void CipherText::langrange(element_t* ys, int index, int k, int num){ element_t delta; element_t numerator; element_t denominator; element_t temp; element_init_Zr(delta, *(this->p)); element_init_Zr(numerator, *(this->p)); element_init_Zr(denominator, *(this->p)); element_init_Zr(temp, *(this->p)); element_init_Zr(ys[index], *(this->p)); element_set0(ys[index]); int i, j; for(i = 0; i < k; i++){ //compute the langrange coefficent l element_set1(delta); for(j = 0; j < k; j++){ if( j != i){ element_set_si(numerator, index - j); element_set_si(denominator, i - j); element_div(numerator, numerator, denominator); element_mul(delta, delta, numerator); } } element_mul(temp, ys[i], delta); element_add(ys[index], ys[index], temp); } }
// GROUP MANAGER INIT - group key generation part1 void xsgs_gm_gen(XSGS_PUBLIC_KEY* gpk, XSGS_ISSUER_KEY* ik, pbc_param_ptr param) { // 1. generate prime p, pairing group G1, G2, GT, e and a hash function H: {0,1}* -> Zp gpk->param = param; gpk->pairing = (pairing_ptr) malloc(sizeof(pairing_t)); pairing_init_pbc_param(gpk->pairing, gpk->param); // 2. select a generator G2 e group 2 at random element_init_G2(gpk->G2, gpk->pairing); element_random(gpk->G2); // and select a generator G1 e group 1 at random (G1 <- psi(G2) not applicable) element_init_G1(gpk->G1, gpk->pairing); element_random(gpk->G1); // 3. choose gamma e Zp* at random and set ik = gamma element_init_Zr(ik->gamma, gpk->pairing); element_random(ik->gamma); // 4. select K e Group1 element_init_G1(gpk->K, gpk->pairing); element_random(gpk->K); // and W = G2^gamma (e Group2) element_init_G2(gpk->W, gpk->pairing); element_pow_naf(gpk->W, gpk->G2, ik->gamma); return; }
int main(int argc,char** argv) { /* arg1 : ID */ if(argc < 2) { showUsage(); exit(0); } pairing_t pairing; element_t s,Sa,Qa; pairing_from_file(pairing,"globalParam/pairingParam"); element_init_G1(Sa,pairing); element_init_G1(Qa,pairing); element_init_Zr(s,pairing); element_from_file(s,"masterKey/s"); element_from_hash(Qa,argv[1],strlen(argv[1])); element_mul_zn(Sa,Qa,s); char loc[100] = "privateKey/"; strcat(loc,argv[1]); strcat(loc,".priv"); element_to_file(Sa,loc); return 0; }
void H_A(element_t* out, public_key pk) { element_init_Zr(*out, pairing); int len = (pk.level + 1) * sizeof(unsigned int) / sizeof(char); unsigned char o[MD5_DIGEST_LENGTH]; MD5((unsigned char*) pk.ID_tuple, len, o); element_from_hash(*out, (unsigned char*) o, MD5_DIGEST_LENGTH); }
void CipherText::compute_node(element_t& v, Node* node){//v amounts to s if(node->getType() == LEAF){ Leaf* leaf = (Leaf*)node; leaf->compute(&v, this->pub, this->p); // printf("leaf: %d, %d, computed\n", leaf->getK(), leaf->getNum()); } else if (node->getType() == INTERNAL_NODE){ InternalNode* internalNode = (InternalNode*)node; int num = internalNode->getNum(); int k = internalNode->getK(); Node** sons = internalNode->getSons();//?? // printf("internal Node: %d, %d\n", k, num); element_t* ys = (element_t*)malloc(sizeof(element_t) * (num + 1)); element_init_Zr(ys[0], *(this->p)); element_set(ys[0], v); //set ys[0] to v computePoints(ys, k, num); //compute other num point, int i = 1; for (i = 1; i <= num; i++){ compute_node(ys[i], sons[i - 1]); } } }
void Hmki(element_t* out, public_key pk, element_t* key) { // pk and key check element_init_Zr(*out, pairing); int len = (pk.level + 1) * sizeof(unsigned int) / sizeof(char); element_t x; element_init_G1(x,pairing); element_from_hash(x, pk.ID_tuple, len); len = element_length_in_bytes(x); unsigned char* str = (unsigned char* ) malloc(len); element_to_bytes(str, x); int len1 = element_length_in_bytes(*key); unsigned char* key_str = (unsigned char*) malloc(len1); element_to_bytes(key_str, *key); unsigned char* sum = (unsigned char*) malloc(len1 + len); memcpy(sum, str, len); memcpy(sum + len, key_str, len1); element_clear(x); free(str); free(key_str); unsigned char o[MD5_DIGEST_LENGTH + 1]; MD5(sum, len + len1, o); o[MD5_DIGEST_LENGTH] = '\0'; element_from_hash(*out, o, MD5_DIGEST_LENGTH); ///////////////////////// }
// OPENER INIT - group key generation part 2 void xsgs_opener_gen(XSGS_PUBLIC_KEY* gpk, XSGS_OPENER_KEY* ok) { pairing_ptr pairing = gpk->pairing; // 1. choose xi1, xi2 e Zp at random element_init_Zr(ok->xi1, pairing); element_random(ok->xi1); element_init_Zr(ok->xi2, pairing); element_random(ok->xi2); // 2. set H = K^xi1 and G = K^xi2 element_init_G1(gpk->H, pairing); element_pow_naf(gpk->H, gpk->K, ok->xi1); element_init_G1(gpk->G, pairing); element_pow_naf(gpk->G, gpk->K, ok->xi2); return; }
void consumerShares(signed long int *codeword){ pairing_t pairing; element_t g, r, a, e_g_g, share; char *argv = "./param/a.param"; char s[16384]; signed long int temp_share; FILE *fp = stdin; fp = fopen(argv, "r"); if (!fp) pbc_die("error opening %s\n", argv); size_t count = fread(s, 1, 16384, fp); if(!count) pbc_die("read parameter failure\n"); fclose(fp); if(pairing_init_set_buf(pairing, s, count)) pbc_die("pairing init failed\n"); if(!pairing_is_symmetric(pairing)) pbc_die("pairing is not symmetric\n"); element_init_G1(g, pairing); element_init_Zr(r, pairing); element_init_Zr(a, pairing); element_init_Zr(share, pairing); element_init_GT(e_g_g, pairing); //find the generator of the group element_set(g, ((curve_data_ptr)((a_pairing_data_ptr) pairing->data)->Eq->data)->gen); element_random(r); element_random(a); //compute e(g, g) element_pairing(e_g_g, g, g); //compute e(g, g)^r element_pow_zn(e_g_g, e_g_g, r); //compute e(g,g)^ra element_pow_zn(e_g_g, e_g_g, a); temp_share = codeword[0]; //transfer signed long int type ecret shares to an element_t type before we do the power of //e_g_g element_set_si(share, temp_share); element_pow_zn(e_g_g, e_g_g, share); }
