def encrypt(self, pk, m): (k, ID, x) = encap.S(pk['pub']) if type(m) != bytes: m = bytes(m, 'utf8') if type(x) != bytes: x = bytes(x, 'utf8') ID2 = group.hash(ID, ZR) m2 = m + b':' + x kprime = group.random(GT) kprimeStr = self.elmtToString(kprime, len(m2)) C1 = ibenc.encrypt(pk['PK'], ID2, kprime) C2 = self.str_XOR(m2, kprimeStr) C2 = C2.encode('utf8') C1prime = pickleObject(serializeObject(C1, group)) tag = hmac.new(k, C1prime+C2, hashlib.sha1).digest() cipher = { 'ID':ID, 'C1':C1, 'C2':C2, 'tag':tag } return cipher
def decrypt(self, pk, sk, c): ID2 = group.hash(c['ID'], ZR) SK = ibenc.extract(sk['msk'], ID2) kprime = ibenc.decrypt(pk, SK, c['C1']) kprimeStr = self.elmtToString(kprime, len(c['C2'])) m2 = self.str_XOR(c['C2'], kprimeStr) x = m2.split(':')[1] k = encap.R(pk['pub'], c['ID'], x) C1prime = pickleObject(serializeObject(c['C1'], group)) if(c['tag'] == hmac.new(k, C1prime+c['C2'], hashlib.sha1).digest()): return bytes(m2.split(':')[0], 'utf8') else: return b'FALSE'