dabenc_adapt_hybrid¶
Hybrid Encryption Adapter for Multi-Authority ABE (MA-ABE Hybrid)
Description: Converts a Decentralized/Multi-Authority Attribute-Based Encryption scheme into a hybrid encryption scheme capable of encrypting arbitrary-length messages.
Adapter Properties
Type: hybrid encryption adapter
Underlying Scheme: any Decentralized/Multi-Authority ABE scheme
Purpose: enables Multi-Authority ABE schemes to encrypt arbitrary-length byte messages
Implementation
- Authors:
Ayo Akinyele
- Date:
2011
- class dabenc_adapt_hybrid.HybridABEncMA(scheme, groupObj)[source]¶
Bases:
ABEncMultiAuth>>> from charm.toolbox.pairinggroup import PairingGroup,GT >>> group = PairingGroup('SS512') >>> dabe = Dabe(group)
Setup master authority.
>>> hyb_abema = HybridABEncMA(dabe, group) >>> global_parameters = hyb_abema.setup()
Generate attributes for two different sub-authorities: Johns Hopkins University, and Johns Hopkins Medical Institutions.
>>> jhu_attributes = ['jhu.professor', 'jhu.staff', 'jhu.student'] >>> jhmi_attributes = ['jhmi.doctor', 'jhmi.nurse', 'jhmi.staff', 'jhmi.researcher']
Johns Hopkins sub-authorities master key.
>>> (jhu_secret_key, jhu_public_key) = hyb_abema.authsetup(global_parameters, jhu_attributes)
JHMI sub-authorities master key
>>> (jhmi_secret_key, jhmi_public_key) = hyb_abema.authsetup(global_parameters, jhmi_attributes)
To encrypt messages we need all of the authorities’ public keys.
>>> allAuth_public_key = {}; >>> allAuth_public_key.update(jhu_public_key); >>> allAuth_public_key.update(jhmi_public_key)
An example user, Bob, who is both a professor at JHU and a researcher at JHMI.
>>> ID = "20110615 bob@gmail.com cryptokey" >>> secrets_keys = {} >>> hyb_abema.keygen(global_parameters, jhu_secret_key,'jhu.professor', ID, secrets_keys) >>> hyb_abema.keygen(global_parameters, jhmi_secret_key,'jhmi.researcher', ID, secrets_keys)
Encrypt a message to anyone who is both a profesor at JHU and a researcher at JHMI.
>>> msg = b'Hello World, I am a sensitive record!' >>> policy_str = "(jhmi.doctor or (jhmi.researcher and jhu.professor))" >>> cipher_text = hyb_abema.encrypt(global_parameters, allAuth_public_key, msg, policy_str) >>> hyb_abema.decrypt(global_parameters, secrets_keys, cipher_text) b'Hello World, I am a sensitive record!'
- authsetup(gp, attributes)[source]¶
Setup an authority. :param gp: The global parameters of the scheme. :param object: Additional required arguments, for example a list of attributes or a name. :return: The result of the authority setup.
- decrypt(gp, sk, ct)[source]¶
Decrypt a ciphertext. :param gp: The global parameters of the scheme. :param sk: The secret keys of the user. :param ct: The ciphertext to decrypt. :return: The plaintext. :raise Exception: Raised when the attributes do not satisfy the access policy.
- encrypt(gp, pk, M, policy_str)[source]¶
Encrypt a message. :param gp: The global parameters of the scheme. :param pk: The public keys of all relevant authorities. :param m: The message to encrypt. :param object: An access policy or a set of attributes to use. :return: The encrypted message.
- keygen(gp, sk, i, gid, pkey)[source]¶
Generate user secret keys for attributes from a single authority. :param gp: The global parameters of the scheme. :param sk: The secret keys of the attribute authority. :param gid: Global identifier for the user. :param object: An attribute, list of attributes or access structure, depending on the scheme. :return: The secret keys for the user for the given attributes/access structure.