def encrypt_time_space(list_n):
iterations = 1
private = public = 0
encrypt_timings = []
aggregate_time = []
aggregate_size = []
private_space = []
public_space = []
for n in list_n:
start = time.clock()
for i in xrange(iterations):
storage = generate_ciphertext_keys(n)
end = time.clock()
no_of_bits = len(list(bin(n)[2:])) + 1
kpabe = KPabe(group)
encrypt_timings.append((n, (end - start) / iterations))
policy = policy_less_than(
'A', n + 1, no_of_bits) + " and " + policy_more_than_equal(
'A', 1, no_of_bits)
start = time.clock()
for i in xrange(iterations):
secret_key = kpabe.keygen(storage['master_public_key'],
storage['master_key'], policy)
end = time.clock()
aggregate_size.append(
(n, getsizeof(pickle.dumps(objectToBytes(secret_key, group)))))
aggregate_time.append((end - start) / iterations)
public, private = getStorageSize(storage)
private_space.append((n, private))
public_space.append((n, public))
return encrypt_timings, aggregate_time, public_space, private_space, aggregate_size
def generate_ciphertext_keys(n):
storage = {}
storage['n'] = n
kpabe = KPabe(group)
more_than = 1
storage['plain'] = [group.random(GT)]
storage['cipher'] = [group.random(GT)]
no_of_bits = len(list(bin(n)[2:]))+1
print "no_of_bits"
print no_of_bits
storage['master_public_key'], storage['master_key'] = kpabe.setup()
frames_attribute = (num_to_attribute('A', i, no_of_bits) for i in xrange(1, n+1))
print "frames_attribute"
print frames_attribute
for i in xrange(n):
plain = group.random(GT)
storage['plain'].append(plain)
storage['cipher'].append(kpabe.encrypt(storage['master_public_key'], plain, frames_attribute.next()))
# ct = storage['cipher'][1:n+1]
# result = [kpabe.decrypt(cipher_text, secret_key) for cipher_text in ct]
# print 'lol', result
# print storage['plain'][1:n+1]
return storage
def calculate_aggregate_size(list_q, n):
kpabe = KPabe(group)
more_than = 1
iterations = 10
aggregate_size = []
aggregate_time = []
storage = {}
storage['n'] = n
no_of_bits = len(list(bin(n)[2:])) + 1
storage['master_public_key'], storage['master_key'] = kpabe.setup()
for q in list_q:
gen_timing = 0.0
for i in xrange(iterations):
more_than_equal, less_than = generate_range(storage, q)
policy = policy_less_than(
'A', less_than, no_of_bits) + " and " + policy_more_than_equal(
'A', more_than_equal, no_of_bits)
start = time.clock()
secret_key = kpabe.keygen(storage['master_public_key'],
storage['master_key'], policy)
end = time.clock()
gen_timing += end - start
aggregate_size.append(
(q, getsizeof(pickle.dumps(objectToBytes(secret_key, group)))))
aggregate_time.append((q, (gen_timing) / iterations))
return aggregate_time, aggregate_size
def encrypt_time_space(list_n):
iterations = 1
private = public = 0
encrypt_timings = []
aggregate_time = []
aggregate_size = []
private_space = []
public_space = []
for n in list_n:
start = time.clock()
for i in xrange(iterations):
storage = generate_ciphertext_keys(n)
end = time.clock()
no_of_bits = len(list(bin(n)[2:]))+1
kpabe = KPabe(group)
encrypt_timings.append((n, (end-start)/iterations))
policy = policy_less_than('A', n+1, no_of_bits) + " and " + policy_more_than_equal('A', 1, no_of_bits)
start = time.clock()
for i in xrange(iterations):
secret_key = kpabe.keygen(storage['master_public_key'], storage['master_key'], policy)
end = time.clock()
aggregate_size.append((n, getsizeof(pickle.dumps(objectToBytes(secret_key, group)))))
aggregate_time.append((end-start)/iterations)
public, private = getStorageSize(storage)
private_space.append((n, private))
public_space.append((n, public))
