def test2():
client = UdpEndPoint()
p = UdpEndPoint()
group_object = PairingGroup('SS512')
key_client = group_object.random(GT)
key_p = group_object.random(GT)
nonce = OpenSSLRand().getRandomBits(128)
server_crypter_a = SymmetricCryptoAbstraction(extractor(key_client))
server_crypter_b = SymmetricCryptoAbstraction(extractor(key_p))
c_package_a = test1(client, p, nonce,
objectToBytes(key_client, group_object),
objectToBytes(key_p, group_object))
print('===========================================================')
print(c_package_a)
key_package_a = server_crypter_a.decrypt(c_package_a)
key_package_a = bytesToObject(key_package_a, group_object)
key_package_b = server_crypter_b.decrypt(key_package_a[3])
key_package_b = bytesToObject(key_package_b, group_object)
print('===========================================================')
i = 1
for thing in key_package_a:
print(str(i) + '.', thing)
i += 1
print('===========================================================')
j = 1
for thing in key_package_b:
print(str(j) + '.', thing)
j += 1
print('===========================================================')
def test1(client, p, nonce, key_client, key_p):
group_object = PairingGroup('SS512')
shared_key = group_object.random(GT)
crypter_a = SymmetricCryptoAbstraction(
extractor(bytesToObject(key_client, group_object)))
crypter_b = SymmetricCryptoAbstraction(
extractor(bytesToObject(key_p, group_object)))
package_b = crypter_b.encrypt(
objectToBytes([shared_key, serialize_endpoint(client)], group_object))
package_a = crypter_a.encrypt(
objectToBytes([
Conversion.OS2IP(nonce), shared_key,
serialize_endpoint(p), package_b
], group_object))
return package_a
def decrypt_range(self, start, end, param, kac, msk):
leaves = iter([])
kac_ct = []
ct = []
plain = []
kac_p = []
S = []
kac_nodes = sorted(self.lookup_range(start, end),
key=lambda node: node.kac_index)
for n in kac_nodes:
S.append(n.kac_index)
kac_ct.append(n.kac_cipher)
K_s = kac.extract(msk, S, param)
start_time = time.clock()
kac_plain = kac.decrypt_general(K_s, S, S, kac_ct, param)
ct = (i.cipher for i in kac_nodes)
decrypted = (SymmetricCryptoAbstraction(extractor(k)).decrypt(c)
for k, c in itertools.izip(kac_plain, ct))
for n, m in itertools.izip(kac_nodes, decrypted):
leaves = itertools.chain(
leaves,
HashTree(m, n.min_val, n.max_val).generate_tree())
end_time = time.clock()
return leaves, end_time - start_time
def main():
groupObj = PairingGroup('SS512')
dabe = Dabe(groupObj)
TP = dabe.get_Trapdoor_json("TRAPDOOR.json")
par_filelist = get_files("./PARTIAL_CIPHERTEXT")
if len(par_filelist) == 0:
return
des = "./PLAINTEXT/"
if os.path.exists(des):
shutil.rmtree(des)
os.mkdir(des)
for i in par_filelist:
Par_CT = dabe.get_Par_CT_json(i)
orig_m = dabe.full_decrypt(TP, Par_CT)
#print("\nSymmetric key is")
#print(orig_m)
symcrypt = SymmetricCryptoAbstraction(extractor(orig_m))
filename = "./MATCHED_FILE/SYMMETRIC_CIPHERTEXT_" + (
i.split('_'))[3].split('.')[0] + ".ct"
with open(filename, 'r') as f:
cm = f.read()
pm = symcrypt.decrypt(cm)
#print(str(pm, encoding = 'utf-8'))
filename = "./PLAINTEXT/SYMMETRIC_PLAINTEXT_" + (
i.split('_'))[3].split('.')[0] + ".pp"
with open(filename, 'w') as file_object:
file_object.write(str(pm, encoding='utf-8'))
def decrypt_range(self, start, end, param, kac, msk): leaves = iter([]) kac_ct = [] ct = [] plain = [] kac_p = [] S = [] kac_nodes = sorted(self.lookup_range(start, end), key=lambda node: node.kac_index) for n in kac_nodes: S.append(n.kac_index) kac_ct.append(n.kac_cipher) K_s = kac.extract(msk, S, param) start_time = time.clock() kac_plain = kac.decrypt_general(K_s, S, S, kac_ct, param) ct = (i.cipher for i in kac_nodes) decrypted = (SymmetricCryptoAbstraction(extractor(k)).decrypt(c) for k, c in itertools.izip(kac_plain, ct)) for n, m in itertools.izip(kac_nodes, decrypted): leaves = itertools.chain(leaves, HashTree(m, n.min_val, n.max_val).generate_tree()) end_time = time.clock() return leaves, end_time-start_time
