def read(user, record):
"""
Function to read some public health record, from a given user. Returns
all parts of the record.
:param user: User public key that wants to read the health record
:param record: Public health record to be read
"""
# Get the record from the file system and load the key
data = data_helper.load(user, record)
user_key = load_user_key(user)
# Decrypt the symmetric key using the TIPRE key
sym_crypto_key = pre.decrypt(get_params(), user_key, data[SYMKEY()])
# Setup symmetric crypto
sym_crypto = SymmetricCryptoAbstraction(extract_key(sym_crypto_key))
# Attempt to decrypt all columns and return
decrypted_record = {
k: sym_crypto.decrypt(v)
for k, v in data.items() if k != SYMKEY()
}
return decrypted_record
def encrypt(self, pk, M, object):
key = self.group.random(GT)
c1 = abenc.encrypt(pk, key, object)
# instantiate a symmetric enc scheme from this key
cipher = AuthenticatedCryptoAbstraction(extract_key(key))
c2 = cipher.encrypt(M)
return {'c1': c1, 'c2': c2}
def dec(self, sk, tag, ctx, group):
s1, s2 = [group.random(ZR) for i in range(2)]
K = (ctx.C1**(sk.x1 + s1 * (tag * sk.x1 + sk.y1)) *
ctx.C2**(sk.x2 + s2 *
(tag * sk.x2 + sk.y2))) / (ctx.D1**s1 * ctx.D2**s2)
M = ctx.E / K
self.symkey = extract_key(pair(M, M))
return M
def enc(self, pk, tag, msg):
group = pk.group
r1, r2 = [group.random(ZR) for i in range(2)]
C1 = pk.g1**r1
C2 = pk.g2**r2
D1 = (pk.z**(tag * r1)) * (pk.u1**r1)
D2 = (pk.z**(tag * r2)) * (pk.u2**r2)
K = pk.z**(r1 + r2)
E = msg * K
self.symkey = extract_key(pair(msg, msg))
return Ciphertext(C1, C2, D1, D2, E)
def decrypt(GPP, user, CT):
GPP = json2GPP(GPP)
user = json2PrivateUser(user)
CT = json2CT(CT)
encryptedKey = CT['encryptedKey']
encryptData = CT['encryptedData']
contentKey = cp_abe.decrypt(GPP, encryptedKey, user)
symmetricKey = extract_key(contentKey)
aes = AesEncryption(symmetricKey)
data = aes.decrypt(encryptData)
return data
def encrypt(GPP, data, policy_str, authorities, authorityId, user):
GPP = json2GPP(GPP)
authorities = json2Authorities(authorities)
user = json2PrivateUser(user)
contentKey = user['contentKey']
encryptedKey = cp_abe.encrypt(GPP, policy_str, contentKey,
authorities[authorityId])
symmetricKey = extract_key(contentKey)
aes = AesEncryption(symmetricKey)
encryptedData = aes.encrypt(str.encode(data))
CT = {'encryptedKey': encryptedKey, 'encryptedData': encryptedData}
return CT2Json(CT)
def insert(user, data, record, type_attribute):
"""
Insert data into a public health record.
:param user: User that wants to insert data
:param data: Data to be inserted
:param record: Public health record in which data is inserted.
:param type_attribute: The type for this record
"""
# Check if some arguments are correct
if record is None:
sys.exit("Please provide the record")
if SYMKEY() in data:
sys.exit("Data contains the key {}, please use a different key".format(
SYMKEY()))
# Load the users key
user_key = load_user_key(user)
# Create new symmetric key
sym_crypto_key = group.random(GT)
sym_crypto = SymmetricCryptoAbstraction(extract_key(sym_crypto_key))
# Encrypt symmetric key with TIPRE
# and the data using the symmetric key
encrypted_sym_key = pre.encrypt(get_params(), user, sym_crypto_key,
user_key, type_attribute)
encrypted_data = {k: sym_crypto.encrypt(v) for k, v in data.items()}
encrypted_data[SYMKEY()] = encrypted_sym_key
# Store the data
try:
data_helper.save(user, type_attribute, encrypted_data, record)
print("Data is inserted into record \'{}\' by \'{}\'".format(
record, user))
print("Data to insert into record:\n{}".format(data))
except RecordAlreadyExists as e:
print(e)
def decrypt(self, ct, sk):
c1, c2 = ct['c1'], ct['c2']
key = abenc.decrypt(c1, sk)
cipher = AuthenticatedCryptoAbstraction(extract_key(key))
return cipher.decrypt(c2)
from charm.toolbox.pairinggroup import PairingGroup, ZR, G1, G2, GT, pair, extract_key
from charm.toolbox.symcrypto import AuthenticatedCryptoAbstraction, SymmetricCryptoAbstraction
from charm.core.math.pairing import hashPair as extractor
group = PairingGroup("SS512")
msg = b"This is a secret message that is larger than the group elements and has to be encrypted symmetrically"
print("original msg\n", msg)
r = group.random(G1)
print("random num\n", r)
# key = extractor(r)
key = extract_key(r)
print("symmetric key\n", key)
symcrypt = SymmetricCryptoAbstraction(
key) # or SymmetricCryptoAbstraction without authentication
# by default algo is AES in CBC mode
# encryption
ciphertext = symcrypt.encrypt(msg)
print("ciphertext\n", ciphertext)
# decryption
recoveredMsg = symcrypt.decrypt(ciphertext)
print("recovered msg\n", recoveredMsg)
assert msg == recoveredMsg
}
if __name__ == '__main__':
from charm.toolbox.pairinggroup import PairingGroup, GT, extract_key
from charm.toolbox.symcrypto import SymmetricCryptoAbstraction
group = PairingGroup('SS512', secparam=1024)
pre = TIPRE(group)
ID1 = "Alice"
ID2 = "Bob"
msg = b'Message to encrypt'
type_attribute = group.random(ZR)
symcrypto_key = group.random(GT)
symcrypto = SymmetricCryptoAbstraction(extract_key(symcrypto_key))
bytest_text = symcrypto.encrypt(msg)
(master_secret_key, params) = pre.setup()
# Run by trusted party, someone needs to handle the master secret key
id1_secret_key = pre.keyGen(master_secret_key, ID1)
id2_secret_key = pre.keyGen(master_secret_key, ID2)
# Run by delegator (id_name_1), encrypt the sym key
ciphertext = pre.encrypt(params, ID1, symcrypto_key, id1_secret_key, type_attribute)
# Directly decrypt ciphertext by the same party
plain = pre.decrypt(params, id1_secret_key, ciphertext)
print('Symmetric key directly decrypted by party 1: {}\n'.format(plain))