return encrypt_timings, aggregate_time, public_space, private_space, aggregate_size
def decryption_time(storage, q_list):
iterations = 1
timings = []
aggregate_time = []
aggregate_size = []
no_of_bits = len(list(bin(storage['n'])[2:]))+1
kpabe = KPabe(group)
for q in q_list:
check = True
timing = 0.0
gen_timing = 0.0
for i in xrange(iterations):
more_than_equal, less_than = generate_range(storage, q)
start = time.clock()
policy = policy_less_than('A', less_than, no_of_bits) + " and " + policy_more_than_equal('A', more_than_equal, no_of_bits)
secret_key = kpabe.keygen(storage['master_public_key'], storage['master_key'], policy)
end = time.clock()
gen_timing += end-start
cipher_text = storage['cipher'][more_than_equal:less_than]
plain_text = storage['plain'][more_than_equal:less_than]
start = time.clock()
result = [kpabe.decrypt(ct, secret_key) for ct in cipher_text]
end = time.clock()
timing+=end-start
if (plain_text!=result):
check = False
aggregate_time.append((q, gen_timing/iterations))
aggregate_size.append((q, getsizeof(pickle.dumps(objectToBytes(secret_key, group)))))
if (check==True):
timings.append((q, timing/iterations))
else:
timings.append((q, 'error'))
return timings
def kpabe_encrypt(group, mpk, ptxt, attributes):
"""Encrypts a plaintext using the Lewmko2008rws KP-ABE Scheme.
@param group The `PairingGroup` used within the underlying crypto.
@param mpk The master public key of type `mk_t`.
@param ptxt The `bytearray` resulting from io.open or `io.IOBytes`
containing the plaintext.
@param attributes The set of `str` attributes used to encrypt the
plaintext.
@return The encrypted data returned as a `bytearray`.
"""
kpabe = KPabe(group)
session_key = group.random(GT)
session_key_ctxt = kpabe.encrypt(mpk, session_key,
[a.upper() for a in attributes])
ctxt = io.BytesIO()
iv = Random.new().read(AES.block_size)
symcipher = AES.new(sha(session_key)[0:32], AES.MODE_CFB, iv)
ctxt.write(bytes(iv))
session_key_ctxt_b = objectToBytes(session_key_ctxt, group)
ctxt.write(struct.pack('Q', len(session_key_ctxt_b)))
ctxt.write(session_key_ctxt_b)
for b in read_data(bin_data=ptxt, chunksize=AES.block_size):
ctxt.write(symcipher.encrypt(b))
ctxt.flush()
return ctxt.getvalue()
def kpabe_decrypt(group, mpk, deckey, ctxt):
"""Decrypts a ciphertext using the Lewmko2008rws KP-ABE Scheme.
The plaintext will be returned iff the set of attributes used to
generate the cipher-text can be satisfied by the policy within the
decryption key.
@param group The `PairingGroup` used within the underlying crypto.
@param mpk The Master Public Key of type `mk_t`.
@param deckey The decryption key of type `sk_t`.
@param ctxt The `bytearray` resulting from `io.open` or `io.IOBytes`
containing the ciphertext.
@return A `bytearray` containing the plaintext.
@throw PebelDecryptionException if deckey cannot satisfy the
policy within the ciphertext.
"""
kpabe = KPabe(group)
ptxt = io.BytesIO()
iv = ctxt.read(AES.block_size)
session_key_size = struct.unpack('<Q', ctxt.read(struct.calcsize('Q')))[0]
session_key_ctxt = bytesToObject(ctxt.read(session_key_size), group)
session_key = kpabe.decrypt(session_key_ctxt, deckey)
if session_key:
symcipher = AES.new(sha(session_key)[0:32], AES.MODE_CFB, iv)
for b in read_data(bin_data=ctxt, chunksize=AES.block_size):
ptxt.write(symcipher.decrypt(b))
ptxt.flush()
return ptxt.getvalue()
else:
raise PebelDecryptionException("Unable to decrypt given ciphertext")
def kpabe_encrypt(group, mpk, ptxt, attributes):
"""Encrypts a plaintext using the Lewmko2008rws KP-ABE Scheme.