def encrypt(self, pk, M, policy_str):
policy = util.createPolicy(policy_str)
a_list = util.getAttributeList(policy)
s = group.random(ZR)
#st = group.random(ZR)
#print('s_t=>',st)
shares = util.calculateSharesDict(s, policy)
C = pk['h']**s
C_y, C_y_pr = {}, {}
A_y, B_y = {}, {}
for i in shares.keys():
j = util.strip_index(i)
r_t = group.random(ZR)
s_t = group.random(ZR)
C_y[i] = pk['g']**(shares[i] * s_t)
C_y_pr[i] = group.hash(j, G2)**(shares[i] * s_t)
A_y[i] = pk['g']**r_t #
B_y[i] = s_t + group.hash(extractor(pair(pk['m'], pk['f'])**r_t),
ZR)
return {
'C_tilde': (pk['e_gg_alpha']**s) * M,
'C': C,
'Cy': C_y,
'Cyp': C_y_pr,
'Ay': A_y,
'By': B_y,
'policy': unicode(policy_str),
'attributes': a_list
}
def hash(msg):
xi = chamHash.hash(pk, sk, msg)
etd = [xi['p1'], xi['q1']]
#if debug: print("Hash...")
#if debug: print("hash result =>", xi)
# encrypt
rand_key = groupObj.random(GT)
#if debug: print("msg =>", rand_key)
#encrypt rand_key
maabect = maabe.encrypt(public_parameters, maabepk, rand_key,
access_policy)
#rand_key->symkey AE
symcrypt = AuthenticatedCryptoAbstraction(extractor(rand_key))
#symcrypt msg(etd=(p1,q1))
etdtostr = [str(i) for i in etd]
etdsumstr = etdtostr[0] + etdtostr[1]
symct = symcrypt.encrypt(etdsumstr)
ct = {'rkc': maabect, 'ec': symct}
#if debug: print("\n\nCiphertext...\n")
#groupObj.debug(ct)
#print("ciphertext:=>", ct)
h = {
'h': xi['h'],
'r': xi['r'],
'cipher': ct,
'N1': xi['N1'],
'e': xi['e']
}
return h
def encryptAES(encryptionFileAES):
keyAES = group.random(GT)
symcrypt = AuthenticatedCryptoAbstraction(extractor(
keyAES)) # or SymmetricCryptoAbstraction without authentication
ciphertext = symcrypt.encrypt(encryptionFileAES)
return keyAES, ciphertext
def collision(msg1, msg2, h):
#decrypt rand_key
rec_key = maabe.decrypt(public_parameters, user_sk, h['cipher']['rkc'])
#rec_key->symkey AE
rec_symcrypt = AuthenticatedCryptoAbstraction(extractor(rec_key))
#symdecrypt rec_etdsumstr
rec_etdsumbytes = rec_symcrypt.decrypt(h['cipher']['ec'])
rec_etdsumstr = str(rec_etdsumbytes, encoding="utf8")
#print("etdsumstr type=>",type(rec_etdsumstr))
#sumstr->etd str list
rec_etdtolist = cut_text(rec_etdsumstr, 309)
# print("rec_etdtolist=>",rec_etdtolist)
#etd str list->etd integer list
rec_etdint = {
'p1': integer(int(rec_etdtolist[0])),
'q1': integer(int(rec_etdtolist[1]))
}
#print("rec_etdint=>",rec_etdint)
r1 = chamHash.collision(msg1, msg2, h, rec_etdint, pk)
#if debug: print("new randomness =>", r1)
new_h = {
'h': h['h'],
'r': r1,
'cipher': h['cipher'],
'N1': h['N1'],
'e': h['e']
}
return new_h
def decrypt_text(self, ct, secret):
try:
k = extractor(secret)
symcrypt = SymmetricCryptoAbstraction(k)
text = symcrypt.decrypt(ct)
return text
except Exception as e:
print("Unexpected error:", str(e))
def encrypt_text(self, pt, secret):
try:
k = extractor(secret)
symcrypt = SymmetricCryptoAbstraction(k)
ct = symcrypt.encrypt(pt)
return ct
except Exception as e:
print("Unexpected error:", str(e))
def decryptAES(readFileCipherText, keyAES):
pickleFileCipherText = pickleLoad(readFileCipherText)
ct = byToOb(pickleFileCipherText)
symcrypt = AuthenticatedCryptoAbstraction(extractor(keyAES))
recoveredMsg = symcrypt.decrypt(ct)
print("Decrypted File using AES:")
print(recoveredMsg.decode("utf-8"))
return recoveredMsg
def encrypt(self, pk, M, attr_list):
if debug: print('Encryption Algorithm...')