void BroadcastKEM_using_product(global_broadcast_params_t gbp, broadcast_system_t sys, ct_t myct, element_t key) { if(!gbp) { printf("ACK! You gave me no broadcast params! I die.\n"); return; } if(!sys) { printf("ACK! You gave me no broadcast system! I die.\n"); return; } if(!myct) { printf("ACK! No struct to store return vals! I die.\n"); return; } element_t t; element_init_Zr(t, gbp->pairing); element_random(t); element_init(key, gbp->pairing->GT); element_init(myct->C0, gbp->pairing->G2); element_init(myct->C1, gbp->pairing->G1); //COMPUTE K element_pairing(key, gbp->gs[gbp->num_users-1], gbp->gs[0]); element_pow_zn(key, key, t); //COMPUTE C0 element_pow_zn(myct->C0, gbp->g, t); //COMPUTE C1 if(DEBUG && 0) { printf("\npub_key = "); element_out_str(stdout, 0, sys->pub_key); printf("\nencr_prod = "); element_out_str(stdout, 0, sys->encr_prod); } element_mul(myct->C1, sys->pub_key, sys->encr_prod); if(DEBUG && 0) { printf("\npub_key = "); element_out_str(stdout, 0, sys->pub_key); printf("\nencr_prod = "); element_out_str(stdout, 0, sys->encr_prod); printf("\nhdr_c1 = "); element_out_str(stdout, 0, myct->C1); printf("\n"); } element_pow_zn(myct->C1, myct->C1, t); element_clear(t); }
void CipherText::computePoints(element_t* ys, int k, int num){ int i = 1; //select k - 1 random points in polynomial curve. Positions are (1, random1),(2, random2) ... (k - 1, random(k - 1)) for (i = 1; i < k ; i++){ element_init_Zr(ys[i], *(this->p)); element_random(ys[i]); } //compute other num -k + 1 points for( i = k; i <= num; i ++){ langrange(ys, i, k, num); } }
int BCESetup(byte *curve_file_name, int num_user, byte *sys_params_path, byte * global_params_path, byte *sys_priv_key_out) { global_broadcast_params_t gbs; broadcast_system_t sys; //char recip[num_user / NUM_USER_DIVISOR]; char *recip; element_t sys_priv_key; if (curve_file_name == NULL) return 1; if (num_user % NUM_USER_DIVISOR != 0) return 2; if (sys_params_path == NULL) return 3; if (global_params_path == NULL) return 4; if (sys_priv_key_out == NULL) return 5; Setup_global_broadcast_params(&gbs, num_user, (char *) curve_file_name); Gen_broadcast_system(gbs, &sys); recip = (char *) malloc(num_user / NUM_USER_DIVISOR); memset(recip, BIT_VECTOR_UNIT_VALUE, num_user / NUM_USER_DIVISOR); Gen_encr_prod_from_bitvec(gbs, sys, recip); StoreParams((char *) sys_params_path, gbs, sys); StoreGlobalParams((char *) global_params_path, gbs); element_init_Zr(sys_priv_key, gbs->pairing); element_set(sys_priv_key, sys->priv_key); element_to_bytes(sys_priv_key_out, sys_priv_key); memset(recip, BIT_VECTOR_CLEAR_UNIT_VALUE, num_user / NUM_USER_DIVISOR); free(recip); element_random(sys_priv_key); element_clear(sys_priv_key); FreeBCS(sys); pbc_free(sys); FreeGBP(gbs); pbc_free(gbs); return 0; }
int main(int argc, char **argv) { pairing_t pairing; pbc_demo_pairing_init(pairing, argc, argv); char m[80]={0}; if (!pairing_is_symmetric(pairing)) pbc_die("pairing must be symmetric"); printf("Enter the message to be encrypted : "); gets(m); size_t len_m = sizeof(m); unsigned char hash[30]; SHA1(m, len_m, hash); printf("The hash is : %s", hash); element_t g, h; element_t public_key, secret_key; element_t sig; element_t temp1, temp2; element_init_G2(g, pairing); element_init_G2(public_key, pairing); element_init_G1(h, pairing); element_init_G1(sig, pairing); element_init_GT(temp1, pairing); element_init_GT(temp2, pairing); element_init_Zr(secret_key, pairing); element_random(g); element_random(secret_key); element_pow_zn(public_key, g, secret_key); element_printf("The public key is %B\n", public_key); element_from_hash(h, hash, 30); element_pow_zn(sig, h, secret_key); pairing_apply(temp1, sig, g, pairing); pairing_apply(temp2, h, public_key, pairing); if(!element_cmp(temp1, temp2)){ printf("\nVerified\n");} else{ printf("\nNot verified\n"); } }
//Called in file encryption function to generate C0,C1,C0',C1' and EK //returns CT,EK void EK_CT_generate(char *gamma, int *shared_users, int num_users, unsigned char *pps, ct CT, element_t EK, char *t_str) { global_broadcast_params_t gbs; element_t t; int j; //Global Setup of gbs params setup_global_broadcast_params(&gbs, pps); element_set_str(gbs->gamma, gamma, PBC_CONVERT_BASE); //it is important to set user gamma here else a random value will be used //pick a random value of t from Zr element_init_Zr(t, gbs->pairing); element_random(t); element_snprint(t_str,MAX_ELEMENT_LEN,t); //compute C0=g^t element_init(CT->OC0, gbs->pairing->G1); element_pow_zn(CT->OC0, gbs->g, t); //compute C1=(g^gamma)x(g[num_users+1-j]) for j in all shared users element_init(CT->OC1, gbs->pairing->G1); element_pow_zn(CT->OC1, gbs->g, gbs->gamma); //at this step C1 = g^gamma = v as given in paper for(j=0;j<num_users;j++) element_mul(CT->OC1, CT->OC1, gbs->gs[(gbs->num_users)-shared_users[j]]); element_pow_zn(CT->OC1, CT->OC1, t); //Duplicate C0'=C0 element_init(CT->C0, gbs->pairing->G1); element_set(CT->C0,CT->OC0); //Duplicate C1'=C1 element_init(CT->C1, gbs->pairing->G1); element_set(CT->C1,CT->OC1); //COMPUTE EK = e(g[n], g[1])^(t) element_init(EK, gbs->pairing->GT); element_pairing(EK, gbs->gs[0],gbs->gs[gbs->num_users-1]); //at this step EK = e(g[1],g[n]) element_pow_zn(EK,EK,t); //EK = e(g[1],g[n])^t //free the memory for global broadcast params element_clear(t); FreeGBP(gbs); return; }
void setup_global_broadcast_params(global_broadcast_params_t *sys, int num_users) { global_broadcast_params_t gbs; gbs = pbc_malloc(sizeof(struct global_broadcast_params_s)); // Setup curve in gbp size_t count = strlen(PBC_PAIRING_PARAMS); if (!count) pbc_die("input error"); if (pairing_init_set_buf(gbs->pairing, PBC_PAIRING_PARAMS, count)) pbc_die("pairing init failed"); gbs->num_users = num_users; element_t *lgs; int i; lgs = pbc_malloc(2 * num_users * sizeof(element_t)); if(!(lgs)) { printf("\nMalloc Failed\n"); printf("Didn't finish system setup\n\n"); } //Set g as a chosen public value element_init(gbs->g, gbs->pairing->G1); i=element_set_str(gbs->g, PUBLIC_G, PBC_CONVERT_BASE); //Get alpha from Zp as mentioned in the paper element_init_Zr(gbs->alpha, gbs->pairing); element_random(gbs->alpha); //pick random alpha value and later delete from memory //i=element_set_str(gbs->alpha, PRIVATE_ALPHA, PBC_CONVERT_BASE); //alpha is initialised as secret and later removed from memory //Make the 0th element equal to g^alpha element_init(lgs[0], gbs->pairing->G1); element_pow_zn(lgs[0],gbs->g, gbs->alpha); //Fill in the gs and the hs arrays for(i = 1; i < 2*num_users; i++) { //raise alpha to one more power element_init(lgs[i], gbs->pairing->G1); element_pow_zn(lgs[i], lgs[i-1], gbs->alpha); } element_clear(lgs[num_users]); //remove g^(alpha^(n+1)) as it can leak info about parameters //For simplicity & so code was easy to read gbs->gs = lgs; *sys = gbs; }
