main(int argc, char *argv[]){
/** Check the number of parameters */
if (argc < 3) {
/** Tell the user how to run the program */
cerr << "Usage: " << argv[0] << " num_col key_file" << endl;
return 1;
}
mr_init_threading();
PFC pfc(AES_SECURITY);
SecureSelect *db=NULL;
int m=atoi(argv[1]);
string key_name(argv[2]);
db = new SecureSelect(m,&pfc,pfc.order());
#ifdef VERBOSE
int start = getMilliCount();
#endif
db->KeyGen(key_name);
#ifdef VERBOSE
int milliSecondsElapsed = getMilliSpan(start);
cout << "\texec time " << milliSecondsElapsed << endl;
#endif
}
int main()
{
PFC pfc(AES_SECURITY); // initialise pairing-friendly curve
Big alpha,x,y,key,sA,sB;
G1 gIDA,gIDB,dIDA,dIDB,RA,RB;
GT K;
time_t seed;
time(&seed);
irand((long)seed);
// setup
pfc.random(alpha);
// extract private key for Alice
pfc.hash_and_map(gIDA,(char *)"Alice");
dIDA=pfc.mult(gIDA,alpha);
pfc.precomp_for_mult(dIDA);
// extract private key for Bob
pfc.hash_and_map(gIDB,(char *)"Robert");
dIDB=pfc.mult(gIDB,alpha);
pfc.precomp_for_mult(dIDB);
// Alice to Bob
pfc.random(x);
RA=pfc.mult(gIDA,x);
// Bob to Alice
pfc.random(y);
RB=pfc.mult(gIDB,y);
// Hash values
pfc.start_hash();
pfc.add_to_hash(RA);
pfc.add_to_hash(RB);
sA=pfc.finish_hash_to_group();
pfc.start_hash();
pfc.add_to_hash(RB);
pfc.add_to_hash(RA);
sB=pfc.finish_hash_to_group();
// Alice calculates mutual key
K=pfc.pairing(pfc.mult(gIDB,sB)+RB,pfc.mult(dIDA,x+sA));
key=pfc.hash_to_aes_key(K);
cout << "Alice's key= " << key << endl;
// Bob calculates mutual key
K=pfc.pairing(pfc.mult(gIDA,sA)+RA,pfc.mult(dIDB,y+sB));
key=pfc.hash_to_aes_key(K);
cout << "Bob's key= " << key << endl;
return 0;
}
main()
{
// Set the random seed for A parameter generation
srand(time(NULL));
// Load the master secret key from a file
string fname;
cout << "Insert the name of key file" << endl;
cin >> fname;
PFC pfc(AES_SECURITY); // initialise pairing-friendly curve
miracl* mip=get_mip();
Big order=pfc.order();
MSK Secret = load_msk(fname, &pfc, mip, order);
int len = Secret.len;
// Construct a row loaded from a file
cout << "Insert the name of the table containing file ("<< len << " cells per row)" << endl;
cin >> fname;
fstream inputFile(fname);
string line, *ROW;
string fname2 = fname+"_enc_msgs";
//create_file(fname2); //DEVELOPMENT
fname = fname+"_enc_ct";
int i=0;
stringstream ss;
ss << fname << i;
string result = ss.str();
while(ifstream(result)){
i++;
stringstream ss;
ss << fname << i;
result = ss.str();
}
while (getline(inputFile, line)){
ROW=create_row2(line,len);
time_t seed1,seed2;
// Encrypt the row saving it into a file called 'fname_enc_msgs'
cout << "Encrypting row " << i+1 << " with n=" << len << endl;
time(&seed1);
EncryptedRow *ER=Secret.EncRow(ROW, fname2);
time(&seed2);
cout << "\t" << seed2-seed1 << endl;
// Save the encrypted row ciphertext in a file called 'fname_enc_ct' plus a sequential number
stringstream ss;
ss << fname << i;
result = ss.str();
save_er(result, len, ER->ek);
i++;
}
}
int main() {
PFC pfc(AES_SECURITY); // initialise pairing-friendly curve
miracl *mip=get_mip(); // get handle on mip (Miracl Instance Pointer)
mip->IOBASE=10;
std::string test_name;
int result = runTests(test_name);
print_test_result(result,test_name);
return 0;
}
main(int argc, char *argv[]){
/** Check the number of parameters */
if (argc < 5) {
/** Tell the user how to run the program */
cerr << "Usage: " << argv[0] << " token encrows results num_threads" << endl;
return 1;
}
mr_init_threading();
PFC pfc(AES_SECURITY);
SecureSelect *db=NULL;
int m=0;
string query_name(argv[1]);
string enctable_name(argv[2]);
string results_name(argv[3]);
int num_threads = atoi(argv[4]);
db = new SecureSelect(&pfc,pfc.order());
if (!ifstream(query_name+"_ptok")){
cout << "Query file doesn't exist" << endl;
return 0;
}
if (!ifstream(enctable_name+"_enc_msgs")){
cout << "Enctable file doesn't exist" << endl;
return 0;
}
#ifdef VERBOSE
int start = getMilliCount();
#endif
int res_num = db->ApplyPTokenMT(query_name, enctable_name, results_name, num_threads);
//int res_num = db->ApplyPToken(query_name, enctable_name, results_name);
#ifdef VERBOSE
int milliSecondsElapsed = getMilliSpan(start);
cout << "\texec time " << milliSecondsElapsed << endl;
#endif
if(res_num >=0){
cout << res_num << " result(s) found" << endl;
return 1;
}
else
return 0;
}
int main() {
PFC pfc(AES_SECURITY); // initialise pairing-friendly curve
miracl *mip=get_mip(); // get handle on mip (Miracl Instance Pointer)
mip->IOBASE=10;
time_t seed; // crude randomisation. Check if this is the version that is crypto-secure.