k = group.random(ZR)
Cs = pk**k
Ci = {}
for attr in attr_list:
Ci[attr] = self.attribute[attr]**k
symcrypt = SymmetricCryptoAbstraction(extractor(Cs))
C = symcrypt.encrypt(M)
return {'C': C, 'Ci': Ci, 'attributes': attr_list}
def decrypt(key, cipher):
a = SymmetricCryptoAbstraction(extractor(key))
results = 0.0
for i in range(0, number):
start = time.clock()
a.decrypt(content)
end = time.clock()
results += end - start
mean = results / number
logging.info("AES decrypt: " + str(mean))
content = a.decrypt(cipher)
return content
def main():
groupObj = PairingGroup('SS512')
dabe = Dabe(groupObj)
GP = dabe.get_global_PP_json("./gpp/global_parameters.json")
filename = "SERVER_KEY.json"
pk_ser = {}
with open(filename, 'r') as f:
Ser_json = json.load(f)
for i in (Ser_json['pk_ser']).keys():
pk_ser['V'] = groupObj.deserialize(bytes(Ser_json['pk_ser']['V'], encoding='utf-8'))
pk_ser['X'] = groupObj.deserialize(bytes(Ser_json['pk_ser']['X'], encoding='utf-8'))
with open('./policy.pp', 'r') as f:
lists = f.readlines()
policy = lists[0].rstrip('\n')
with open('./message.pp', 'r') as f:
pm = f.read()
# symmetric key for encryption
ssk = groupObj.random(GT)
print("\nsymmetric key is\n")
print(ssk)
symcrypt = SymmetricCryptoAbstraction(extractor(ssk))
SSCT = symcrypt.encrypt(pm)
filename = "SYMMETRIC_CIPHERTEXT.ct"
with open(filename, 'w') as file_object:
file_object.write(SSCT)
#m = groupObj.init(GT, tt)
# Number of keywords for index generation
print("\nEncrypted search index is")
num_kw = int(sys.argv[1])
keywords = []
for i in range(0, num_kw):
keywords.append(sys.argv[2 + i])
Offline_CT = dabe.get_Offline_CT_json("OFFLINE_CIPHERTEXT.json")
CT = dabe.online_encrypt(GP, pk_ser, Offline_CT, ssk, policy, keywords)
print(CT)
filename = "ENCRYPTED_INDEX.json"
FullCT_json = {}
for i in CT.keys():
if type(CT[i]) == dict:
FullCT_json[i] = {}
for j in CT[i].keys():
FullCT_json[i].update({j: str(groupObj.serialize(CT[i][j]), encoding='utf-8')})
elif i == 'policy':
FullCT_json[i] = CT[i]
else:
FullCT_json[i] = str(groupObj.serialize(CT[i]), encoding='utf-8')
with open(filename, 'w') as file_object:
json.dump(FullCT_json, file_object)
def decrypt(self, C, D):
policy = util.createPolicy(D['policy'])
attrs = util.prune(policy, C['attributes'])
if attrs == False:
return False
coeff = util.getCoefficients(policy)
Z = {}
prodT = 1
for i in range(len(attrs)):
x = attrs[i].getAttribute()
y = attrs[i].getAttributeAndIndex()
Z[y] = C['Ci'][x]**D['Du'][x]
prodT *= Z[y]**coeff[y]
symcrypt = SymmetricCryptoAbstraction(extractor(prodT))
return symcrypt.decrypt(C['C'])
def proxy_decrypt(self, pk, sk, ct, valid_attr):
policy = util.createPolicy(ct['policy'])
pruned_list = util.prune(policy, valid_attr)
if pruned_list == False:
return False
z = util.getCoefficients(policy)
A = 1
print(pruned_list)
for i in pruned_list:
j = i.getAttributeAndIndex()
k = i.getAttribute()
s_t = ct['By'][j] - group.hash(
extractor(pair(sk['TK'], ct['Ay'][j])), ZR) #
A *= (pair(ct['Cy'][j], sk['Dj'][k]) /
pair(sk['Djp'][k], ct['Cyp'][j]))**(z[j] / s_t)
return {'C_tilde': ct['C_tilde'], 'C': ct['C'], 'FR': A}
def _create_meta(self):
"""Create meta information about the file with keys
"""
# https://jhuisi.github.io/charm/toolbox/symcrypto.html#symcrypto.SymmetricCryptoAbstraction
el = self.pairing_group.random(GT)
self.meta = {
'el': el,
'sym_key': extractor(el),
'nonce': secrets.token_bytes(8),
'policy': '(DEPT1 and TEAM1)', # hardcoded - TBD
'chunk_size': self.chunk_size,
'random_size': self.random_size,