//This function sets the global broadcast parameters downloaded as a file from the server //Sets up the gamma value, dont forget to randomize gamma and store locally later please void setup_global_broadcast_params(global_broadcast_params_t *sys, unsigned char* gbs_header) { global_broadcast_params_t gbs; gbs = pbc_malloc(sizeof(struct global_broadcast_params_s)); // Setup curve in gbp size_t count = strlen(PBC_PAIRING_PARAMS); if (pairing_init_set_buf(gbs->pairing, PBC_PAIRING_PARAMS, count)) pbc_die("pairing init failed"); int num_users; memcpy(&num_users, gbs_header, 4); gbs->num_users = num_users; gbs_header= gbs_header+4; element_t *lgs; int i; lgs = pbc_malloc(2 * num_users * sizeof(element_t)); //generate g from the file contents element_init(gbs->g, gbs->pairing->G1); gbs_header += in(gbs->g, gbs_header); //Fill in the gi values in lgs[] for(i = 0; i < 2*num_users; i++) { element_init(lgs[i], gbs->pairing->G1); if(i == num_users) continue; gbs_header += in(lgs[i], gbs_header); } element_init_Zr(gbs->gamma, gbs->pairing); //initialise gamma element_random(gbs->gamma); //pick random value of gamma //For simplicity & so code was easy to read gbs->gs = lgs; *sys = gbs; return; }
Manager::Manager() { pairing_init_set_str(pairing, _PAIRING_PARAM_); //init public key element_init_G1(g, pairing); element_init_GT(gt, pairing); element_init_G1(X, pairing); element_init_G1(Y, pairing); element_init_GT(h, pairing); element_init_GT(y1, pairing); element_init_GT(y2, pairing); element_init_GT(y3, pairing); //init issuer key element_init_Zr(x, pairing); element_init_Zr(y, pairing); //init open key element_init_Zr(x1, pairing); element_init_Zr(x2, pairing); element_init_Zr(x3, pairing); element_init_Zr(x4, pairing); element_init_Zr(x5, pairing); }
CipherText::CipherText(Policy* policy, element_t* m, PubParam* pub, pairing_t* p){ this->pub = pub; this->p = p; this->m = m; this->policy = policy; //init random s this->s = (element_t*)malloc(sizeof(element_t)); element_init_Zr(*(this->s),*(this->p)); element_random(*(this->s)); // printf("excute before init_c1\n"); //init c1 init_c1(); // printf("ciphertext::init_c1() ok\n"); //init c0 init_c0(); // printf("ciphertext::init_c0() ok\n"); apply_policy(); printf("ciphertext: apply_policy ok\n"); }
int main(int argc, char **argv) { pairing_t pairing; double time1, time2; element_t P, a, b, c, Ka, Kb, Kc, t1, t2, t3, t4, t5, t6; pbc_demo_pairing_init(pairing, argc, argv); if (!pairing_is_symmetric(pairing)) pbc_die("pairing must be symmetric"); element_init_G1(P, pairing); element_init_G1(t1, pairing); element_init_G1(t2, pairing); element_init_G1(t3, pairing); element_init_Zr(a, pairing); element_init_Zr(b, pairing); element_init_Zr(c, pairing); element_init_GT(t4, pairing); element_init_GT(t5, pairing); element_init_GT(t6, pairing); element_init_GT(Ka, pairing); element_init_GT(Kb, pairing); element_init_GT(Kc, pairing); time1 = pbc_get_time(); printf("Joux key agreement between A, B and C.\n"); element_random(P); element_random(a); element_random(b); element_random(c); element_mul_zn(t1, P, a); printf("A sends B and C: aP\n"); element_printf("aP = %B\n", t1); element_mul_zn(t2, P, b); printf("B sends A and C: bP\n"); element_printf("bP = %B\n", t2); element_mul_zn(t3, P, c); printf("C sends A and B: cP\n"); element_printf("cP = %B\n", t3); element_pairing(t4, t2, t3); element_pow_zn(Ka, t4, a); element_printf("Ka = %B\n", Ka); element_pairing(t5, t1, t3); element_pow_zn(Kb, t5, b); element_printf("Kb = %B\n", Kb); element_pairing(t6, t1, t2); element_pow_zn(Kc, t6, c); element_printf("Kc = %B\n", Kc); printf("Shared key K = Ka = Kb = Kc\n"); time2 = pbc_get_time(); printf("All time = %fs\n", time2 - time1); element_clear(P); element_clear(a); element_clear(b); element_clear(c); element_clear(Ka); element_clear(Kb); element_clear(Kc); element_clear(t1); element_clear(t2); element_clear(t3); element_clear(t4); element_clear(t5); element_clear(t6); pairing_clear(pairing); return 0; }
/* * Initializes an exponent element of Zr to an empty value. Works with all groups * @param elem - the element to be initialized * EXP ELEMENT MEANS THIS ELEMENT WILL ONLY BE USED AS AN EXPONENT */ void BilinearMappingHandler::initEmptyExpElement(memberElement& elem) { element_init_Zr(elem, pairing); }//end of initEmptyExpElementFromG1()