time(&seed);
irand((long)seed);
std::string test_name = "Test BLAccessPolicy";
int result = runTests(pfc);
print_test_result(result,test_name);
return 0;
}
main(int argc, char *argv[]){
/** Check the number of parameters */
if (argc < 6) {
/** Tell the user how to run the program */
cerr << "Usage: " << argv[0] << " key_file rows encrows noise num_threads" << endl;
return 1;
}
/** Set the random seed for noise parameter generation */
srand(time(NULL));
mr_init_threading();
PFC pfc(AES_SECURITY);
SecureSelect *db=NULL;
int m=0;
string key_file(argv[1]);
string table_name(argv[2]);
string enctable_name(argv[3]);
int rand_lim = atoi(argv[4]);
int num_threads = atoi(argv[5]);
db = new SecureSelect(&pfc,pfc.order());
if(!db->LoadKey(key_file))
return 0;
if(rand_lim<1){
cout << "Random paramter < 1, it has to be >= 1" << endl;
return 0;
}
#ifdef VERBOSE
int start = getMilliCount();
#endif
db->EncryptRowsMT(table_name,enctable_name,rand_lim, num_threads);
// db->EncryptRows(table_name,enctable_name,rand_lim);
#ifdef VERBOSE
int milliSecondsElapsed = getMilliSpan(start);
cout << "\texec time " << milliSecondsElapsed << endl;
#endif
}
int main()
{
PFC pfc(AES_SECURITY); // initialise pairing-friendly curve
time_t seed;
time(&seed);
irand((long)seed);
G1 g,h,PA;
Big alpha,r,PB;
GT t;
G2 HW,TW;
// keygen
pfc.random(g);
pfc.precomp_for_mult(g); // precompute on fixed g
pfc.random(alpha); // private key
h=pfc.mult(g,alpha); // public key
pfc.precomp_for_mult(h);
// PEKS
pfc.random(r);
pfc.hash_and_map(HW,(char *)"test");
t=pfc.pairing(HW,pfc.mult(h,r));
PA=pfc.mult(g,r);
PB=pfc.hash_to_aes_key(t); // [PA,PB] added to ciphertext
// Trapdoor
pfc.hash_and_map(HW,(char *)"test"); // key word we are looking for
TW=pfc.mult(HW,alpha);
pfc.precomp_for_pairing(TW);
// Test
if (pfc.hash_to_aes_key(pfc.pairing(TW,PA))==PB)
cout << "yes" << endl;
else cout << "no" << endl;
return 0;
}
void find(int now,int i,int cur)
{
int temp=i;
if(now>bound)
return;
if(cur==4)
{
i++;
}
for(;i<=9;i++)
{
if(!flag)
{
step[now]=i;
pfc(i);
flag=Is();
find(now+1,i,temp==i?(cur+1):2);
pbc(i);
}
}
}
int main() {
// miracl *mip = mirsys(5000,0); // C version: this is necessary to get the MIRACL functioning, which means that then I can call Bigs and so forth.
// Miracl precision(5,0); // C++ version for the above, together with the next line
// miracl* mip = &precision;
// The constructor of PFC (in bn_pair.cpp) already invokes mirsys and initializes the mip pointer.
// Because of this, I don't do that explicitly here.
// It also sets the base to 16, but I include that here for clarity. One should not have to read the code of library classes to understand this code
PFC pfc(AES_SECURITY); // initialise pairing-friendly curve
miracl *mip=get_mip(); // get handle on mip (Miracl Instance Pointer)
mip->IOBASE=16;
time_t seed; // crude randomisation. Check if this is the version that is crypto-secure.
time(&seed);
irand((long)seed);
DEBUG("Calling first constructor");
ShamirTest tests(pfc);
int result = tests.runTests();
print_test_result(result,tests.name());
return 0;
}
int main()
{
PFC pfc(AES_SECURITY); // initialise pairing-friendly curve
float ext_time, set_time, enc_time, dec_time;
clock_t begin_time;
Big q=pfc.order();
Big z,b,SSV,r,H,t;
G1 P,Z,R;
G2 Q,KB;
GT g,w;
time_t seed;
time(&seed);
irand((long)seed);
// setup
begin_time = clock();
pfc.random(P);
pfc.random(Q);
g=pfc.pairing(Q,P);
pfc.precomp_for_power(g);
pfc.random(z);
pfc.precomp_for_mult(P);
Z=pfc.mult(P,z);
pfc.precomp_for_mult(Q);
set_time = getExecutionTime(begin_time);
// extract private key for Robert
begin_time = clock();
b=pfc.hash_to_group((char *)"Robert");
KB=pfc.mult(Q,inverse(b+z,q));
ext_time = getExecutionTime(begin_time);
begin_time = clock();
// verify private key
pfc.precomp_for_pairing(KB); // Bob can precompute on his own private key
if (pfc.pairing(KB,pfc.mult(P,b)+Z)!=g)
{
cout << "Bad private key" << endl;
exit(0);
}
// Send session key to Bob
cout << "All set to go.." << endl;
pfc.rankey(SSV); // random AES key
pfc.start_hash();
pfc.add_to_hash(SSV);
pfc.add_to_hash(b);
r=pfc.finish_hash_to_group();