're_encs': []
}
self._add_initial_re_encs_info(self.initial_re_encs_num)
# self.sym_cipher = SymmetricCryptoAbstraction(self.meta['sym_key'])
return self.meta
def __init__(self, face, baseName, deviceName, presharedKey):
"""
Initialize:
Identity-Based Encryption scheme
Identity-Based Signature scheme
:param Face face:
:param Name baseName:
:param Name deviceName:
"""
#Initialize IBC schemes
self.ibe_scheme = IbeWaters09()
self.ibs_scheme = IbsWaters()
self.face = face
self.presharedKey = extractor(
bytesToObject(presharedKey, self.ibe_scheme.group))
self.baseName = Name(baseName)
self.deviceName = Name(self.baseName).append(deviceName)
def bfs_encrypt(self, pk, param, kac): queue = [self] index = 1 while len(queue)>0: current = queue.pop(0) current.kac_index = index # print current.kac_index, current.data, current.min_val, current.max_val index += 1 # use kac plaintext to encrypt message m = group.random(GT) current.kac_cipher = kac.encrypt(pk, current.kac_index, m, param) current.cipher = SymmetricCryptoAbstraction(extractor(m)).encrypt(current.data) if current.left is not None: queue.append(current.left) if current.right is not None: queue.append(current.right)
def bfs_encrypt(self, pk, param, kac):
queue = [self]
index = 1
while len(queue) > 0:
current = queue.pop(0)
current.kac_index = index
# print current.kac_index, current.data, current.min_val, current.max_val
index += 1
# use kac plaintext to encrypt message
m = group.random(GT)
current.kac_cipher = kac.encrypt(pk, current.kac_index, m, param)
current.cipher = SymmetricCryptoAbstraction(extractor(m)).encrypt(
current.data)
if current.left is not None:
queue.append(current.left)
if current.right is not None:
queue.append(current.right)
def _create_meta(self):
"""
Create meta information about the file with keys
:return: created meta information
"""
# Get a random element of the pairing group used for symmetric key generation
el = self.pairing_group.random(GT)
# Create meta information
self.meta = {
'el': el,
'sym_key': extractor(el),
'nonce': secrets.token_bytes(8),
'policy': '(DEPT1 and TEAM1)', # TODO CHANGE FOR REAL USE
'chunk_size': self.chunk_size,
'random_size': self.random_size,
're_encs': []
}
# Add re-encryption information
self._add_initial_re_encs_info(self.initial_re_encs_num)
return self.meta
# print("Re-encryption successfully removed")
# print("Re-encryptions successfully removed")
# Anti-transform file chunk
# print("Remove AONT from encrypted file chunk")
aont_args = {'nBits': len(chunk) * 8, 'k0BitsInt': 256}
chunk = aont.anti_transform(data=chunk, args=aont_args, debug=0)
# print("ANTI-TRANSFORMED CHUNK = (%d) %s" % (len(chunk), chunk))
# print("AONT successfully removed")
enc_el = bytesToObject(bytearray.fromhex(meta['enc_el']),
pairing_group)
enc_el['policy'] = str(PolicyParser().parse(policy))
el = cpabe.decrypt(next(iter(abe_pk.values())),
next(iter(abe_sk.values())), enc_el)
meta['sym_key'] = extractor(el)
meta['nonce'] = bytearray.fromhex(meta['nonce'])
# print('SYM KEY =', meta['sym_key'])
# print('SYM KEY 16 =', meta['sym_key'][:16])
# Decrypt the anti-transformed file chunk with the sym key and write it on the temporary file
sym_cipher = AES.new(meta['sym_key'][:16],
AES.MODE_CTR,
nonce=meta['nonce'])
x = sym_cipher.decrypt(chunk)
# print("got chunk in _decode: ", x)
exit(0)
# sym_cipher = AES.new(b'\xab\x00', AES.MODE_CTR, nonce=b'\x00\x11')
def _load_meta(self, metafile):
"""
Fetch, decrypt and decode the metafile containing keys TODO (create if it does not exist?)