bool Manager::Verification(string signature, char*mes, int len_mes) { //compare variables bool cmp_value_1=0; bool cmp_value_2=0; //elements element_t T1,T2,T3,T4; element_t T5, T6, T7; element_t c_H; element_t H; element_t Sp; element_t Sm; element_t Sv; //init element_init_GT(T1, pairing); element_init_GT(T2, pairing); element_init_GT(T3, pairing); element_init_GT(T4, pairing); element_init_G1(T5, pairing); element_init_G1(T6, pairing); element_init_G1(T7, pairing); element_init_Zr(Sp,pairing); element_init_Zr(Sm,pairing); element_init_Zr(Sv,pairing); element_init_Zr(H, pairing); element_init_Zr(c_H, pairing); SignatureFromString(signature, c_H,Sp,Sm,Sv,T1,T2,T3,T4,T5,T6,T7); //heshing Helper::Hash_T1_T2_T3(H,T1,T2,T3); //compute R1' element_t tmp_1; element_t tmp_2; element_t tmp_3; element_t R1_; element_init_GT(R1_, pairing); element_init_GT(tmp_1, pairing); element_init_GT(tmp_2, pairing); element_init_GT(tmp_3, pairing); element_pairing(tmp_1, g, T7); element_pow_zn(tmp_2, tmp_1, Sp); element_pairing(tmp_1, X, T6); element_pow_zn(tmp_3, tmp_1, Sm); element_div(R1_, tmp_2, tmp_3); element_pairing(tmp_3, X, T5); element_pow_zn(tmp_3, tmp_3, c_H); element_div(R1_, R1_, tmp_3); //compute R2' element_t R2_; element_init_GT(R2_, pairing); element_pow_zn(R2_, gt, Sv); element_pow_zn(tmp_1, T1, c_H); element_div(R2_, R2_, tmp_1); //compute R3' element_t R3_; element_init_GT(R3_, pairing); element_pow_zn(tmp_1, h, Sv); element_pow_zn(tmp_2, T2, c_H); element_sub(R3_, tmp_1, tmp_2); //compute R4' element_t R4_; element_init_GT(R4_, pairing); element_pow_zn(tmp_1, y1, Sv); element_pow_zn(tmp_2, gt, Sm); element_mul(tmp_3, tmp_1, tmp_2); element_pow_zn(tmp_1,T3, c_H); element_sub(R4_, tmp_3, tmp_1); //compute R5' element_t R5_; element_init_GT(R5_, pairing); element_t tmp_pow; element_init_Zr(tmp_pow, pairing); element_t tmp_div; element_init_GT(tmp_div, pairing); element_pow_zn(R5_, y2, Sv); element_pow_zn(tmp_div,y3,H); element_pow_zn(tmp_div,tmp_div,Sv); element_mul(R5_,R5_,tmp_div); element_pow_zn(tmp_div,T4, c_H); element_div(R5_, R5_, tmp_div); //check c_H == c_H' element_t check_c_H; element_init_Zr(check_c_H, pairing); Helper::Hash_C(check_c_H,R1_,R2_,R3_,R4_,R5_,g,gt,X,Y,h,y1,y2,y3,mes,len_mes); //check e(T 5 , Y ) == e(g, T 6 ) element_t check_1; element_init_GT(check_1, pairing); element_t check_2; element_init_GT(check_2, pairing); element_pairing(check_1, T5,Y); element_pairing(check_2, g,T6); //cmp_value_1 cmp_value_1=element_cmp(check_c_H,c_H);//0==ok //cmp_value_2 cmp_value_2=element_cmp(check_1,check_2);//0==ok //clear elements element_clear(T1); element_clear(T2); element_clear(T3); element_clear(T4); element_clear(T5); element_clear(T6); element_clear(T7); element_clear(Sp); element_clear(Sm); element_clear(Sv); element_clear(H); element_clear(c_H); element_clear(R1_); element_clear(R2_); element_clear(R3_); element_clear(R4_); element_clear(R5_); element_clear(tmp_1); element_clear(tmp_2); element_clear(tmp_3); element_clear(tmp_pow); element_clear(tmp_div); element_clear(check_c_H); element_clear(check_1); element_clear(check_2); if(cmp_value_1||cmp_value_2) return 0; else return 1; }
void Manager::KeyGeneration(string & PK, string & IK, string & OK) { element_t gt_new; element_t g_new; element_t X_new; element_t Y_new; element_t h_new; element_t y1_new; element_t y2_new; element_t y3_new; //issuer secret element_t x_new; element_t y_new; //open secret element_t x1_new; element_t x2_new; element_t x3_new; element_t x4_new; element_t x5_new; //init public key element_init_G1(g_new, pairing); element_init_GT(gt_new, pairing); element_init_G1(X_new, pairing); element_init_G1(Y_new, pairing); element_init_GT(h_new, pairing); element_init_GT(y1_new, pairing); element_init_GT(y2_new, pairing); element_init_GT(y3_new, pairing); //init issuer key element_init_Zr(x_new, pairing); element_init_Zr(y_new, pairing); //init open key element_init_Zr(x1_new, pairing); element_init_Zr(x2_new, pairing); element_init_Zr(x3_new, pairing); element_init_Zr(x4_new, pairing); element_init_Zr(x5_new, pairing); //set tmp variables element_t temp_y1; element_t temp_y2; element_init_GT(temp_y1, pairing); element_init_GT(temp_y2, pairing); //generate system parameters element_random(g_new); element_pairing(gt_new,g_new,g_new); //generate private keys of group manager element_random(x_new); element_random(y_new); //compute X Y element_pow_zn(X_new,g_new,x_new); element_pow_zn(Y_new,g_new,y_new); //generate h != 1 do { element_random(h_new); } while(element_is1(h_new)); //rand of secret set x1...x5 element_random(x1_new); element_random(x2_new); element_random(x3_new); element_random(x4_new); element_random(x5_new); //compute y1 element_pow_zn(temp_y1,gt_new,x1_new); element_pow_zn(temp_y2,h_new,x2_new); element_mul(y1_new,temp_y1,temp_y2); //compute y2 element_pow_zn(temp_y1,gt_new,x3_new); element_pow_zn(temp_y2,h_new,x4_new); element_mul(y2_new,temp_y1,temp_y2); //compute y3 element_pow_zn(y3_new,gt_new,x5_new); //Write keys PK=GroupPublicKeyToString(g_new, gt_new, X_new, Y_new, h_new, y1_new, y2_new, y3_new); IK=SecretIssuerKeyToString(x_new,y_new); OK=SecretOpenKeyToString(x1_new,x2_new,x3_new,x4_new,x5_new); //clear elements //clear public key element_clear(g_new); element_clear(gt_new); element_clear(X_new); element_clear(Y_new); element_clear(h_new); element_clear(y1_new); element_clear(y2_new); element_clear(y3_new); //clear issuer key element_clear(x_new); element_clear(y_new); //clear open key element_clear(x1_new); element_clear(x2_new); element_clear(x3_new); element_clear(x4_new); element_clear(x5_new); //clear tmps element_clear(temp_y1); element_clear(temp_y2); }
int Manager::Open(string sign, char*mes, int len_mes) { int ret; if(Verification(sign, mes, len_mes)!=true) return -1; //compare variable bool cmp_var=0; //elements element_t T1,T2,T3,T4; element_t T5, T6, T7; element_t H; element_t Sp; element_t Sm; element_t Sv; element_t c_H; element_t tmp_pow; element_t check_T4; element_t tmp_T2; element_init_GT(T1, pairing); element_init_GT(T2, pairing); element_init_GT(T3, pairing); element_init_GT(T4, pairing); element_init_G1(T5, pairing); element_init_G1(T6, pairing); element_init_G1(T7, pairing); element_init_Zr(H, pairing); element_init_Zr(Sp,pairing); element_init_Zr(Sm,pairing); element_init_Zr(Sv,pairing); element_init_Zr(c_H, pairing); element_init_Zr(tmp_pow, pairing); element_init_GT(check_T4, pairing); element_init_GT(tmp_T2, pairing); //read sign SignatureFromString(sign, c_H, Sp, Sm, Sv, T1, T2, T3, T4, T5, T6, T7); //add verify sign Helper::Hash_T1_T2_T3(H,T1,T2,T3); //T4 check element_mul(tmp_pow, x5,H); element_add(tmp_pow, tmp_pow,x3); element_pow_zn(check_T4, T1, tmp_pow); element_pow_zn(tmp_T2, T2, x4); element_mul(check_T4, check_T4,tmp_T2); cmp_var=element_cmp(check_T4,T4);//0==ok //compute Pi2 element_t check_Pi2; element_init_GT(check_Pi2, pairing); element_pow_zn(tmp_T2, T1, x1); element_pow_zn(check_Pi2, T2, x2); element_mul(tmp_T2, tmp_T2,check_Pi2); element_div(check_Pi2, T3,tmp_T2); //find Pi2 in reg list if(cmp_var) ret=-1; else ret=SearchInRegistrationList(check_Pi2); //clear elements element_clear(T1); element_clear(T2); element_clear(T3); element_clear(T4); element_clear(T5); element_clear(T6); element_clear(T7); element_clear(H); element_clear(c_H); element_clear(Sp); element_clear(Sm); element_clear(Sv); element_clear(tmp_pow); element_clear(check_T4); element_clear(tmp_T2); return ret; }