R=pfc.mult(pfc.mult(P,b)+Z,r);
t=pfc.hash_to_aes_key(pfc.power(g,r));
H=lxor(SSV,t);
cout << "Encryption key= " << SSV << endl;
enc_time = getExecutionTime(begin_time);
// Receiver
begin_time = clock();
t=pfc.hash_to_aes_key(pfc.pairing(KB,R));
SSV=lxor(H,t);
pfc.start_hash();
pfc.add_to_hash(SSV);
pfc.add_to_hash(b);
r=pfc.finish_hash_to_group();
if (pfc.mult(pfc.mult(P,b)+Z,r)==R)
cout << "Decryption key= " << SSV << endl;
else
cout << "The key is BAD - do not use!" << endl;
dec_time = getExecutionTime(begin_time);
cout << "Setup time: " << set_time << endl;
cout << "Extract time: " << ext_time << endl;
cout << "Encryption time: " << enc_time << endl;
cout << "Decryption time: " << dec_time << endl;
cout << " + --------" << endl;
cout << "Total time: " << set_time + ext_time + enc_time + dec_time << endl;
return 0;
}
main()
{
time_t seed1,seed2;
char ctt[300];
PFC pfc(AES_SECURITY); // initialise pairing-friendly curve
miracl* mip=get_mip();
Big order=pfc.order(); // print the number of points on the curve
mip->IOBASE=16;
ctt<<order;
printf("Order: %s\n",ctt);
mip->IOBASE=256;
time(&seed1); irand((long)seed1);
/*
G1 aaa1,bb1; G2 aaa2, bb2;
pfc.random(aaa1);
pfc.hash_and_map(aaa1,(char *) "pippo");
pfc.random(bb1);
pfc.hash_and_map(bb1,(char *) "pippo");
if (aaa1==bb1) printf("Equal\n"); else printf("Different\n");
pfc.random(aaa2);
pfc.hash_and_map(aaa2,(char *) "xypippo");
pfc.random(bb2);
pfc.hash_and_map(bb2,(char *) "xypippo");
if (aaa2==bb2) printf("Equal\n"); else printf("Different\n");
pfc.random(aaa1); pfc.random(aaa2);
GT aaaT=pfc.pairing(aaa2,aaa1);
char iv[16]={0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
char buff[32]={
0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
0x10,0x11,0x12,0x13,0x14,0x15,0x16,0x17,
0x20,0x21,0x22,0x23,0x24,0x25,0x26,0x27,
0x30,0x31,0x32,0x33,0x34,0x35,0x36,0x37,};
aes context,context1;
Big KeyB=pfc.hash_to_aes_key(aaaT);
char *KeyC;
KeyC=(char *)(&KeyB);
aes_init(&context,MR_CBC,16,KeyC,iv);
aes_encrypt(&context,buff);
KeyB=pfc.hash_to_aes_key(aaaT);
KeyC=(char *)(&KeyB);
aes_init(&context1,MR_CBC,16,KeyC,iv);
aes_decrypt(&context1,buff);
for(int i=0;i<32;i++){
if (i%8==0) printf("\n");
printf("%02x",buff[i]);
}
printf("\n");
*/
int n=3;
cout << "n=" << n << " (" << SizeOfTable << ")"<< endl;
Ipdb a1;
a1.GenPar3(&pfc,mip);
time(&seed2);
/*
printf("m=%d ell=%d\n",a1.m,a1.ell);
cout << "Gen Param: " << seed2-seed1 << endl;
time(&seed1);
EncryptedRow *EncryptedTable[SizeOfTable];
char **ROW=new char*[n];
for(int i=0;i<n;i++)
ROW[i]=new char[16];
memcpy(ROW[0],"123456789abcdef",16);
memcpy(ROW[1],"23456789abcdef1",16);
memcpy(ROW[2],"3456789abcdef12",16);
memcpy(ROW[3],"456789abcdef123",16);
for(int k=0;k<SizeOfTable;k++){
EncryptedTable[k]=a1.EncRow(ROW);
}
time(&seed2);
cout << "Enc Row : " << seed2-seed1 << endl;
time(&seed1);
int Cell=0;
char *CQuery[n];
for(int i=0;i<n;i++){
CQuery[i]=new char[16];
memcpy(CQuery[i],ROW[i],16);
}
CQuery[Cell]=(char *)NULL;
QueryKey *QQ=a1.QueryKeyGen(CQuery,Cell);
time(&seed2);
cout << "Query Gen: " << seed2-seed1 << endl;
*/
//printf("Checking the subencryption of length 3\n");
//IpdbCT *SubCT=EncryptedTable[0]->ek[1];
//IpdbKey *SubKey=QQ->Key[1];
//GT tmpT=a1.Dec(*SubCT,*SubKey);
//if (a1.partial1==tmpT) printf("Equal\n"); else printf("Different\n");
G1 tmpG1;
a1.pfc->random(tmpG1);
GT M=a1.pfc->pairing(a1.g2,tmpG1);
Big X[3];
X[0]=0; X[1]=0; X[2]=0;
Big s1,s2,s3,s4;
a1.pfc->random(s1); a1.pfc->random(s2);
a1.pfc->random(s3); a1.pfc->random(s4);
IpdbCT *CT3=a1.Enc(M,X,3,0,s1,s2,s3,s4);
Big Y[3];
Y[0]=0; Y[1]=0; Y[2]=0;
Big lambda1,lambda2;
a1.pfc->random(lambda1); a1.pfc->random(lambda2);
IpdbKey *Key3=a1.KeyGen(Y,3,0,lambda1,lambda2);
GT Res=a1.pfc->pairing(Key3->KA,CT3->A);
Res=Res*a1.pfc->pairing(Key3->KB,CT3->B);
for(int i=0;i<3;i++){
Res=Res*a1.pfc->pairing(Key3->K1[i],CT3->C1[i]);
Res=Res*a1.pfc->pairing(Key3->K2[i],CT3->C2[i]);
Res=Res*a1.pfc->pairing(Key3->K3[i],CT3->C3[i]);
Res=Res*a1.pfc->pairing(Key3->K4[i],CT3->C4[i]);
}
GT M88=CT3->C/Res;
if (M==M88) printf("Equal\n"); else printf("Different\n");
/*
time(&seed1);