:param metafile: metadata file
:return: loaded meta information
"""
# Read file content
try:
if self.debug:
print("try to open metafile: " + metafile)
with open(metafile, 'r') as f:
enc_meta = json.load(f)
except FileNotFoundError:
# print("Metafile not found")
# TBD: try to recover?
error = 1 # TODO USED ONLY TO FILL PRINT DISABLING
# Retrieve encrypted pairing group element information
enc_el = bytesToObject(bytearray.fromhex(enc_meta['enc_el']),
self.pairing_group)
policy = PolicyParser().parse(enc_meta['policy'])
enc_el['policy'] = str(policy)
# Decrypt the pairing group element with CP-ABE
el = abe.decrypt(enc_el, next(iter(self.abe_pk.values())),
next(iter(self.abe_sk.values())), self.pairing_group,
self.debug)
if self.debug:
print("decrypt")
print("pk: ", next(iter(self.abe_pk.values())))
print("sk: ", next(iter(self.abe_sk.values())))
print("policy: ", enc_el['policy'])
# Load all in clear
self.meta = {
'el': el,
'sym_key': extractor(el),
'nonce': bytearray.fromhex(enc_meta['nonce']),
'policy': enc_meta['policy'],
'chunk_size': enc_meta['chunk_size'],
'random_size': enc_meta['random_size'],
're_encs': enc_meta['re_encs']
}
# Check if there is re-encryption information
if len(enc_meta['re_encs']):
# Retrieve re-encryption public and secret keys
re_enc_op = enc_meta['re_encs'][0]
key_pair_label = re_enc_op['pk']
pk = self.abe_pk[key_pair_label]
sk = self.abe_sk[key_pair_label]
#print('LOAD META PRE ABE', re_enc_op)
# Decrypt seed
enc_seed = bytesToObject(unhexlify(re_enc_op['enc_seed']),
self.pairing_group)
enc_seed['policy'] = re_enc_op['policy']
seed = abe.decrypt(enc_seed, pk, sk, self.pairing_group,
self.debug)
# Decrypt symmetric key
enc_key = bytesToObject(unhexlify(re_enc_op['enc_key']),
self.pairing_group)
enc_key['policy'] = re_enc_op['policy']
key = abe.decrypt(enc_key, pk, sk, self.pairing_group, self.debug)
# Add decrypted seed and key, and IV
self.meta['re_encs'][0]['enc_seed'] = seed
self.meta['re_encs'][0]['enc_key'] = key
self.meta['re_encs'][0]['iv'] = unhexlify(re_enc_op['iv'])
#print('LOAD META POST ABE', self.meta['re_encs'][0])
return self.meta
def onData(self, interest, data):
"""
Data:
Content:
master_public_key to PKG
ibeKey = ibe(randomKey)
cipher = encrypt(PrivateKey, randomKey)
Decode the master_public_key and compare it to the device.master_public_key (if they match, they trust the same PKG)
Decrypt the symmetric key, and decrypt the cipher
Sensor Data reveiced!
:param Interest interest:
:param Data data:
"""
self.ibs_scheme.verifyData(self.signature_master_public_key, data,
self.onVerifiedData,
self.onVerifyDataFailed)
message = messageBuf_pb2.Message()
message.ParseFromString(data.getContent().toRawStr())
# TODO: compare nonce
session = message.nonce
if (message.type == messageBuf_pb2.Message.SENSOR_DATA):
if (message.encAlgorithm == messageBuf_pb2.Message.AES):
# Check if IBS algorithm is the same
if not (self.ibs_scheme.algorithm == message.ibsAlgorithm):
logging.error("IBS algorithm doesnt match! Receiver: " +
self.ibs_scheme.algorithm + ", Sender: " +
message.ibsAlgorithm)
#Compare signature_master_public_key
signatureMasterPublicKeyDict = ast.literal_eval(
message.identityBasedSignatureMasterPublicKey)
messageSignatureMPK = deserializeObject(
signatureMasterPublicKeyDict, self.ibs_scheme.group)
if not (self.signature_master_public_key
== messageSignatureMPK):
logging.error("SignatureMasterPulicKey does not match!")
# Check if IBE algorithm is the same
if not (self.ibe_scheme.algorithm == message.ibeAlgorithm):
logging.error("IBE algorithm doesnt match! Receiver: " +
self.ibe_scheme.algorithm + ", Sender: " +
message.ibeAlgorithm)
#Compare master_public_key
masterPublicKeyDict = ast.literal_eval(
message.identityBasedMasterPublicKey)
messageMPK = deserializeObject(masterPublicKeyDict,
self.ibe_scheme.group)
if not (self.master_public_key == messageMPK):
logging.error("MasterPulicKey does not match!")