int main(void){ pairing_t pairing; element_t g, h, f, beta, beta_inverse; char s[16384]; signed long int temp_share; FILE *fp = stdin; fp = fopen("../public/a.param", "r"); if (!fp) pbc_die("error opening parameter file", "r"); size_t count = fread(s, 1, 16384, fp); if(!count) pbc_die("read parameter failure\n"); fclose(fp); if(pairing_init_set_buf(pairing, s, count)) pbc_die("pairing init failed\n"); if(!pairing_is_symmetric(pairing)) pbc_die("pairing is not symmetric\n"); element_init_G1(g, pairing); element_init_G1(h, pairing); element_init_G1(f, pairing); element_init_Zr(beta, pairing); element_init_Zr(beta_inverse, pairing); //(G1, g, h, f) is the public key of authorizer //find the generator of the group element_set(g, ((curve_data_ptr)((a_pairing_data_ptr)\ pairing->data)->Eq->data)->gen); element_random(beta); element_invert(beta_inverse, beta); //h = g^beta element_pow_zn(h, g, beta); //f = g^(1/beta) element_pow_zn(f, g, beta_inverse); fp = NULL; fp = fopen("./authorizer_public_keys.txt", "w+"); if(!fp) pbc_die("error creating public key files"); else{ fprintf(fp, "g:"); element_out_str(fp, 10, g); fprintf(fp, "\n\nh:"); element_out_str(fp, 10, h); fprintf(fp, "\n\nf:"); element_out_str(fp, 10, f); fclose(fp); } fp = fopen("./authorizer_secret_key.txt", "w+"); if(!fp) pbc_die("error creating secret key files"); else{ fprintf(fp, "beta:"); element_out_str(fp, 10, beta); } element_clear(g); element_clear(h); element_clear(f); element_clear(beta); element_clear(beta_inverse); return 1; }
void wSetup(char *string,int attrNo,pairing_t *pairing, MSP *msp){ int count = 0;//the index of the attribute array /* if(!strcmp(string,"ordinary")){ setupOrdinaryPairing(pairing);//setup pairing first printf("Use ordinary curve...\n"); }else if(!strcmp(string,"singular")){ setupSingularPairing(pairing);//setup pairing first printf("Use singular curve...\n"); }else{ fprintf(stderr,"Wrong input arguments!"); fprintf(stderr,"Please input <./wAbe><sinuglar> or <./wAbe><ordinary>\n"); } */ element_t g;//the generator of G element_init_G2(g,*pairing);//initial the generator g element_random(g); /* initial the random group elements h_1...h_attrNo which belog to G and are associated with the attrNo attributes in the system. */ element_t h; element_init_G2(h,*pairing); //initial the h element_t alpha; element_t a; //initial the alpha and a in Z_p element_init_Zr(alpha,*pairing); element_init_Zr(a,*pairing); element_random(alpha); element_random(a); //public key e(g,g)^alpha element_t pubKey; element_t gAlpha; element_t gA; element_init_GT(pubKey,*pairing);//initial the publicKey element_init_G2(gAlpha,*pairing);//initial the gAlpha element_init_G2(gA,*pairing);//initial the gA element_pow_zn(gAlpha,g,alpha);//gAlpha=g^alpha element_pow_zn(gA,g,a);//gA=g^a weilPairing(&pubKey,g,gAlpha,*pairing);//publicKey = e(g,g^alpha) = e(g,g)^alpha //Master secret key element_t msk; element_init_G2(msk,*pairing); element_set(msk,gAlpha);//msk = g^alpha //write the master key and public key to file FILE* fG = fopen("publicKey/g.key","w");//file pointer to the public key g FILE* fGA = fopen("publicKey/gA.key","w");//file pointer to the public key gA FILE* fPub = fopen("publicKey/eGG.key","w");//file pointer to the public key e(g,gALPHA) FILE* fH;//file pointer the the attribute key FILE* fMsk = fopen("MSK/msk.key","w");//file pointer to the master key element_fprintf(fG,"%B\n",g); element_fprintf(fPub,"%B\n",pubKey); element_fprintf(fGA,"%B\n",gA); count = 0; char hCmd[100];//the command line for the pointer of FILE* fH char attrName[2];//the name of attribute memset(hCmd,'\0',100); memset(attrName,'\0',2); strcpy(hCmd,"publicKey/h"); while(count!=attrNo){ sprintf(attrName,"%c",msp->label[count]); strcat(hCmd,attrName); strcat(hCmd,".key"); fH = fopen(hCmd,"w"); element_random(h); element_fprintf(fH,"%B",h); memset(hCmd,'\0',100); strcpy(hCmd,"publicKey/h"); memset(attrName,'\0',2); fclose(fH); count++; } element_clear(h); element_fprintf(fMsk,"%B\n",msk); //close the file pointer and clear all the element fclose(fG); fclose(fGA); fclose(fPub); fclose(fMsk); element_clear(g); element_clear(a); element_clear(alpha); element_clear(gAlpha); element_clear(gA); element_clear(pubKey); element_clear(msk); }//end of setup
/** * In this scheme every signer can aggregate a signature on a different message. * * This __cannot__ verify multiple messages from the same AS. * * We have __one__ signer -> __one__ message but as the message could be the same * for every signer, we can aggregate on it. * * @param store here we insert all the messages and all the signers * (as we __must__ verify every message of every signer) * * @return 0 if verify = success. * */ int pbgp_ibe_verify(setup_params_t *setup, ibe_signature_t *sign, store_t *store) { assert(sign && setup && store); element_t sumID, sumCi, sumTot, Pubi0, Pubi1, Pm, t1, p1, p2, e1, e2, ci; pairing_pp_t pp1, pp2, pp3; element_init_G1(sumID, setup->pairing); element_init_G1(sumCi, setup->pairing); element_init_G1(sumTot, setup->pairing); element_init_G1(Pubi0, setup->pairing); element_init_G1(Pubi1, setup->pairing); element_init_G1(Pm, setup->pairing); element_init_G1(t1, setup->pairing); element_init_GT(p1, setup->pairing); element_init_GT(p2, setup->pairing); element_init_GT(e1, setup->pairing); element_init_GT(e2, setup->pairing); element_init_Zr(ci, setup->pairing); element_set0(sumID); element_set0(sumCi); // // For