Documentation
¶
Overview ¶
Package tkn20 implements a ciphertext-policy ABE by Tomida, Kawahara, Nishimaki.
This is an implementation of an IND-CCA2 secure variant of the Ciphertext-Policy Attribute Based Encryption (CP-ABE) scheme by J. Tomida, Y. Kawahara, and R. Nishimaki. Fast, compact, and expressive attribute-based encryption. In A. Kiayias, M. Kohlweiss, P. Wallden, and V. Zikas, editors, PKC, volume 12110 of Lecture Notes in Computer Science, pages 3–33. Springer, 2020. https://eprint.iacr.org/2019/966
Update v1.3.8 ¶
As of v1.3.8, ciphertext format changed to use wider prefixes. Ciphertexts in the previous format are still decryptable. The following functions are backwards-compatible:
Example ¶
package main
import (
"bytes"
"crypto/rand"
"fmt"
"log"
"strconv"
cpabe "github.com/cloudflare/circl/abe/cpabe/tkn20"
)
func checkPolicy(in map[string][]string) bool {
possiblePairs := map[string][]string{
"occupation": {"wizard", "doctor", "ghost"},
"country": {"US", "croatia"},
"age": {},
}
isValid := func(key string, value string) bool {
vs, ok := possiblePairs[key]
if !ok {
return false
}
if key == "age" {
age, err := strconv.Atoi(value)
if err != nil {
return false
}
if age < 13 || age > 100 {
return false
}
} else {
for _, v := range vs {
if value == v {
return true
}
}
}
return false
}
for k, v := range in {
for _, value := range v {
if !isValid(k, value) {
return false
}
}
}
return true
}
func main() {
policyStr := `(occupation: doctor) and (country: US)`
invalidPolicyStr := `(title: doctor) and (country: pacific)`
msgStr := `must have the precious 🎃`
wrongAttrsMap := map[string]string{"occupation": "doctor", "country": "croatia"}
rightAttrsMap := map[string]string{"occupation": "doctor", "country": "US", "age": "16"}
publicKey, systemSecretKey, err := cpabe.Setup(rand.Reader)
if err != nil {
log.Fatalf("%s", err)
}
policy := cpabe.Policy{}
err = policy.FromString(policyStr)
if err != nil {
log.Fatal(err)
}
if !checkPolicy(policy.ExtractAttributeValuePairs()) {
log.Fatalf("policy check failed for valid policy")
}
fmt.Println(policy.String())
invalidPolicy := cpabe.Policy{}
err = invalidPolicy.FromString(invalidPolicyStr)
if err != nil {
log.Fatal(err)
}
if checkPolicy(invalidPolicy.ExtractAttributeValuePairs()) {
log.Fatalf("policy check should fail for invalid policy")
}
// encrypt the secret message for a given policy
ct, err := publicKey.Encrypt(rand.Reader, policy, []byte(msgStr))
if err != nil {
log.Fatalf("%s", err)
}
fmt.Printf("plaintext size: %v bytes\n", len(msgStr))
fmt.Printf("ciphertext size: %v bytes\n", len(ct))
// generate secret key for certain set of attributes
wrongAttrs := cpabe.Attributes{}
wrongAttrs.FromMap(wrongAttrsMap)
rightAttrs := cpabe.Attributes{}
rightAttrs.FromMap(rightAttrsMap)
wrongSecretKey, _ := systemSecretKey.KeyGen(rand.Reader, wrongAttrs)
rightSecretKey, _ := systemSecretKey.KeyGen(rand.Reader, rightAttrs)
wrongSat := policy.Satisfaction(wrongAttrs)
if wrongSat {
log.Fatalf("wrong attributes should not satisfy policy")
}
rightSat := policy.Satisfaction(rightAttrs)
if !rightSat {
log.Fatalf("right attributes should satisfy policy")
}
// wrong attrs should not satisfy ciphertext
wrongCtSat := wrongAttrs.CouldDecrypt(ct)
if wrongCtSat {
log.Fatalf("wrong attrs should not satisfy ciphertext")
}
rightCtSat := rightAttrs.CouldDecrypt(ct)
if rightCtSat == false {
log.Fatalf("right attrs should satisfy ciphertext")
}
// attempt to decrypt with wrong attributes should fail
pt, err := wrongSecretKey.Decrypt(ct)
if err == nil {
log.Fatalf("decryption using wrong attrs should have failed, plaintext: %s", pt)
}
pt, err = rightSecretKey.Decrypt(ct)
if err != nil {
log.Fatalf("decryption using right attrs should have succeeded, plaintext: %s", pt)
}
if !bytes.Equal(pt, []byte(msgStr)) {
log.Fatalf("recovered plaintext: %s is not equal to original msg: %s", pt, msgStr)
}
fmt.Println("Successfully recovered plaintext")
}
Output: (occupation:doctor and country:US) plaintext size: 27 bytes ciphertext size: 2747 bytes Successfully recovered plaintext
Index ¶
Examples ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type AttributeKey ¶
type AttributeKey struct {
// contains filtered or unexported fields
}
func (*AttributeKey) Equal ¶
func (s *AttributeKey) Equal(s2 *AttributeKey) bool
func (*AttributeKey) MarshalBinary ¶
func (s *AttributeKey) MarshalBinary() ([]byte, error)
func (*AttributeKey) UnmarshalBinary ¶
func (s *AttributeKey) UnmarshalBinary(data []byte) error
type Attributes ¶
type Attributes struct {
// contains filtered or unexported fields
}
func (*Attributes) CouldDecrypt ¶
func (a *Attributes) CouldDecrypt(ciphertext []byte) bool
func (*Attributes) Equal ¶
func (a *Attributes) Equal(a2 *Attributes) bool
func (*Attributes) FromMap ¶
func (a *Attributes) FromMap(in map[string]string)
type Policy ¶
type Policy struct {
// contains filtered or unexported fields
}
func (*Policy) ExtractAttributeValuePairs ¶
func (*Policy) ExtractFromCiphertext ¶
func (*Policy) FromString ¶
func (*Policy) Satisfaction ¶
func (p *Policy) Satisfaction(a Attributes) bool
type PublicKey ¶
type PublicKey struct {
// contains filtered or unexported fields
}
func (*PublicKey) MarshalBinary ¶
func (*PublicKey) UnmarshalBinary ¶
type SystemSecretKey ¶
type SystemSecretKey struct {
// contains filtered or unexported fields
}
func (*SystemSecretKey) Equal ¶
func (msk *SystemSecretKey) Equal(msk2 *SystemSecretKey) bool
func (*SystemSecretKey) KeyGen ¶
func (msk *SystemSecretKey) KeyGen(rand io.Reader, attrs Attributes) (AttributeKey, error)
func (*SystemSecretKey) MarshalBinary ¶
func (msk *SystemSecretKey) MarshalBinary() ([]byte, error)
func (*SystemSecretKey) UnmarshalBinary ¶
func (msk *SystemSecretKey) UnmarshalBinary(data []byte) error
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.