@param group The `PairingGroup` used within the underlying crypto.
@param mpk The master public key of type `mk_t`.
@param ptxt The `bytearray` resulting from io.open or `io.IOBytes`
containing the plaintext.
@param attributes The set of `str` attributes used to encrypt the
plaintext.
@return The encrypted data returned as a `bytearray`.
"""
kpabe = KPabe(group)
session_key = group.random(GT)
session_key_ctxt = kpabe.encrypt(mpk,
session_key,
[a.upper() for a in attributes])
ctxt = io.BytesIO()
iv = Random.new().read(AES.block_size)
symcipher = AES.new(sha(session_key)[0:32], AES.MODE_CFB, iv)
ctxt.write(bytes(iv))
session_key_ctxt_b = objectToBytes(session_key_ctxt, group)
ctxt.write(struct.pack('Q' ,len(session_key_ctxt_b)))
ctxt.write(session_key_ctxt_b)
for b in read_data(bin_data=ptxt, chunksize=AES.block_size):
ctxt.write(symcipher.encrypt(b))
ctxt.flush()
return ctxt.getvalue()
def generate_ciphertext_keys(n):
storage = {}
storage['n'] = n
kpabe = KPabe(group)
more_than = 1
storage['plain'] = [group.random(GT)]
storage['cipher'] = [group.random(GT)]
no_of_bits = len(list(bin(n)[2:])) + 1
storage['master_public_key'], storage['master_key'] = kpabe.setup()
frames_attribute = (num_to_attribute('A', i, no_of_bits)
for i in xrange(1, n + 1))
for i in xrange(n):
plain = group.random(GT)
storage['plain'].append(plain)
storage['cipher'].append(
kpabe.encrypt(storage['master_public_key'], plain,
frames_attribute.next()))
# ct = storage['cipher'][1:n+1]
# result = [kpabe.decrypt(cipher_text, secret_key) for cipher_text in ct]
# print 'lol', result
# print storage['plain'][1:n+1]
return storage
def calculate_aggregate_size(list_q, n):
kpabe = KPabe(group)
more_than = 1
iterations = 1
aggregate_size = []
aggregate_time = []
storage = {}
storage['n'] = n
no_of_bits = len(list(bin(n)[2:]))+1
storage['master_public_key'], storage['master_key'] = kpabe.setup()
for q in list_q:
gen_timing = 0.0
for i in xrange(iterations):
more_than_equal, less_than = generate_range(storage, q)
policy = policy_less_than('A', less_than, no_of_bits) + " and " + policy_more_than_equal('A', more_than_equal, no_of_bits)
start = time.clock()
secret_key = kpabe.keygen(storage['master_public_key'], storage['master_key'], policy)
end = time.clock()
gen_timing += end-start
aggregate_size.append((q, getsizeof(pickle.dumps(objectToBytes(secret_key, group)))))
aggregate_time.append((q, (gen_timing)/iterations))
return aggregate_time, aggregate_size
def decryption_time(storage, q_list):
iterations = 5
timings = []
aggregate_time = []
aggregate_size = []
no_of_bits = len(list(bin(storage['n'])[2:]))+1
kpabe = KPabe(group)
for q in q_list:
print "q"
print q
check = True
timing = 0.0
gen_timing = 0.0
for i in xrange(iterations):
# print "iterations"
# print i
more_than_equal, less_than = generate_range(storage, q)
print "more_than_equal"
print more_than_equal
print "less_than"
print less_than
start = time.clock()
policy = policy_less_than('A', less_than, no_of_bits) + " and " + policy_more_than_equal('A', more_than_equal, no_of_bits)
print "policy"
print policy
secret_key = kpabe.keygen(storage['master_public_key'], storage['master_key'], policy)
end = time.clock()
gen_timing += end-start
cipher_text = storage['cipher'][more_than_equal:less_than]
plain_text = storage['plain'][more_than_equal:less_than]
start = time.clock()
assert group.InitBenchmark(), "failed to initialize benchmark"
group.StartBenchmark(["Mul", "Exp", "Pair", "Div", "Granular"])