#Decrypt identityBasedEncrypedKey
identityBasedEncryptedKeyDict = ast.literal_eval(
message.identityBasedEncryptedKey)
identityBasedEncryptedKey = deserializeObject(
identityBasedEncryptedKeyDict, self.ibe_scheme.group)
key = self.ibe_scheme.decryptKey(self.master_public_key,
self.private_key,
identityBasedEncryptedKey)
#Decrypt encryptedMessage
a = SymmetricCryptoAbstraction(extractor(key))
data = a.decrypt(message.encryptedMessage)
# Use data from device to something ..
logging.info("Data received: " + str(data))
self.dataRequestEnd = time.clock()
logging.info("Request and receive data time: " +
str(self.dataRequestEnd - self.dataRequestStart))
def sym_encrypt(plaintext, key):
serial_pt = objectToBytes(plaintext, PairingGroup('SS512'))
encrypter = SymmetricCryptoAbstraction(extractor(key))
return encrypter.encrypt(serial_pt)
def _load_meta(self, metafile):
"""Fetch, decrypt and decode the metafile containing keys.
Create if it does not exist.
"""
try:
if self.debug:
print("try to open metafile: " + metafile)
with open(metafile, 'r') as f:
enc_meta = json.load(f)
except FileNotFoundError:
print("Metafile not found")
# TBD: try to recover?
enc_el = bytesToObject(bytearray.fromhex(enc_meta['enc_el']),
self.pairing_group)
policy = PolicyParser().parse(enc_meta['policy'])
enc_el['policy'] = str(policy)
if self.debug:
print("decrypt")
print("pk: ", next(iter(self.abe_pk.values())))
print("sk: ", next(iter(self.abe_sk.values())))
print("policy: ", enc_el['policy'])
# Decrypt the group element with CP-ABE
el = abe.decrypt(enc_el, next(iter(self.abe_pk.values())),
next(iter(self.abe_sk.values())), self.pairing_group,
self.debug)
# Load all in clear
self.meta = {
'el': el,
'sym_key': extractor(el),
'nonce': bytearray.fromhex(enc_meta['nonce']),
'policy':
enc_meta['policy'], # '(DEPT1 and TEAM1)', # hardcoded - TBD
'chunk_size': enc_meta['chunk_size'],
'random_size': enc_meta['random_size'],
're_encs': enc_meta['re_encs']
}
for i in range(len(enc_meta['re_encs'])):
# Retrieve public and secret keys
re_enc_op = enc_meta['re_encs'][i]
key_pair_label = re_enc_op['pk']
pk = self.abe_pk[key_pair_label]
sk = self.abe_sk[key_pair_label]
# Decrypt seed
enc_seed = bytesToObject(unhexlify(re_enc_op['enc_seed']),
self.pairing_group)
enc_seed['policy'] = re_enc_op['policy']
seed = abe.decrypt(enc_seed, pk, sk, self.pairing_group,
self.debug)
# Decrypt symmetric key
enc_key = bytesToObject(unhexlify(re_enc_op['enc_key']),
self.pairing_group)
enc_key['policy'] = re_enc_op['policy']
key = abe.decrypt(enc_key, pk, sk, self.pairing_group, self.debug)
# Add decrypted seed and key
self.meta['re_encs'][i]['enc_seed'] = seed
self.meta['re_encs'][i]['enc_key'] = key
self.meta['re_encs'][i]['iv'] = unhexlify(re_enc_op['iv'])
# create a symmetric cypher
# self.sym_cipher = SymmetricCryptoAbstraction(self.meta['sym_key'])
return self.meta
(cloud_pk, cloud_msk) = cpabe.setup()
## START USER KEY PAIR GEN FOR U & CS
pk_cs, sk_cs = cpabe.keygen_user(cloud_pk)
print("Cloud key pair =>", (pk_cs, sk_cs))
pk_u, sk_u = cpabe.keygen_user(cloud_pk)
print("User key pair =>", (pk_u, sk_u))
## START PROXY KEY PAIR GEN
pxy_k_u = cpabe.keygen_proxy(cloud_pk, cloud_msk, pk_u, pk_cs, attrs)
print("Proxy key =>", pxy_k_u)
# GENERATE SYMM (AES) KEY
r = group.random(GT)
secret = extractor(r)
print("Key for file encryption (AES-CBC) =>", secret)
# READ THE INPUT FILE CONTENT
fileObj = open(inputFilename, 'rb')
file_pt = fileObj.read()
fileObj.close()
print("\n============= Original Text =============\n")
print_byte_array(file_pt[:15])
print("...", end=" ")
print("LENGTH OF ORIG FILE", len(file_pt))
