeneratePolicyKey 

func (a *GPSW) GeneratePolicyKey(msp *MSP, sk data.Vector) (*GPSWKey, error)

GeneratePolicyKey given a monotone span program (MSP) msp and the vector of secret keys produces an ABE key associated with the policy given by MSP. In particular, this key can be used to decrypt any cipertext associated with attributes that satisfy given policy.

type GPSWCipher 

type GPSWCipher struct {
	Gamma     []int         // the set of attributes that can be used for policy of decryption
	AttribToI map[int]int   // a map that connects the attributes in gamma with elements of e
	E0        *bn256.GT     // the first part of the encryption
	E         data.VectorG2 // the second part of the encryption
	SymEnc    []byte        // symmetric encryption of the message
	Iv        []byte        // initialization vector for symmetric encryption
}

GPSWCipher represents a ciphertext of the GPSW ABE-scheme.

type GPSWKey 

type GPSWKey struct {
	Msp *MSP
	D   data.VectorG1
}

GPSWKey represents a key structure for decrypting a ciphertext. It includes a msp structure (policy) associated with the key and a vector D representing the main part of the key.

type GPSWParams 

type GPSWParams struct {
	L int      // number of attributes
	P *big.Int // order of the elliptic curve
}

GPSWParams represents configuration parameters for the GPSW ABE-scheme instance.

type GPSWPubKey 

type GPSWPubKey struct {
	T data.VectorG2
	Y *bn256.GT
}

GPSWPubKey represents a public key of the GPSW ABE-scheme.

type MAABE 

type MAABE struct {
	P  *big.Int
	G1 *bn256.G1
	G2 *bn256.G2
	Gt *bn256.GT
}

MAABE represents a MAABE scheme.

func NewMAABE 

func NewMAABE() *MAABE

NewMAABE configures a new instance of the scheme.

func (*MAABE) Decrypt 

func (a *MAABE) Decrypt(ct *MAABECipher, ks []*MAABEKey) (string, error)

Decrypt takes a ciphertext in a MAABE scheme and a set of attribute keys belonging to the same entity, and attempts to decrypt the cipher. This is possible only if the set of possessed attributes/keys suffices the decryption policy of the ciphertext. In case this is not possible or something goes wrong an error is returned.

func (*MAABE) Encrypt 

func (a *MAABE) Encrypt(msg string, msp *MSP, pks []*MAABEPubKey) (*MAABECipher, error)

Encrypt takes an input message in string form, a MSP struct representing the decryption policy and a list of public keys of the relevant authorities. It returns a ciphertext consisting of an AES encrypted message with the secret key encrypted according to the MAABE scheme. In case of a failed procedure an error is returned.

func (*MAABE) NewMAABEAuth 

func (a *MAABE) NewMAABEAuth(id string, attribs []string) (*MAABEAuth, error)

NewMAABEAuth configures a new instance of an authority and generates its public and secret keys for the given set of attributes. In case of a failed procedure an error is returned.

type MAABEAuth 

type MAABEAuth struct {
	ID    string
	Maabe *MAABE
	Pk    *MAABEPubKey
	Sk    *MAABESecKey
}

MAABEAuth represents an authority in the MAABE scheme.

func (*MAABEAuth) AddAttribute 

func (auth *MAABEAuth) AddAttribute(attrib string) error

AddAttribute generates public and secret keys for a new attribute that is given as input. In case of a failed procedure an error is returned, and nil otherwise.

func (*MAABEAuth) GenerateAttribKeys 

func (auth *MAABEAuth) GenerateAttribKeys(gid string, attribs []string) ([]*MAABEKey, error)

GenerateAttribKeys generates a list of attribute keys for the given user (represented by its Global ID) that possesses the given list of attributes. In case of a failed procedure an error is returned. The relevant authority has to check that the entity actually possesses the attributes via some other channel.

func (*MAABEAuth) PubKeys 

func (auth *MAABEAuth) PubKeys() *MAABEPubKey

PubKeys is a getter function that returns a copy of the authority's public keys.

func (*MAABEAuth) RegenerateKey 

func (auth *MAABEAuth) RegenerateKey(attrib string) error

RegenerateKey generates public and secret keys for an already existing attribute that is given as input. In case of a failed procedure an error is returned. It is meant to be used in case only a part of the authority's secret keys get compromised. Note that the new public keys have to be distributed and messages that were encrypted with a policy that contains this attribute have to also be reencrypted.

type MAABECipher 

type MAABECipher struct {
	C0     *bn256.GT
	C1x    map[string]*bn256.GT
	C2x    map[string]*bn256.G2
	C3x    map[string]*bn256.G2
	Msp    *MSP
	SymEnc []byte // symmetric encryption of the string message
	Iv     []byte // initialization vector for symmetric encryption
}

MAABECipher represents a ciphertext of a MAABE scheme.

type MAABEKey 

type MAABEKey struct {
	Gid    string
	Attrib string
	Key    *bn256.G1
}

MAABEKey represents a key corresponding to an attribute possessed by an entity. They are issued by the relevant authorities and are used for decryption in a MAABE scheme.

type MAABEPubKey 

type MAABEPubKey struct {
	Attribs    []string
	EggToAlpha map[string]*bn256.GT
	GToY       map[string]*bn256.G2
}

MAABEPubKey represents a public key for an authority.

type MAABESecKey 

type MAABESecKey struct {
	Attribs []string
	Alpha   map[string]*big.Int
	Y       map[string]*big.Int
}

MAABESecKey represents a secret key for an authority.

type MSP 

type MSP struct {
	P           *big.Int
	Mat         data.Matrix
	RowToAttrib []string
}

MSP represents a monotone span program (MSP) describing a policy defining which attributes are needed to decrypt the ciphertext. It includes a matrix mat and a mapping from the rows of the mat to attributes. A MSP policy allows decryption of an entity with a set of attributes A if an only if all the rows of the matrix mapped to an element of A span the vector [1, 0,..., 0] (or vector [1, 1,..., 1] depending on the use case).

func BooleanToMSP 

func BooleanToMSP(boolExp string, convertToOnes bool) (*MSP, error)

BooleanToMSP takes as an input a boolean expression (without a NOT gate) as a string where attributes are joined by AND and OR gates. It outputs a msp structure representing the expression, i.e. a matrix whose rows correspond to attributes used in the expression and with the property that a boolean expression assigning 1 to some attributes is satisfied iff the corresponding rows span a vector [1, 1,..., 1] or vector [1, 0,..., 0] depending if parameter convertToOnes is set to true or false. Additionally a vector is produced whose i-th entry indicates to which attribute the i-th row corresponds. Example: BooleanToMSP("attrib1 AND (attrib2 OR attrib3)", true) The names of the attributes should not include "AND" or "OR" as a substring and '(' or ')' as a character, otherwise the function will not work properly.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.