result = [kpabe.decrypt(ct, secret_key) for ct in cipher_text]
group.EndBenchmark()
end = time.clock()
msmtDict = group.GetGeneralBenchmarks()
print("<=== General Benchmarks ===>")
print("Results := ", msmtDict)
timing+=end-start
if (plain_text!=result):
check = False
aggregate_time.append((q, gen_timing/iterations))
aggregate_size.append((q, getsizeof(pickle.dumps(objectToBytes(secret_key, group)))))
if (check==True):
timings.append((q, timing/iterations))
else:
timings.append((q, 'error'))
return timings
def encrypt_time_space(list_n):
iterations = 1
private = public = 0
encrypt_timings = []
aggregate_time = []
aggregate_size = []
private_space = []
public_space = []
for n in list_n:
print "list_n"
print n
start = time.clock()
for i in xrange(iterations):
storage = generate_ciphertext_keys(n)
end = time.clock()
no_of_bits = len(list(bin(n)[2:]))+1
kpabe = KPabe(group)
encrypt_timings.append((n, (end-start)/iterations))
policy = policy_less_than('A', n+1, no_of_bits) + " and " + policy_more_than_equal('A', 1, no_of_bits)
start = time.clock()
for i in xrange(iterations):
print "iterations"
print i
assert group.InitBenchmark(), "failed to initialize benchmark"
group.StartBenchmark(["Mul", "Exp", "Pair", "Div", "Granular"])
secret_key = kpabe.keygen(storage['master_public_key'], storage['master_key'], policy)
group.EndBenchmark()
end = time.clock()
msmtDict = group.GetGeneralBenchmarks()
# granDict = group.GetGranularBenchmarks()
print("<=== General Benchmarks ===>")
print("Results := ", msmtDict)
# print("<=== Granular Benchmarks ===>")
# print("G1 mul := ", granDict)
aggregate_size.append((n, getsizeof(pickle.dumps(objectToBytes(secret_key, group)))))
aggregate_time.append((end-start)/iterations)
public, private = getStorageSize(storage)
private_space.append((n, private))
public_space.append((n, public))
return encrypt_timings, aggregate_time, public_space, private_space, aggregate_size
def decrypt(self, sk, cipher_matrix, vertices):
'''
Decryption requires master_public_key, user secret key, and cipher
'''
group = PairingGroup('SS512')
kpabe = KPabe(group)
hyb_abe = HybridKPABEnc(kpabe, group)
N = len(vertices)
resMat = [None] * N
for i in range(0, N):
resMat[i] = [None] * N
for j in range(0, N):
#convert to lower case
s = vertices[i].lower()
s2 = vertices[j].lower()
cipher = cipher_matrix.get_cell_by_symbol(s, s2)
resMat[i][j] = hyb_abe.decrypt(cipher, sk)
if resMat[i][j] == False:
return False
result = AdjMatrixDiGraph(mat=resMat)
return SymbolDiGraphMat(vertices, G=result)
def kpabe_setup(group):
"""Generates the master key pair for the Lewko2008rsw KP-ABE Scheme.
@param group The `PairingGroup` used within the underlying crypto.
@return The master public and private key pair `(pk_t, mk_t)` as defined within
KPabe implementaton.
"""
return KPabe(group).setup()
def testKPabe(self):
groupObj = PairingGroup('MNT224')
kpabe = KPabe(groupObj)
(pk, mk) = kpabe.setup()
policy = '(ONE or THREE) and (THREE or TWO)'
attributes = [ 'ONE', 'TWO', 'THREE', 'FOUR' ]
msg = groupObj.random(GT)
mykey = kpabe.keygen(pk, mk, policy)
if debug: print("Encrypt under these attributes: ", attributes)
ciphertext = kpabe.encrypt(pk, msg, attributes)
if debug: print(ciphertext)
rec_msg = kpabe.decrypt(ciphertext, mykey)
assert msg == rec_msg
if debug: print("Successful Decryption!")
def kpabe_keygen(group, msk, mpk, policy):
"""Generates an decryption key using the Lewmko2008rws KP-ABE Scheme.