# BENCHMARKING: Measure how long the encryption/decryption takes.
startTime = time.time()
from charm.toolbox.pairinggroup import PairingGroup, ZR, G1, G2, GT, pair
from charm.toolbox.symcrypto import AuthenticatedCryptoAbstraction, SymmetricCryptoAbstraction
from charm.core.math.pairing import hashPair as extractor
from CPabe09 import CPabe09
group = PairingGroup("SS512")
# use random pairing to encrypt byte message
pairing = group.random(GT)
msg = b"This is a secret message that is larger than the group elements and has to be encrypted symmetrically"
# extractor can cope with multiple datatypes, actually its just a hash function
symcrypt_sender = AuthenticatedCryptoAbstraction(extractor(pairing))
# setup cp-abe
g1, g2 = group.random(G1), group.random(G2)
alpha, a = group.random(), group.random()
cpabe = CPabe09(group)
(master_secret_key, master_public_key) = cpabe.setup(g1, g2, alpha, a)
# set up the policy for abe
policy = '((ONE or THREE) and (TWO or FOUR))'
# define the attributes for abe
attr_list = ['ONE', 'TWO', 'THREE']
# get the secret key for abe
secret_key = cpabe.keygen(master_public_key, master_secret_key, attr_list)
def onInterest(self, prefix, interest, transport, registeredPrefixId):
"""
Interest:
Name: /ndn/no/ntnu/<device>/sensorPull/<nonce>
Selector: KeyLocator = ID
The ID of the requesting Device is stored in KeyLocator in the Interest,
and the TemporaryMasterPublicKey to the device is sent in the Interest Name as shown above.
Encrypt a symmetric key with the MasterPublicKey and the ID.
Encrypt the SensorData with symmetric encryption, using the symmetric key.
Data:
Content:
master_public_key to PKG
ibeKey = ibe(randomKey)
cipher = encrypt(sensorData, randomKey)
Sign the Data and send.
:param Name prefix:
:param Interest interest:
:param Transport transport: An object of a subclass of Transport to use for communication.
:param Name registeredPrefixId:
"""
self.ibs_scheme.verifyInterest(self.signature_master_public_key,
interest, self.onVerifiedInterest,
self.onVerifyInterestFailed)
ID = ""
if interest.getKeyLocator().getType() == KeyLocatorType.KEYNAME:
ID = interest.getKeyLocator().getKeyName().toUri()
keyName = interest.getName()
session = keyName.get(keyName.size() - 1).toEscapedString()
data = Data(interest.getName())
contentData = "This should be sensordata blablabla"
# Symmetric key for encryption
self.key = self.ibe_scheme.getRandomKey()
# Identity-Based Encryption of symmetric key
identityBasedEncryptedKey = self.ibe_scheme.encryptKey(
self.master_public_key, ID, self.key)
identityBasedEncryptedKey = str(
serializeObject(identityBasedEncryptedKey, self.ibe_scheme.group))
# Master Public Key
identityBasedMasterPublicKey = str(
serializeObject(self.master_public_key, self.ibe_scheme.group))
# Signature Master Public Key
identityBasedSignatureMasterPublicKey = str(
serializeObject(self.signature_master_public_key,
self.ibs_scheme.group))
# Symmetric AES encryption of contentData
a = SymmetricCryptoAbstraction(extractor(self.key))
encryptedMessage = a.encrypt(contentData)
message = messageBuf_pb2.Message()
message.identityBasedMasterPublicKey = identityBasedMasterPublicKey
message.identityBasedSignatureMasterPublicKey = identityBasedSignatureMasterPublicKey
message.identityBasedEncryptedKey = identityBasedEncryptedKey
message.encryptedMessage = encryptedMessage
message.encAlgorithm = messageBuf_pb2.Message.AES
message.ibeAlgorithm = self.ibe_scheme.algorithm
message.ibsAlgorithm = self.ibs_scheme.algorithm
message.nonce = session
message.timestamp = int(round(util.getNowMilliseconds() / 1000.0))