for(int k=0;k<SizeOfTable;k++){
char *MM=a1.DecRow(*(EncryptedTable[k]),*QQ,Cell);
//printf("Decrypted message: %s\n",MM);
}
time(&seed2);
//cout << "Dec : " << seed2-seed1 << endl;
*/
}
string getIbeParams(const char * id)
{
PFC pfc(AES_SECURITY); // initialise pairing-friendly curve
time_t seed;
float ext_time, set_time, enc_time, dec_time;
clock_t begin_time;
Big s,r,sigma,c,M,V,W,sigma_hash;
// Although in paper, generator P is an elementof G1, switch to G2 to allow precomputation with MIRACL library
G2 P, Ppub, U, rP;
G1 Q1, D, rQ;
char* bytes;
stringstream res;
time(&seed);
irand((long)seed);
// Get the miracl instance pointer
// Can be used to access various internal parameters associated with the current instance of MIRACL
// Set IOBASE to 256 such that Big M can contain all ASCII characters
miracl* mip = get_mip();
mip->IOBASE = 16;
/**********
* SETUP
*
* happens at the side of the TA
***********/
begin_time = clock();
// Choose a random generator P elementof G2
pfc.random(P);
// If an element of G1, G2 or GT is fixed, then it can be
// precomputed on, using pfc.precomp_for_mult() for G1 and G2
// and pfc.precomp_for_power() for GT
// P becomes read-only from this point onwards
pfc.precomp_for_mult(P);
// Pick a random s elementof Z_q
pfc.random(s);
// Set Ppub = sP
Ppub = pfc.mult(P, s);
set_time = getExecutionTime(begin_time);
/**********
* EXTRACT
*
* happens at the side of the TA
* later on Alice receives D over a secure channel
***********/
begin_time = clock();
// hash public key of Alice to Q1
pfc.hash_and_map(Q1, (char*)id);
// Calculate private key of Alice as D=s.Q1
D = pfc.mult(Q1, s);
ext_time = getExecutionTime(begin_time);
res << D.g;
return res.str();
}
int main()
{
PFC pfc(AES_SECURITY); // initialise pairing-friendly curve
miracl* mip=get_mip();
Big s,r,sigma,c,M,V,W;
G2 P,Ppub,U;
G1 Alice,D,rA;
time_t seed;
time(&seed);
irand((long)seed);
// common values
pfc.random(P);
pfc.precomp_for_mult(P); // Note that P is a constant - so precompute!
pfc.random(s);
Ppub=pfc.mult(P,s); // will exploit precomputation on P
pfc.precomp_for_pairing(Ppub); // W is a system-wide constant
//extract
pfc.hash_and_map(Alice,(char *)"Alice"); // Alices public key
D=pfc.mult(Alice,s); // Alice's private key
//encrypt to (U,V,W)
mip->IOBASE=256;
M=(char *)"message"; // to be encrypted to Alice
cout << "Message to be encrypted= " << M << endl;
mip->IOBASE=16;
pfc.rankey(sigma);
pfc.start_hash();
pfc.add_to_hash(sigma);
pfc.add_to_hash(M);
r=pfc.finish_hash_to_group();
U=pfc.mult(P,r); // will exploit precomputation on P
rA=pfc.mult(Alice,r);
V=pfc.hash_to_aes_key(pfc.pairing(Ppub,rA)); // Use public key - will exploit precomputation on Ppub
V=lxor(sigma,V);
W=lxor(M,sigma);
//decrypt from (U,V,W)
sigma=lxor(V,pfc.hash_to_aes_key(pfc.pairing(U,D))); // Use private key
M=lxor(W,sigma);
pfc.start_hash();
pfc.add_to_hash(sigma);
pfc.add_to_hash(M);
r=pfc.finish_hash_to_group();
if (U!=pfc.mult(P,r))
{
cout << "CIphertext rejected" << endl;
return 0;
}
mip->IOBASE=256;
cout << "Decrypted message= " << M << endl;
return 0;
}
int main(int argc, char *argv[])
{
mr_init_threading();
/*************************************************
* Get the public parameters from the PKGs *
**************************************************/
// Initialise a strong random number generator
char raw[256];
FILE *fp;
fp = fopen("/dev/urandom", "r");
fread(&raw, 1, 256, fp);
fclose(fp);
time_t seed;
csprng rng;
time(&seed);
strong_init(&rng,strlen(raw),raw,(long)seed);
// Make sure all random PFC elements rely on strong random number generator
PFC pfc(AES_SECURITY, &rng);
miracl *mip = get_mip();
int bytes_per_big=(MIRACL/8)*(get_mip()->nib-1);
mip->IOBASE=64;
ThreadParams *myParams = new ThreadParams;
G2 P;
G2 Ppub;
G1 Qpriv, Qid;
G1 D;
/*************************************************
* Initialise client side socket for Scramble *
**************************************************/
cout << "Socket is ready for Firefox requests. Listening:" << endl;
int sockfd, newsockfd;
socklen_t clilen;
struct sockaddr_in serv_addr, cli_addr;
// Initialise the socket descriptor.