@param group The `PairingGroup` used within the underlying crypto.
@param msk The master secret key of type `mk_t`.
@param mpk The master public key of type `pk_t`.
@param policy The policy `str` used to generate the decryption key.
@return The generated decryption key of type `sk_t`.
"""
return KPabe(group).keygen(mpk, msk, policy)
def benchmark():
groupObj1 = PairingGroup('MNT224')
groupObj2 = PairingGroup('MNT224')
ekpabe = EKPabe(groupObj1)
kpabe = KPabe(groupObj2)
t1_s = 0
t1_k = 0
t1_e = 0
t1_d = 0
t2_s = 0
t2_k = 0
t2_e = 0
t2_d = 0
attributes = ['ONE', 'TWO', 'THREE', 'FOUR']
policy = 'THREE and (ONE or TWO)'
msg1 = b"Some Random Message"
msg2 = groupObj2.random(GT)
for b in range(4):
start = clock()
(epk, emk) = ekpabe.setup(attributes)
t1_s += clock() - start
start = clock()
(pk, mk) = kpabe.setup()
t2_s += clock() - start
start = clock()
emykey = ekpabe.keygen(epk, emk, policy)
t1_k += clock() - start
start = clock()
mykey = kpabe.keygen(pk, mk, policy)
t2_k += clock() - start
for i in range(50):
start = clock()
eciphertext = ekpabe.encrypt(epk, msg1, attributes)
t1_e += clock() - start
start = clock()
ciphertext = kpabe.encrypt(pk, msg2, attributes)
t2_e += clock() - start
start = clock()
erec_msg = ekpabe.decrypt(eciphertext, emykey)
t1_d += clock() - start
start = clock()
rec_msg = kpabe.decrypt(ciphertext, mykey)
t2_d += clock() - start
assert msg1 == erec_msg
assert msg2 == rec_msg
print("yct14 s=%s k=%s e=%s d=%s" % (t1_s, t1_k, t1_e, t1_d))
print("lsw08 s=%s k=%s e=%s d=%s" % (t2_s, t2_k, t2_e, t2_d))
def decryption_time(storage, q_list):
iterations = 1
timings = []
aggregate_time = []
aggregate_size = []
no_of_bits = len(list(bin(storage['n'])[2:])) + 1
kpabe = KPabe(group)
for q in q_list:
check = True
timing = 0.0
gen_timing = 0.0
for i in xrange(iterations):
more_than_equal, less_than = generate_range(storage, q)
start = time.clock()
policy = policy_less_than(
'A', less_than, no_of_bits) + " and " + policy_more_than_equal(
'A', more_than_equal, no_of_bits)
secret_key = kpabe.keygen(storage['master_public_key'],
storage['master_key'], policy)
end = time.clock()
gen_timing += end - start
cipher_text = storage['cipher'][more_than_equal:less_than]
plain_text = storage['plain'][more_than_equal:less_than]
start = time.clock()
result = [kpabe.decrypt(ct, secret_key) for ct in cipher_text]
end = time.clock()
timing += end - start
if (plain_text != result):
check = False
aggregate_time.append((q, gen_timing / iterations))
aggregate_size.append(
(q, getsizeof(pickle.dumps(objectToBytes(secret_key, group)))))
if (check == True):
timings.append((q, timing / iterations))
else:
timings.append((q, 'error'))
return timings
def callSetup(groupObj, schemeName):
#calling a new groupObj somehow destroys the benchmark module
#groupObj = PairingGroup(curve)
if schemeName == 'bsw07':
scheme = CPabe_BSW07(groupObj)
elif schemeName == 'lw08':
scheme = KPabe(groupObj)
elif schemeName == 'waters09':
scheme = CPabe09(groupObj)
elif schemeName == 'rw12':
scheme = CPABE_RW12(groupObj)
elif schemeName == 'ot12':
scheme = CPABE_OT12(groupObj)
elif schemeName == 'AESCBC':
return getAESCBC(groupObj)
print("Setup(",curve,",", schemeName, ") ", end="")
if schemeName == 'waters09':#great implementation! :)
(mk, pp) = scheme.setup()
else:
(pp, mk) = scheme.setup()
return (scheme, pp, mk)
def kpabe_decrypt(group, mpk, deckey, ctxt):
"""Decrypts a ciphertext using the Lewmko2008rws KP-ABE Scheme.