each ASNUM in the list // store_iterator_t *iterator = pbgp_store_iterator_open(store); store_key_t key = STORE_KEY_INIT; while (1) { uint32_t id = 0; size_t ksize = 0, dsize = 0; // This mess is to avoid __any__ malloc call >:/ int ret = pbgp_store_iterator_uget_next_size(iterator, &ksize, &dsize); if (ret != 0) { break ; } // compute key data size ksize -= STORE_KEY_METADATA_LENGTH; if (sizeof(id) != ksize) { continue ; } // key buffer unsigned char kbuf[ksize]; memset (kbuf, 0, ksize); key.data = kbuf; key.dsize = sizeof(kbuf); // data buffer unsigned char message[dsize]; memset (message, 0, dsize); // get asnum + message ret = pbgp_store_iterator_uget_next(iterator, &key, message, &dsize); if (ret != 0) { break ; } char id0[BUFSIZ], id1[BUFSIZ]; memcpy(&id, kbuf, sizeof id); _ibe_get_id_pair(id, id0, sizeof (id0), id1, sizeof (id1)); // // Computes public keys for this AS from its identity // unsigned char hash[EVP_MAX_MD_SIZE + 1]; // hash(id0) memset(hash, 0, sizeof (hash)); _element_from_hash(Pubi0, hash, pbgp_rsa_uhash((unsigned char *) id0, strlen(id0), hash)); // hash(id1) memset(hash, 0, sizeof (hash)); _element_from_hash(Pubi1, hash, pbgp_rsa_uhash((unsigned char *) id1, strlen(id1), hash)); // ci = hash(m) memset(hash, 0, sizeof (hash)); element_from_hash(ci, hash, pbgp_rsa_uhash(message, dsize, hash)); // Computes sum(Pi_0) sum(ci * Pi_1) element_mul_zn(t1, Pubi1, ci); element_add(sumID, sumID, Pubi0); element_add(sumCi, sumCi, t1); } pbgp_store_iterator_close(iterator); element_add(sumTot, sumID, sumCi); pairing_pp_init(pp1, sumTot, setup->pairing); pairing_pp_init(pp2, sign->v, setup->pairing); pairing_pp_init(pp3, sign->u, setup->pairing); // e(Q = ibePub, sumTot) pairing_pp_apply(p1, setup->ibePub, pp1); // e(Tn = v, Pw) pairing_pp_apply(p2, sign->w, pp2); // e(Q = ibePub, sumTot) * e(Tn = v, Pw) element_mul(e2, p1, p2); // e(Sn = u, P) pairing_pp_apply(e1, setup->g, pp3); int rv = element_cmp(e1, e2); pairing_pp_clear(pp1); pairing_pp_clear(pp2); pairing_pp_clear(pp3); element_clear(sumID); element_clear(sumCi); element_clear(sumTot); element_clear(t1); element_clear(ci); element_clear(Pubi0); element_clear(Pubi1); element_clear(Pm); element_clear(p1); element_clear(p2); element_clear(e1); element_clear(e2); return rv; }
int main(void) { pairing_t pairing; char param[50000]; size_t count = fread(param, 1, 50000, stdin); if (!count) pbc_die("input error"); pairing_init_set_buf(pairing, param, count); // int cont = 0; struct timeval tvBegin, tvEnd; element_t g, h; element_t public_key, secret_key; element_t sig; element_t temp1, temp2; element_init_G2(g, pairing); element_init_G2(public_key, pairing); element_init_G1(h, pairing); element_init_G1(sig, pairing); element_init_GT(temp1, pairing); element_init_GT(temp2, pairing); element_init_Zr(secret_key, pairing); // Generating key element_random(g); element_random(secret_key); element_pow_zn(public_key, g, secret_key); // Generating message element_from_hash(h, "ABCDEF", 6); element_pow_zn(sig, h, secret_key); // RANDOM TESTS /* // Fp element_t p1, p2; element_init(p1, element_x(h)->field); element_init(p2, p1->field); element_random(p1); element_random(p2); // multiplication element_t puntos[2000]; for(cont = 0; cont < 1000; cont++){ element_init(puntos[cont], element_x(h)->field); element_init(puntos[2*cont], element_x(h)->field); element_random(puntos[cont]); element_random(puntos[2*cont]); } gettimeofday(&tvBegin, NULL); for(cont = 0; cont < 1000; cont++){ element_mul(puntos[cont], puntos[cont], puntos[2*cont]); } gettimeofday(&tvEnd, NULL); timeval_subtract(&tvEnd, &tvBegin, 1); //square gettimeofday(&tvBegin, NULL); for(cont = 0; cont < 1000; cont++) element_square(puntos[cont], puntos[2*cont]); gettimeofday(&tvEnd, NULL); timeval_subtract(&tvEnd, &tvBegin, 1); // add gettimeofday(&tvBegin, NULL); for(cont = 0; cont < 1000; cont++) element_add(puntos[cont], puntos[cont], puntos[2*cont]); gettimeofday(&tvEnd, NULL); timeval_subtract(&tvEnd, &tvBegin, 1); // invers gettimeofday(&tvBegin, NULL); for(cont = 0; cont < 1000; cont++) element_invert(puntos[cont], puntos[2*cont]); gettimeofday(&tvEnd, NULL); timeval_subtract(&tvEnd, &tvBegin, 1); // Fpk element_t q1, q2; element_init_GT(q1, pairing); element_init_GT(q2, pairing); element_random(q1); element_random(q2); // multiplication for(cont = 0; cont < 1000; cont++){ element_init_GT(puntos[cont], pairing); element_init_GT(puntos[2*cont], pairing); element_random(puntos[cont]); element_random(puntos[2*cont]); } gettimeofday(&tvBegin, NULL); for(cont = 0; cont < 1000; cont++) { element_mul(puntos[cont], puntos[cont], puntos[2*cont]); } gettimeofday(&tvEnd, NULL); timeval_subtract(&tvEnd, &tvBegin, 1); //square gettimeofday(&tvBegin, NULL); for(cont = 0; cont < 1000; cont++) element_square(puntos[cont], puntos[cont]); gettimeofday(&tvEnd, NULL); timeval_subtract(&tvEnd, &tvBegin, 1); // add gettimeofday(&tvBegin, NULL); for(cont = 0; cont < 1000; cont++){ element_add(element_x(puntos[cont]), element_x(puntos[cont]), element_x(puntos[2*cont])); element_add(element_y(puntos[cont]), element_y(puntos[cont]), element_y(puntos[2*cont])); } gettimeofday(&tvEnd, NULL); timeval_subtract(&tvEnd, &tvBegin, 1); // invers gettimeofday(&tvBegin, NULL); for(cont = 0; cont < 1000; cont++) element_invert(puntos[cont], puntos[2*cont]); gettimeofday(&tvEnd, NULL); timeval_subtract(&tvEnd, &tvBegin, 1); // CURVE OPERATIONS element_t punto, punto2; element_init(punto, h->field); element_random(punto); element_init(punto2, h->field); element_random(punto2); // add gettimeofday(&tvBegin, NULL); element_mul(punto, punto, punto2); gettimeofday(&tvEnd, NULL); timeval_subtract(&tvEnd, &tvBegin, 