sockfd = socket(AF_INET, SOCK_STREAM, 0);
if (sockfd < 0)
error("ERROR opening socket");
// Bind socket to port
serv_addr.sin_family = AF_INET;
serv_addr.sin_addr.s_addr = INADDR_ANY;
serv_addr.sin_port = htons(PORT_NB);
if (bind(sockfd, (struct sockaddr *) &serv_addr, sizeof(serv_addr)) < 0)
error("ERROR on binding");
// Listen to socket and accept incoming connections
listen(sockfd,5);
clilen = sizeof(cli_addr);
*closeSocket = false;
//mr_init_threading();
//TODO: make encryption multithreaded
paramsInitialised = false;
while(!(*closeSocket) ){
newsockfd = accept(sockfd, (struct sockaddr *) &cli_addr, &clilen);
if (newsockfd < 0)
error("ERROR on accept");
if(paramsInitialised == false) {
myParams->pfc = &pfc;
bool extractionSucceeded = extractPrivateKey(myParams);
if(extractionSucceeded == false) {
cout << "Some DKGs were dishonest. Please select other DKGs." << endl;
return 0;
}
P = myParams->P;
D = myParams->D;
Ppub = myParams->Ppub;
paramsInitialised = true;
}
// Initialise new thread
//pthread_t sniffer_thread;
//pthread_attr_t attributes;
ThreadParams *params = new ThreadParams; // params is a pointer to a threadParams struct
//params = myParams;
params->sockfd = newsockfd;
params->pfc = &pfc;
params->P = myParams->P;
params->Ppub = myParams->Ppub;
params->D = myParams->D;
processXmlRequest(params);
}
//mr_end_threading();
sleep(5);
return 0;
}
int main()
{
PFC pfc(AES_SECURITY); // initialise pairing-friendly curve
time_t seed;
G1 Alice,Bob,sA,sB;
G2 B6,Server,sS;
GT res,sp,ap,bp;
Big ss,s,a,b;
time(&seed);
irand((long)seed);
pfc.random(ss); // TA's super-secret
cout << "Mapping Server ID to point" << endl;
pfc.hash_and_map(Server,(char *)"Server");
cout << "Mapping Alice & Bob ID's to points" << endl;
pfc.hash_and_map(Alice,(char *)"Alice");
pfc.hash_and_map(Bob,(char *)"Robert");
cout << "Alice, Bob and the Server visit Trusted Authority" << endl;
sS=pfc.mult(Server,ss);
sA=pfc.mult(Alice,ss);
sB=pfc.mult(Bob,ss);
cout << "Alice and Server Key Exchange" << endl;
pfc.random(a); // Alice's random number
pfc.random(s); // Server's random number
res=pfc.pairing(Server,sA);
if (!pfc.member(res))
{
cout << "Wrong group order - aborting" << endl;
exit(0);
}
ap=pfc.power(res,a);
res=pfc.pairing(sS,Alice);
if (!pfc.member(res))
{
cout << "Wrong group order - aborting" << endl;
exit(0);
}
sp=pfc.power(res,s);
cout << "Alice Key= " << pfc.hash_to_aes_key(pfc.power(sp,a)) << endl;
cout << "Server Key= " << pfc.hash_to_aes_key(pfc.power(ap,s)) << endl;
cout << "Bob and Server Key Exchange" << endl;
pfc.random(b); // Bob's random number
pfc.random(s); // Server's random number
res=pfc.pairing(Server,sB);
if (!pfc.member(res))
{
cout << "Wrong group order - aborting" << endl;
exit(0);
}
bp=pfc.power(res,b);
res=pfc.pairing(sS,Bob);
if (!pfc.member(res))
{
cout << "Wrong group order - aborting" << endl;
exit(0);
}
sp=pfc.power(res,s);
cout << "Bob's Key= " << pfc.hash_to_aes_key(pfc.power(sp,b)) << endl;
cout << "Server Key= " << pfc.hash_to_aes_key(pfc.power(bp,s)) << endl;
return 0;
}
int main()
{
PFC pfc(AES_SECURITY); // initialise pairing-friendly curve
miracl *mip=get_mip(); // get handle on mip (Miracl Instance Pointer)
Big order=pfc.order(); // get pairing-friendly group order
time_t seed; // crude randomisation
time(&seed);
irand((long)seed);
// setup - for 20 attributes 1-20
int i,j,k,n,ik,S[NBOB];
Big s,y,qi,M,ED,t[NATTR];
Big poly[Nd];
G1 P,T[NATTR],E[Nd],AE[NALICE];
G2 Q,AD[NALICE],BD[NBOB];
GT Y,DB;
pfc.random(P);
pfc.random(Q);
pfc.precomp_for_mult(Q); // Q is fixed, so precompute on it
pfc.random(y);
Y=pfc.power(pfc.pairing(Q,P),y);
for (i=0;i<NATTR;i++)
{
pfc.random(t[i]); // Note t[i] will be 2*AES_SECURITY bits long
T[i]=pfc.mult(P,t[i]); // which may be less than the group order.
pfc.precomp_for_mult(T[i],TRUE); // T[i] are system params, so precompute on them
// Note second parameter indicates that all multipliers
// must be <=2*AES_SECURITY bits, which may be shorter
// than the full group size.