The plaintext will be returned iff the set of attributes used to
generate the cipher-text can be satisfied by the policy within the
decryption key.
@param group The `PairingGroup` used within the underlying crypto.
@param mpk The Master Public Key of type `mk_t`.
@param deckey The decryption key of type `sk_t`.
@param ctxt The `bytearray` resulting from `io.open` or `io.IOBytes`
containing the ciphertext.
@return A `bytearray` containing the plaintext.
@throw PebelDecryptionException if deckey cannot satisfy the
policy within the ciphertext.
"""
kpabe = KPabe(group)
ptxt = io.BytesIO()
iv = ctxt.read(AES.block_size)
session_key_size = struct.unpack('<Q',
ctxt.read(struct.calcsize('Q')))[0]
session_key_ctxt = bytesToObject(ctxt.read(session_key_size), group)
session_key = kpabe.decrypt(session_key_ctxt, deckey)
if session_key:
symcipher = AES.new(sha(session_key)[0:32], AES.MODE_CFB, iv)
for b in read_data(bin_data=ctxt, chunksize=AES.block_size):
ptxt.write(symcipher.decrypt(b))
ptxt.flush()
return ptxt.getvalue()
else:
raise PebelDecryptionException("Unable to decrypt given ciphertext")
def main():
groupObj = PairingGroup('SS512')
kpabe = KPabe(groupObj)
hyb_abe = HybridABEnc(kpabe, groupObj)
access_key = '((ONE or TWO) and THREE)'
access_policy = ['ONE', 'TWO', 'THREE']
message = b"hello world this is an important message."
(pk, mk) = hyb_abe.setup()
if debug: print("pk => ", pk)
if debug: print("mk => ", mk)
sk = hyb_abe.keygen(pk, mk, access_key)
if debug: print("sk => ", sk)
ct = hyb_abe.encrypt(pk, message, access_policy)
mdec = hyb_abe.decrypt(ct, sk)
assert mdec == message, "Failed Decryption!!!"
if debug: print("Successful Decryption!!!")
def decrypt_query(self, sk, cipher_matrix, queries):
'''
Decryption requires master_public_key, user secret key, and cipher
'''
group = PairingGroup('SS512')
kpabe = KPabe(group)
hyb_abe = HybridKPABEnc(kpabe, group)
#convert to lower case
msg = ""
for query in queries:
s1 = query[0].lower()
s2 = query[1].lower()
cipher = cipher_matrix.get_cell_by_symbol(s1, s2)
msg += hyb_abe.decrypt(cipher, sk) + " "
return msg
def __init__(self, symbol_graph):
'''
Constructor
'''
# initialize CPABEnc object
self._group = PairingGroup('SS512')
self._kpabe = KPabe(self._group)
self._hyb_abe = HybridKPABEnc(self._kpabe, self._group)
# attributes should be vertices
# since its diDraph, the query of two vertices sequence matters
# row and col symbol is interpreted differently
self._symbol_graph = symbol_graph
symbols = self._symbol_graph.get_keys()
for i in symbols:
# r means row attributes
self._attributes.append(symbols[i] + 'r')
# c means column attributes
self._attributes.append(symbols[i] + 'c')
def testKPabe(self):
groupObj = PairingGroup('MNT224')
kpabe = KPabe(groupObj)
(pk, mk) = kpabe.setup()
policy = '(ONE or THREE) and (THREE or TWO)'
attributes = ['ONE', 'TWO', 'THREE', 'FOUR']
msg = groupObj.random(GT)
mykey = kpabe.keygen(pk, mk, policy)
if debug: print("Encrypt under these attributes: ", attributes)
ciphertext = kpabe.encrypt(pk, msg, attributes)
if debug: print(ciphertext)
rec_msg = kpabe.decrypt(ciphertext, mykey)
assert msg == rec_msg
if debug: print("Successful Decryption!")