1); // double gettimeofday(&tvBegin, NULL); element_double(punto, punto2); gettimeofday(&tvEnd, NULL); timeval_subtract(&tvEnd, &tvBegin, 1); // SIZE GROUP int m = mpz_sizeinbase(pairing->r, 2) - 2; printf("%i\n", m); int contador = 0; for(;;){ if(!m) break; if(mpz_tstbit(pairing->r,m)) contador++; m--; } printf("%i\n", contador); */ // One pairing gettimeofday(&tvBegin, NULL); eval_miller(temp1, sig, g, pairing); gettimeofday(&tvEnd, NULL); timeval_subtract(&tvEnd, &tvBegin, 1000); //print_contador(); // One pairing (with precomputed values) // Original method pairing_pp_t pp; // Precomp gettimeofday(&tvBegin, NULL); pairing_pp_init(pp, sig, pairing); gettimeofday(&tvEnd, NULL); timeval_subtract(&tvEnd, &tvBegin, 1000); // Eval gettimeofday(&tvBegin, NULL); pairing_pp_apply(temp1, g, pp); gettimeofday(&tvEnd, NULL); timeval_subtract(&tvEnd, &tvBegin, 1000); pairing_pp_clear(pp); void do_precomp(){ lpoly *list; // precomputation gettimeofday(&tvBegin, NULL); list = lpoly_init(); precompute(list, pairing->r, sig, g); gettimeofday(&tvEnd, NULL); timeval_subtract(&tvEnd, &tvBegin, 1000); // DMAX printf("%i\n", list->MAXD); // eval gettimeofday(&tvBegin, NULL); compute_miller(temp2, list, g, pairing); gettimeofday(&tvEnd, NULL); timeval_subtract(&tvEnd, &tvBegin, 1000); lpoly_free(list); }
bool Manager::JoinMember(string request, string & respond) { //elements element_t Pi1; element_t Pi2; element_t Sk; element_t R; element_init_G1(Pi1,pairing); element_init_GT(Pi2, pairing); element_init_Zr(Sk, pairing); element_init_G1(R,pairing); //read & check SoK string hash; string hash_check; RequestFromString(request,hash,Sk,Pi1); //check Pi1 is point of curve if(element_item_count(Pi1)!=2) { element_clear(Pi1); element_clear(Pi2); element_clear(Sk); element_clear(R); return 1;//failure } element_t tmp1, tmp2; element_t c_Hsok; element_init_G1(tmp1, pairing); element_init_G1(tmp2, pairing); element_init_Zr(c_Hsok, pairing); element_from_hash(c_Hsok,(void*)hash.c_str(),hash.length()); element_pow_zn(tmp1,g,Sk); element_pow_zn(tmp2,Pi1,c_Hsok); element_div(R,tmp1,tmp2); hash_check=Helper::Hash_g_R(g,R); if(hash.compare(hash_check)) { element_clear(Pi1); element_clear(Pi2); element_clear(Sk); element_clear(R); element_clear(tmp1); element_clear(tmp2); element_clear(c_Hsok); return 1;//failure } //generate r_issuer element_t issuer_r; element_init_Zr(issuer_r, pairing); element_random(issuer_r); //create a b c element_t ai; element_t bi; element_t ci; element_t temp_ci1; element_t temp_ci2; //init element_init_G1(ai, pairing); element_init_G1(bi, pairing); element_init_G1(ci, pairing); element_init_G1(temp_ci1, pairing); element_init_G1(temp_ci2, pairing); //compute ai bi ci element_pow_zn(ai,g,issuer_r);//ai element_pow_zn(bi,ai,y);//bi element_pow_zn(temp_ci1,ai,x); element_pow_zn(temp_ci2,Pi1,issuer_r); element_pow_zn(temp_ci2,temp_ci2,x); element_pow_zn(temp_ci2,temp_ci2,y); element_mul(ci,temp_ci1,temp_ci2);//ci //create RESPOND respond=MemberSecretToString(ai,bi,ci); //compute Pi2 element_pairing(Pi2,Pi1,g); //Write_to_reg_list AddToRegistrationList(Pi1, Pi2); //clear elements element_clear(issuer_r); element_clear(Pi1); element_clear(Pi2); element_clear(temp_ci1); element_clear(temp_ci2); element_clear(tmp1); element_clear(tmp2); element_clear(c_Hsok); element_clear(Sk); element_clear(R); element_clear(ai); element_clear(bi); element_clear(ci); return 0;//success }
int main(int argc, char **argv) { pairing_t pairing; pbc_demo_pairing_init(pairing, argc, argv); if (!pairing_is_symmetric(pairing)) pbc_die("pairing must be symmetric"); double time1, time2; element_t P, Ppub, x, S, H, t1, t2, t3, t4; element_init_Zr(x, pairing); element_init_Zr(H, pairing); element_init_Zr(t1, pairing); element_init_G1(S, pairing); element_init_G1(P, pairing); element_init_G1(Ppub, pairing); element_init_G1(t2, pairing); element_init_GT(t3, pairing); element_init_GT(t4, pairing); printf("ZSS short signature schema\n"); printf("KEYGEN\n"); time1 = pbc_get_time(); element_random(x); element_random(P); element_mul_zn(Ppub, P, x); element_printf("P = %B\n", P); element_printf("x = %B\n", x); element_printf("Ppub = %B\n", Ppub); printf("SIGN\n"); element_from_hash(H, "Message", 7); element_add(t1, H, x); element_invert(t1, t1); element_mul_zn(S, P, t1); printf("Signature of message \"Message\" is:\n"); element_printf("S = %B\n", S); printf("VERIFY\n"); element_from_hash(H, "Message", 7); element_mul_zn(t2, P, H); element_add(t2, t2, Ppub); element_pairing(t3, t2, S); element_pairing(t4, P, P); element_printf("e(H(m)P + Ppub, S) = %B\n", t3); element_printf("e(P, P) = %B\n", t4); if (!element_cmp(t3, t4)) printf("Signature is valid\n"); else printf("Signature is invalid\n"); time2 = pbc_get_time(); printf("All time = %fs\n", time2 - time1); element_clear(P); element_clear(Ppub); element_clear(x); element_clear(S); element_clear(H); element_clear(t1); element_clear(t2); element_clear(t3); element_clear(t4); pairing_clear(pairing); return 0; }