}
// key generation for Alice
// A d-1 degree polynomial is randomly chosen such that q(0)=y
poly[0]=y;
for (i=1;i<Nd;i++)
pfc.random(poly[i]);
// Private key consists of components D_i where D_i=g^(q(i)/t_i)
for (j=0;j<NALICE;j++)
{
i=Alice[j];
qi=y; ik=i;
for (k=1;k<Nd;k++)
{ // evaluate polynomial a0+a1*x+a2*x^2... for x=i; => result is q(i)
qi+=modmult(poly[k],(Big)ik,order);
ik*=i;
qi%=order;
}
// D_i=g^(q(i)/t_i)
AD[j]=pfc.mult(Q,moddiv(qi,t[i],order)); // exploits precomputation
}
// key generation for Bob
poly[0]=y;
for (i=1;i<Nd;i++)
pfc.random(poly[i]);
for (j=0;j<NBOB;j++)
{
i=Bob[j];
qi=y; ik=i;
for (k=1;k<Nd;k++)
{ // evaluate polynomial a0+a1*x+a2*x^2... for x=i;
qi+=modmult(poly[k],(Big)ik,order);
ik*=i;
qi%=order;
}
BD[j]=pfc.mult(Q,moddiv(qi,t[i],order));
pfc.precomp_for_pairing(BD[j]); // Bob precomputes on his private key
}
// Encryption to Alice
mip->IOBASE=256;
M=(char *)"test message";
cout << "Message to be encrypted= " << M << endl;
mip->IOBASE=16;
pfc.random(s);
ED=lxor(M,pfc.hash_to_aes_key(pfc.power(Y,s)));
for (j=0;j<NALICE;j++)
{
i=Alice[j];
// calculate T_i^s
AE[j]=pfc.mult(T[i],s); // exploit precomputation
}
// Decryption by Bob
// set up to exploit multi-pairing
G1 *g1[5];
G2 *g2[5];
k=0;
for (j=0;j<NBOB;j++)
{ // check for common attributes
i=Bob[j];
n=has_attribute(NALICE,Alice,i);
if (n<0) continue; // Alice doesn't have it
S[k]=i;
E[k]=AE[n];
g2[k]=&BD[j];
k++;
}
if (k<Nd)
{
cout << "Bob does not have enough attributes in common with Alice to decrypt successfully" << endl;
exit(0);
}
// faster to multiply in G1 than to exponentiate in GT
for (j=0;j<Nd;j++)
{
i=S[j];
E[j]=pfc.mult(E[j],lagrange(i,S,Nd,order));
g1[j]=&E[j];
}
DB=pfc.multi_pairing(Nd,g2,g1);
M=lxor(ED,pfc.hash_to_aes_key(DB));
mip->IOBASE=256;
cout << "Decrypted message= " << M << endl;
return 0;
}
int main()
{
PFC pfc(AES_SECURITY); // initialise pairing-friendly curve
Big q=pfc.order();
Big z,b,SSV,r,H,t;
G1 P,Z,KB,R;
GT g;
time_t seed;
time(&seed);
irand((long)seed);
// setup
pfc.random(P);
g=pfc.pairing(P,P);
pfc.precomp_for_power(g);
pfc.random(z);
pfc.precomp_for_mult(P);
Z=pfc.mult(P,z);
// extract private key for Robert
b=pfc.hash_to_group((char *)"Robert");
KB=pfc.mult(P,inverse(b+z,q));
// verify private key
pfc.precomp_for_pairing(KB); // Bob can precompute on his own private key
if (pfc.pairing(KB,pfc.mult(P,b)+Z)!=g)
{
cout << "Bad private key" << endl;
exit(0);
}
char *bytes;
int len=pfc.spill(KB,bytes); // demo - spill precomputation to byte array
// Send session key to Bob
cout << "All set to go.." << endl;
pfc.rankey(SSV); // random AES key
pfc.start_hash();
pfc.add_to_hash(SSV);
pfc.add_to_hash(b);
r=pfc.finish_hash_to_group();
R=pfc.mult(pfc.mult(P,b)+Z,r);
t=pfc.hash_to_aes_key(pfc.power(g,r));
H=lxor(SSV,t);
cout << "Encryption key= " << SSV << endl;
// Receiver
pfc.restore(bytes,KB); // restore precomputation for KB from byte array
t=pfc.hash_to_aes_key(pfc.pairing(KB,R));
SSV=lxor(H,t);
pfc.start_hash();
pfc.add_to_hash(SSV);
pfc.add_to_hash(b);
r=pfc.finish_hash_to_group();
if (pfc.mult(pfc.mult(P,b)+Z,r)==R)
cout << "Decryption key= " << SSV << endl;
else
cout << "The key is BAD - do not use!" << endl;
return 0;
}
int main()
{
PFC pfc(AES_SECURITY); // initialise pairing-friendly curve
miracl* mip=get_mip();
Big order=pfc.order();
Big s,u,a,b,x,c,h,M;
G1 P,Ppub,Pa,Pb,R,S,U;
G2 Q,Qsa,Qsb,T;
GT g,N,V;
time_t seed;
time(&seed);
irand((long)seed);
//setup
pfc.random(s);
pfc.random(P);
pfc.random(Q);
g=pfc.pairing(Q,P);
pfc.precomp_for_power(g);
Ppub=pfc.mult(P,s);
//Keygen
a=pfc.hash_to_group((char *)"Alice");
Qsa=pfc.mult(Q,inverse(modmult(s,a,order),order));
b=pfc.hash_to_group((char *)"Bob");
Qsb=pfc.mult(Q,inverse(modmult(s,b,order),order));
Pa=pfc.mult(Ppub,a);
Pb=pfc.mult(Ppub,b);
//Signcrypt
mip->IOBASE=256;
M=(char *)"test message"; // to be signcrypted from Alice to Bob
cout << "Signed Message= " << M << endl;
mip->IOBASE=16;
pfc.precomp_for_mult(Pa);
pfc.precomp_for_mult(Qsa);
pfc.random(x);
N=pfc.power(g,inverse(x,order));
R=pfc.mult(Pa,x);
S=pfc.mult(Pb,inverse(x,order));
c=lxor(M,pfc.hash_to_aes_key(N));
pfc.start_hash();
pfc.add_to_hash(R);
pfc.add_to_hash(S);
pfc.add_to_hash(c);
h=pfc.finish_hash_to_group();
T=pfc.mult(Qsa,inverse(x+h,order));
// Unsigncrypt
pfc.precomp_for_pairing(Qsb); // Bob can precompute on his private key
pfc.start_hash();
pfc.add_to_hash(R);
pfc.add_to_hash(S);
pfc.add_to_hash(c);
h=pfc.finish_hash_to_group();
U=pfc.mult(Pa,h);
V=pfc.pairing(T,R+U);
N=pfc.pairing(Qsb,S);
M=lxor(c,pfc.hash_to_aes_key(N));
mip->IOBASE=256;
if (V==g)
{
cout << "Message is OK" << endl;
cout << "Verified Message= " << M << endl;
}
else
cout << "Message is bad " << M << endl;
return 0;
}
int main()
{
PFC pfc(AES_SECURITY); // initialise pairing-friendly curve
miracl *mip=get_mip(); // get handle on mip (Miracl Instance Pointer)
time_t seed;
int i,j,k,l,n,m,d,nS;
Big **LSSS;
int *attr;
Big det,order=pfc.order(); // get pairing-friendly group order
Big alpha,a,M,CT,s,t;
G2 g2,g2a,*h,CD;
G1 g1,g1a,K,L,MSK;
GT eg2g1a,mask;
time(&seed); // initialise (insecure!) random numbers
irand((long)seed);
// Setup
pfc.random(alpha);
pfc.random(a);
pfc.random(g1);
pfc.random(g2);
pfc.precomp_for_mult(g1); // g1 is fixed, so precompute on it
pfc.precomp_for_mult(g2); // g2 is fixed, so precompute on it
eg2g1a=pfc.power(pfc.pairing(g2,g1),alpha);
pfc.precomp_for_power(eg2g1a);
g1a=pfc.mult(g1,a);
g2a=pfc.mult(g2,a);
pfc.precomp_for_mult(g2a); // g2a is fixed, so precompute on it
h=new G2[U];
for (i=0;i<U;i++)
{
pfc.random(h[i]);
pfc.precomp_for_mult(h[i]); // precompute on h[.]