message.type = messageBuf_pb2.Message.SENSOR_DATA
content = message.SerializeToString()
metaInfo = MetaInfo()
metaInfo.setFreshnessPeriod(30000) # 30 seconds
data.setContent(Blob(content))
data.setMetaInfo(metaInfo)
self.ibs_scheme.signData(self.signature_master_public_key,
self.signature_private_key, self.deviceName,
data)
#self.keyChain.sign(data, self.certificateName)
encodedData = data.wireEncode()
logging.info("Encrypting with ID: " + ID)
transport.send(encodedData.toBuffer())
logging.info("Sent encrypted Data")
def main():
groupObj = PairingGroup('SS512')
maabe = MAABE.MaabeRW15(groupObj)
attrs1 = ['ONE', 'TWO']
attrs2 = ['THREE', 'FOUR']
access_policy = '((STUDENT@UT or PROFESSOR@OU) and (STUDENT@UT or MASTERS@OU))'
if debug:
print("attrs1 =>", attrs1)
print("attrs2 =>", attrs2)
print("Policy =>", access_policy)
# setup
public_parameters = maabe.setup()
# authsetup 2AA
(pk1, sk1) = maabe.authsetup(public_parameters, 'UT')
(pk2, sk2) = maabe.authsetup(public_parameters, 'OU')
maabepk = {'UT': pk1, 'OU': pk2}
# keygen
chamHash = chamwithemp.Chamwithemp()
(pk, sk) = chamHash.keygen(1024)
# keygen Bob
gid = "bob"
user_attr1 = ['STUDENT@UT']
user_attr2 = ['STUDENT@OU']
user_sk1 = maabe.multiple_attributes_keygen(public_parameters, sk1, gid,
user_attr1)
user_sk2 = maabe.multiple_attributes_keygen(public_parameters, sk2, gid,
user_attr2)
user_sk = {'GID': gid, 'keys': merge_dicts(user_sk1, user_sk2)}
# hash
msg = "Video provides a powerful way to help you prove your point. When you click Online Video, you can paste in the embed code for t"
xi = chamHash.hash(pk, msg)
etd = [xi['p1'], xi['q1']]
if debug: print("Hash...")
if debug: print("hash result =>", xi)
# encrypt
rand_key = groupObj.random(GT)
if debug: print("msg =>", rand_key)
#encrypt rand_key
maabect = maabe.encrypt(public_parameters, maabepk, rand_key,
access_policy)
#rand_key->symkey AE
symcrypt = AuthenticatedCryptoAbstraction(extractor(rand_key))
#symcrypt msg(etd=(p1,q1))
etdtostr = [str(i) for i in etd]
etdsumstr = etdtostr[0] + etdtostr[1]
symct = symcrypt.encrypt(etdsumstr)
ct = {'rkc': maabect, 'ec': symct}
if debug: print("\n\nCiphertext...\n")
groupObj.debug(ct)
print("ciphertext:=>", ct)
# decrypt
#decrypt rand_key
rec_key = maabe.decrypt(public_parameters, user_sk, maabect)
assert rand_key == rec_key, "FAILED Decryption: random key is incorrect"
#rec_key->symkey AE
rec_symcrypt = AuthenticatedCryptoAbstraction(extractor(rec_key))
#symdecrypt rec_etdsumstr
rec_etdsumbytes = rec_symcrypt.decrypt(ct['ec'])
rec_etdsumstr = str(rec_etdsumbytes, encoding="utf8")
print("etdsumstr type=>", type(rec_etdsumstr))
#sumstr->etd str list
rec_etdtolist = cut_text(rec_etdsumstr, len(etdtostr[0]))
print("rec_etdtolist=>", rec_etdtolist)
#etd str list->etd integer list
rec_etdint = [
integer(int(rec_etdtolist[0])),
integer(int(rec_etdtolist[1]))
]
print("rec_etdint=>", rec_etdint)
if debug: print("\n\nDecrypt...\n")
if debug: print("Successful Decryption!!!")
# collision
msg1 = "Video provides a powerful way to help you prove your point. When you click Online Video, you can paste in the embed code for p"
assert xi['p1'] == rec_etdint[
0], "FAILED Decryption: etd key p1 is incorrect"
assert xi['q1'] == rec_etdint[
1], "FAILED Decryption: etd key q1 is incorrect"
r1 = chamHash.collision(msg, msg1, xi, sk, pk)
if debug: print("new randomness =>", r1)
if debug: print("collision generated correctly!!!")
def sym_decrypt(ciphertext, key):
decrypter = SymmetricCryptoAbstraction(extractor(key))
serial_pt = decrypter.decrypt(ciphertext)
return bytesToObject(serial_pt, PairingGroup('SS512'))