int main(int argc, char **argv) { FILE *fpairing, *ftag, *fdata, *fresult, *fplain, *fkey, *fcipher, *fpub; pairing_t pairing; paillier_pubkey_t *pub; paillier_prvkey_t *priv; element_t g, h, u, sig1, sig2, sig3, temp_pow, m, g1, g2; element_t public_key, tag, tag_prod; element_t secret_key; paillier_get_rand_t get_rand; paillier_ciphertext_t *cipher1, *cipher2; paillier_plaintext_t *plain1, *plain2; mpz_t pub_n, a, b, data2, nsquare; int count = 0, val=5; pairing_init_set_str(pairing, param_str); //mpz_init_set_str(data_sum, "0", 10); plain1 = (paillier_plaintext_t*) malloc(sizeof(paillier_plaintext_t)); plain2 = (paillier_plaintext_t*) malloc(sizeof(paillier_plaintext_t)); cipher1 = (paillier_ciphertext_t*) malloc(sizeof(paillier_ciphertext_t)); cipher2 = (paillier_ciphertext_t*) malloc(sizeof(paillier_ciphertext_t)); //pbc_demo_pairing_init(pairing, argc, argv); element_init_G1(g1, pairing); element_init_G1(g2, pairing); element_init_G2(g, pairing); element_init_G2(public_key, pairing); element_init_G1(u, pairing); element_init_G1(temp_pow, pairing); element_init_G2(public_key, pairing); element_init_G1(h, pairing); element_init_G1(m, pairing); element_init_G1(sig1, pairing); element_init_G1(sig2, pairing); element_init_G1(sig3, pairing); element_init_G1(tag, pairing); element_init_G1(tag_prod, pairing); element_init_Zr(secret_key, pairing); // mpz_init(pub_n); char *len; mpz_init(a); mpz_init(b); mpz_init(data2); printf("Short signature test\n"); len = (char *)malloc(2048*sizeof(char)); if((fpub = fopen("pub.txt", "r"))) { pub = (paillier_pubkey_t*) malloc(sizeof(paillier_pubkey_t)); priv = (paillier_prvkey_t*) malloc(sizeof(paillier_prvkey_t)); mpz_init(pub->n_squared); mpz_init(pub->n); fgets(len, 1000, fpub); mpz_init_set_str(pub->p, len, 10); fgets(len, 1000, fpub); mpz_init_set_str(pub->q, len, 10); fgets(len, 1000, fpub); mpz_init_set_str(pub->n_plusone, len, 10); //printf("value of nplusone : \n"); //mpz_out_str(stdout, 10, pub->n_plusone); paillier_keygen(&pub, &priv, get_rand, 0); pub->bits = mpz_sizeinbase(pub->n, 2); fclose(fpub); } //setting already known pairing parameters if((fpairing = fopen("pairing.txt", "r"))) { fgets(len, 1000, fpairing); //printf("\n %s\n", len); element_set_str(g, len, 10); //element_printf(" g = %B\n", g); fgets(len, 1000, fpairing); //printf("\n %s\n", len); element_set_str(u, len, 10); //element_printf("\n u= %B\n", u); fgets(len, 1000, fpairing); element_set_str(secret_key, len, 10); //element_printf(" secretkey %B\n",secret_key); fgets(len, 1000, fpairing); element_set_str(public_key, len, 10); //element_printf(" publickey %B\n", public_key); fgets(len, 1000, fpairing); element_set_str(h, len, 10); //element_printf(" \nh = %B\n", h); fgets(len, 1000, fpairing); mpz_init_set_str(pub_n, len, 10); //printf("\n n = "); //mpz_out_str(stdout, 10, pub_n); fclose(fpairing); } element_set1(tag_prod); ftag = fopen("./tag/output5.txt", "r"); fgets(len, 1000, ftag); element_set_str(g1, len, 10); element_printf("\ng1 = %B\n", g1); fclose(ftag); ftag = fopen("./tag/output6.txt", "r"); fgets(len, 1000, ftag); element_set_str(g2, len, 10); element_printf("\ng2 = %B\n", g2); fclose(ftag); fplain = fopen("./split/output5.txt", "r"); fgets(len, 1000, fplain); // printf("\nlen %s", len); mpz_set_str(a, len, 10); //element_printf("\na = %Zd\n", a); fclose(fplain); fplain = fopen("./split/output6.txt", "r"); fgets(len, 1000, fplain); mpz_set_str(b, len, 10); fcipher = fopen("./cipher/copy1/output5.txt", "r"); fgets(len, 1000, fcipher); mpz_init_set_str(cipher1->c, len, 10); fclose(fcipher); fcipher = fopen("./cipher/copy1/output6.txt", "r"); fgets(len, 1000, fcipher); mpz_init_set_str(cipher2->c, len, 10); fclose(fcipher); paillier_mul(pub, cipher2, cipher2, cipher1); plain1 = paillier_dec(plain1, pub, priv, cipher2); //tag mpz_t an; mpz_init(an); mpz_init(nsquare); // mpz_mul(an, a, pub_n); mpz_mul(nsquare, pub_n, pub_n); element_pow_mpz(temp_pow,u, plain1->m); element_mul(temp_pow, temp_pow, h); element_pow_zn(sig1, temp_pow, secret_key); element_printf("\n signature of plain = %B\n", sig1); //mpz_mul(an, b, pub_n); // mpz_mul(nsquare, pub_n, pub_n); element_pow_mpz(temp_pow,u, b); element_mul(temp_pow, temp_pow, h); element_pow_zn(sig2, temp_pow, secret_key); element_printf("\n signature of b = %B\n", sig2); //element_printf("\nb = %Zd\n", b); fclose(fplain); mpz_add(a, a, b); // mpz_mod(a, a, pub_n); // mpz_mul(a, a, pub_n); // mpz_mod(a, a, nsquare); count = 2; element_pow_mpz(temp_pow,u, a); mpz_set_ui(data2, count); // itoa(count, len, 10);+ //element_printf(" \nh = %B\n", h); element_pow_mpz(h, h, data2); element_mul(temp_pow, temp_pow, h); //element_printf("\n h. u^bN = %B\n", temp_pow); element_pow_zn(sig3, temp_pow, secret_key); element_printf("\n sig 3 %B\n", sig3); element_mul(g2, g2, g1); element_printf("\n Direct Product %B\n", g2); element_mul(sig2, sig1, sig2); element_printf("\n Direct Product %B\n", sig2); return 0; }
void LoadParams(char *systemFileName, global_broadcast_params_t *gbp, broadcast_system_t *sys) { if(!gbp) { printf("ACK! You gave me no broadcast params! I die.\n"); return; } if(!gbp) { printf("ACK! You gave me no broadcast system! I die.\n"); return; } if(!systemFileName) { printf("ACK! You gave me no system filename! I die.\n"); return; } global_broadcast_params_t p; broadcast_system_t s; p = pbc_malloc(sizeof(struct global_broadcast_params_s)); s = pbc_malloc(sizeof(struct broadcast_system_s)); FILE *sysp = fopen(systemFileName, "r"); if(!sysp) { printf("ACK! couldn't open %s I die\n", systemFileName); return; } int leng; fread(&leng, 4, 1, sysp); p->pairFileName = (char *) pbc_malloc(leng); fread(p->pairFileName, 1, leng, sysp); FILE *params = fopen(p->pairFileName, "r"); if(!params) { printf("ACK! couldn't open %s I die\n", p->pairFileName); return; } // pairing_init_inp_str(p->pairing, params); char _s[2048]; size_t count = fread(_s, 1, 2048, params); if (!count) pbc_die("input error"); if (pairing_init_set_buf(p->pairing, _s, count)) pbc_die("pairing init failed"); fclose(params); //restore num_users fread(&(p->num_users),4,1, sysp); //restore encr_prod element_init(s->encr_prod, p->pairing->G1); in(s->encr_prod, sysp); //element_out_str(stdout, 0, s->encr_prod); //restore pub_key element_init(s->pub_key, p->pairing->G1); in(s->pub_key, sysp); //element_out_str(stdout, 0, s->pub_key); //restore g element_init(p->g, p->pairing->G1); in(p->g, sysp); p->gs = pbc_malloc(2 * p->num_users * sizeof(element_t)); //restore gs int i; for(i = 0; i < 2*p->num_users; i++) { if(i == p->num_users) continue; element_init(p->gs[i], p->pairing->G1); in(p->gs[i], sysp); } fclose(sysp); //now insert a dummy private key element_init_Zr(s->priv_key, p->pairing); *gbp = p; *sys = s; return; }