}
MSK=pfc.mult(g1,alpha);
// Encrypt
m=find_m(Access);
d=find_d(Access);
LSSS=new Big *[m];
for (i=0;i<m;i++)
LSSS[i]=new Big[d+1]; // get memory for each row
attr=new int [m];
make_LSSS(Access,m,d,LSSS,attr); // create LSSS matrix from Access structure
cout << "LSSS matrix " << m << "x" << d << endl;
for (i=0;i<m;i++)
{
for (j=0;j<d;j++)
cout << LSSS[i][j] << " ";
cout << " " << (char)attr[i] << endl;
}
cout << endl;
mip->IOBASE=256;
M=(char *)"test message";
cout << "Message to be encrypted= " << M << endl;
mip->IOBASE=16;
Big *v=new Big [d];
Big *lambda=new Big [m];
Big *r=new Big [m];
for (i=0;i<d;i++)
pfc.random(v[i]);
s=v[0];
for (i=0;i<m;i++)
pfc.random(r[i]);
G2 *C=new G2 [m];
G1 *D=new G1 [m];
for (i=0;i<m;i++)
{
lambda[i]=0;
for (j=0;j<d;j++)
lambda[i]+=modmult(LSSS[i][j],v[j],order);
lambda[i]%=order;
}
CT=lxor(M,pfc.hash_to_aes_key(pfc.power(eg2g1a,s)));
CD=pfc.mult(g2,s);
for (i=0;i<m;i++)
{
C[i]=pfc.mult(g2a,lambda[i])+pfc.mult(h[attr[i]-'A'],-r[i]);
D[i]=pfc.mult(g1,r[i]);
}
// keygen
cout << "Generating keys" << endl;
pfc.random(t);
K=MSK+pfc.mult(g1a,t);
L=pfc.mult(g1,t);
G2 *KX=new G2[U];
nS=0;
while (auth[nS]!=0)
{
j=auth[nS++]-'A';
KX[j]=pfc.mult(h[j],t);
pfc.precomp_for_pairing(KX[j]);
}
// decrypt - and apply some optimisations e.g. e(A,B)*e(A,C) = e(A,B+C)
cout << "Decrypting" << endl;
int *rows=new int [m];
Big *w=new Big [m];
if (!reduce_LSSS(order,m,d,LSSS,attr,auth,rows,w))
{
cout << "Unable to decrypt - insufficient attributes" << endl;
exit(0);
}
cout << "reduced matrix= " << m << "x" << d << endl;
// Note that w[i] are usually very small, so this is fast
G2 TC;
for (i=0;i<m;i++)
{
cout << "w[i]= " << w[i] << endl;
TC=TC+pfc.mult(C[rows[i]],w[i]);
D[rows[i]]=pfc.mult(D[rows[i]],-w[i]);
}
TC=-TC;
// combine rows which share same attribute
for (i=0;i<m;i++)
{
k=rows[i];
for (j=i+1;j<m;j++)
{
if (attr[j]==attr[i])
{
D[k]=D[k]+D[rows[j]]; // combine them
for (n=j;n<m;n++)
{
rows[n]=rows[n+1];
attr[n]=attr[n+1];
}
m--; // delete row
}
}
}
G2 **t2=new G2* [m+2];
G1 **t1=new G1* [m+2];
t2[0]=&CD; t1[0]=&K; // e(CD,K)
t2[1]=&TC; t1[1]=&L; // e(TC,L)
for (i=0;i<m;i++)
{
t2[i+2]=&KX[attr[i]-'A'];
t1[i+2]=&D[rows[i]];
}
mask=pfc.multi_pairing(m+2,t2,t1); // most pairings benefit from precomputation
M=lxor(CT,pfc.hash_to_aes_key(mask));
mip->IOBASE=256;
cout << "Decrypted message= " << M << endl;
return 0;
}
main()
{
time_t seed1,seed2;
char ctt[300];
PFC pfc(AES_SECURITY); // initialise pairing-friendly curve
miracl* mip=get_mip();
Big order=pfc.order(); // print the number of points on the curve
mip->IOBASE=16;
ctt<<order;
printf("Order: %s\n",ctt);
mip->IOBASE=256;
time(&seed1); irand((long)seed1);
Ipdb a1(3);
a1.GenPar(&pfc,mip);
time(&seed2);
G1 tmpG1;
a1.pfc->random(tmpG1);
GT M=a1.pfc->pairing(a1.g2,tmpG1);
Big X[3];
X[0]=1; X[1]=1; X[2]=-1;
IpdbCT *CT3=a1.Enc(M,X);
#ifdef BBBBB
IpdbCT CT3(3);
int i;
Big s1,s2,s3,s4;
Big x[3];
pfc.random(s1); pfc.random(s2);
pfc.random(s3); pfc.random(s4);
