Hidden-Vector Encryption with Groups of Prime Order

Authors

V. Iovino and G. Persiano

Abstract

Predicate encryption schemes are encryption schemes in which each ciphertext Ct is associated with a binary attribute vector x = (x1, ..., xn) and keys K are associated with predicates. A key K can decrypt a ciphertext Ct if and only if the attribute vector of the cipher-text satisfies the predicate of the key. Predicate encryption schemes can be used to implement fine-grained access control on encrypted data and to perform search on encrypted data. Hidden vector encryption schemes [Boneh and Waters - TCC 2007] are encryption schemes in which each ciphertext Ct is associated with a binary vector x = (x1, ..., xn) and each key K is associated with binary vector y = (y1, ..., yn) with "don't care" entries (denoted with *). Key K can decrypt ciphertext Ct if and only if x and y agree for all i for which yi != *. Hidden vector encryption schemes are an important type of predicate encryption schemes as they can be used to construct more sophisticated predicate encryption schemes (supporting for example range and subset queries). We give a construction for hidden-vector encryption from standard complexity assumptions on bilinear groups of prime order. Previous constructions were in bilinear groups of composite order and thus resulted in less efficient schemes. Our construction is both payload-hiding and attribute-hiding meaning that also the privacy of the attribute vector, besides privacy of the cleartext, is guaranteed.

URL

http://eprint.iacr.org/2009/380.pdf

Usage


1    package it.unisa.dia.gas.crypto.arcanum.fe.hve.ip08;
2    
3    import it.unisa.dia.gas.crypto.fe.PredicateOnlyEncryptionScheme;
4    import it.unisa.dia.gas.crypto.arcanum.fe.hve.ip08.engines.HVEIP08PredicateOnlyEngine;
5    import it.unisa.dia.gas.crypto.arcanum.fe.hve.ip08.generators.HVEIP08KeyPairGenerator;
6    import it.unisa.dia.gas.crypto.arcanum.fe.hve.ip08.generators.HVEIP08ParametersGenerator;
7    import it.unisa.dia.gas.crypto.arcanum.fe.hve.ip08.generators.HVEIP08PredicateOnlySecretKeyGenerator;
8    import it.unisa.dia.gas.crypto.arcanum.fe.hve.ip08.params.*;
9    import PairingFactory;
10   import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
11   import org.bouncycastle.crypto.CipherParameters;
12   import org.bouncycastle.crypto.InvalidCipherTextException;
13   
14   import java.security.SecureRandom;
15   import java.util.Random;
16   
17   import static org.junit.Assert.assertEquals;
18   
19   /**
20    * @author Angelo De Caro (arcanumlib@gmail.com)
21    */
22   public class HVEIP08 {
23   
24   
25       public HVEIP08() {
26       }
27   
28   
29       protected AsymmetricCipherKeyPair setup(int n) {
30           HVEIP08KeyPairGenerator generator = new HVEIP08KeyPairGenerator();
31           generator.init(new HVEIP08KeyGenerationParameters(new SecureRandom(),
32                   genBinaryParam(n)));
33   
34           return generator.generateKeyPair();
35       }
36   
37       protected CipherParameters keyGen(CipherParameters privateKey, int... pattern) {
38           HVEIP08PredicateOnlySecretKeyGenerator generator = new HVEIP08PredicateOnlySecretKeyGenerator();
39           generator.init(new HVEIP08SecretKeyGenerationParameters(
40                   (HVEIP08MasterSecretKeyParameters) privateKey, pattern)
41           );
42   
43           return generator.generateKey();
44       }
45   
46       protected byte[] enc(CipherParameters publicKey, int... attributes) {
47           try {
48               PredicateOnlyEncryptionScheme engine = new HVEIP08PredicateOnlyEngine();
49               engine.init(true, new HVEIP08EncryptionParameters((HVEIP08PublicKeyParameters) publicKey, attributes));
50   
51               return engine.process();
52           } catch (InvalidCipherTextException e) {
53               throw new RuntimeException(e);
54           }
55       }
56   
57       protected boolean evaluate(CipherParameters searchKey, byte[] ct) {
58           try {
59               PredicateOnlyEncryptionScheme engine = new HVEIP08PredicateOnlyEngine();
60               engine.init(false, searchKey);
61   
62               return engine.evaluate(ct);
63           } catch (InvalidCipherTextException e) {
64               throw new RuntimeException(e);
65           }
66       }
67   
68   
69       protected HVEIP08Parameters genBinaryParam(int n) {
70           HVEIP08ParametersGenerator generator = new HVEIP08ParametersGenerator();
71           generator.init(n, PairingFactory.getPairingParameters("params/curves/a.properties"));
72   
73           return generator.generateParameters();
74       }
75   
76       protected int[][] createMatchingVectors(int n) {
77           int[][] result = new int[2][n];
78           Random random = new Random();
79   
80           for (int i = 0; i < n; i++) {
81               if (i != 0  && i != 1 && random.nextBoolean()) {
82                   // it's a star
83                   result[0][i] = -1;
84                   result[1][i] = random.nextInt(2);
85               } else {
86                   result[0][i] = random.nextInt(2);
87                   result[1][i] = result[0][i];
88               }
89           }
90           return result;
91       }
92   
93       protected int[][] createNonMatchingVectors(int n) {
94           int[][] result = new int[2][n];
95           Random random = new Random();
96           for (int i = 0; i < n; i++) {
97               if (i != 0  && i != 1 && random.nextBoolean()) {
98                   // it's a star
99                   result[0][i] = -1;
100                  result[1][i] = random.nextInt(2);
101              } else {
102                  result[0][i] = random.nextInt(2);
103                  result[1][i] = 1 - result[0][i];
104              }
105          }
106          return result;
107      }
108  
109  
110      public static void main(String[] args) {
111          HVEIP08 hveip08 = new HVEIP08();
112  
113          int n = 5;
114          AsymmetricCipherKeyPair keyPair = hveip08.setup(n);
115  
116          int[][] vectors = hveip08.createMatchingVectors(n);
117          assertEquals(true,
118                  hveip08.evaluate(
119                          hveip08.keyGen(keyPair.getPrivate(), vectors[0]),
120                          hveip08.enc(keyPair.getPublic(), vectors[1]))
121          );
122  
123          vectors = hveip08.createNonMatchingVectors(n);
124          assertEquals(false, hveip08.evaluate(
125                  hveip08.keyGen(keyPair.getPrivate(), vectors[0]),
126                  hveip08.enc(keyPair.getPublic(), vectors[1])))
127          ;
128      }
129  
130  
131  }
132  
133