for (i=0;i<3;i++) pfc.random(x[i]);
x[0]=1; x[1]=1; x[2]=-1;
CT3.A=pfc.mult(a1.g1,s2);
CT3.B=pfc.mult(a1.g1_1,s1);
for (i=0;i<3;i++)
{
CT3.C1[i]=pfc.mult(a1.W1[i],s1)+pfc.mult(a1.F1[i],s2)+pfc.mult(a1.U1,modmult(x[i],s3,a1.order));
CT3.C2[i]=pfc.mult(a1.W2[i],s1)+pfc.mult(a1.F2[i],s2)+pfc.mult(a1.U2,modmult(x[i],s3,a1.order));
}
for (i=0;i<3;i++)
{
CT3.C3[i]=pfc.mult(a1.T1[i],s1)+pfc.mult(a1.H1[i],s2)+pfc.mult(a1.V1,modmult(x[i],s4,a1.order));
CT3.C4[i]=pfc.mult(a1.T2[i],s1)+pfc.mult(a1.H2[i],s2)+pfc.mult(a1.V2,modmult(x[i],s4,a1.order));
}
GT MME=pfc.power(a1.alpha,s2);
CT3.C=M*MME;
GT MM1=CT3->C/MME;
if (M==MM1) printf("1.Equal\n"); else printf("1.Different\n");
#endif
Big Y[3];
Y[0]=1; Y[1]=0; Y[2]=1;
IpdbKey *Key3=a1.KeyGen(Y);
#ifdef AAAAAA
IpdbKey Key3(3);
Big v[3], r[3],phi[3];
Big lambda1,lambda2;
Big t;
for (i=0;i<3;i++) pfc.random(v[i]);
inner_product(x,v,order); // frig v such that x.v=0
pfc.random(lambda1);
pfc.random(lambda2);
for (i=0;i<3;i++){pfc.random(r[i]); pfc.random(phi[i]); }
for (i=0;i<3;i++){
t=modmult(lambda1,v[i],a1.order);
Key3.K1[i]=pfc.mult(a1.g2,modmult(t,a1.w2[i],order)-modmult(a1.delta2,r[i],order));
Key3.K2[i]=pfc.mult(a1.g2,modmult(a1.delta1,r[i],order)-modmult(t,a1.w1[i],order));
pfc.precomp_for_pairing(Key3.K1[i]);
pfc.precomp_for_pairing(Key3.K2[i]);
}
for (i=0;i<3;i++){
t=modmult(lambda2,v[i],a1.order);
Key3.K3[i]=pfc.mult(a1.g2,modmult(t,a1.t2[i],a1.order)-modmult(a1.theta2,phi[i],a1.order));
Key3.K4[i]=pfc.mult(a1.g2,modmult(a1.theta1,phi[i],a1.order)-modmult(t,a1.t1[i],a1.order));
pfc.precomp_for_pairing(Key3.K3[i]);
pfc.precomp_for_pairing(Key3.K4[i]);
}
MM1=CT3->C/MME;
if (M==MM1) printf("2.Equal\n"); else printf("2.Different\n");
#endif
#ifdef AAAAAA
Key3.KA=a1.g2_2;
for (i=0;i<3;i++){
Key3.KA=Key3.KA+pfc.mult(Key3.K1[i],-a1.f1[i])+pfc.mult(Key3.K2[i],-a1.f2[i])+pfc.mult(Key3.K3[i],-a1.h1[i])+pfc.mult(Key3.K4[i],-a1.h2[i]);
Key3.KB=Key3.KB+pfc.mult(a1.g2,-(r[i]+phi[i])%a1.order);
}
pfc.precomp_for_pairing(Key3.KA);
pfc.precomp_for_pairing(Key3.KB);
MM1=CT3->C/MME;
if (M==MM1) printf("3.Equal\n"); else printf("3.Different\n");
#endif
#ifdef AAAAAA
G2 **left=new G2*[4*3+2];
G1 **right=new G1*[4*3+2];
left[0]=&Key3.KA; right[0]=&CT3.A; // e(K,CD)
left[1]=&Key3.KB; right[1]=&CT3.B; // e(L,TC)
int j=2;
for (i=0;i<3;i++){
left[j]=&Key3.K1[i]; right[j]=&CT3.C1[i]; j++;
left[j]=&Key3.K2[i]; right[j]=&CT3.C2[i]; j++;
left[j]=&Key3.K3[i]; right[j]=&CT3.C3[i]; j++;
left[j]=&Key3.K4[i]; right[j]=&CT3.C4[i]; j++;
}
MM1=CT3->C/MME;
if (M==MM1) printf("4.Equal\n"); else printf("4.Different\n");
// GT MMD=pfc.multi_pairing(4*3+2,left,right);
MM1=CT3->C/MME;
if (M==MM1) printf("5.Equal\n"); else printf("5.Different\n");
GT M9;
M9=CT3->C/MME;
if (M==M9) printf("Equal\n"); else printf("Different\n");
MM1=CT3->C/MME;
if (M==MM1) printf("6.Equal\n"); else printf("6.Different\n");
#endif
GT M88=a1.Dec(*CT3,*Key3);
if (M==M88) printf("88.Equal\n"); else printf("88.Different\n");
}