Unbounded HIBE and Attribute-Based Encryption

Authors

A. Lewko and B. Waters

Abstract

In this work, we present HIBE and ABE schemes which are ``unbounded" in the sense that the public parameters do not impose additional limitations on the functionality of the systems. In all previous constructions of HIBE in the standard model, a maximum hierarchy depth had to be fixed at setup. In all previous constructions of ABE in the standard model, either a small universe size or a bound on the size of attribute sets had to be fixed at setup. Our constructions avoid these limitations. We use a nested dual system encryption argument to prove full security for our HIBE scheme and selective security for our ABE scheme, both in the standard model and relying on static assumptions. Our ABE scheme supports LSSS matrices as access structures and also provides delegation capabilities to users.

Usage


1    package it.unisa.dia.gas.crypto.arcanum.fe.ibe.lw11;
2    
3    import it.unisa.dia.gas.crypto.arcanum.fe.ibe.lw11.engines.UHIBELW11KEMEngine;
4    import it.unisa.dia.gas.crypto.arcanum.fe.ibe.lw11.generators.UHIBELW11KeyPairGenerator;
5    import it.unisa.dia.gas.crypto.arcanum.fe.ibe.lw11.generators.UHIBELW11SecretKeyGenerator;
6    import it.unisa.dia.gas.crypto.arcanum.fe.ibe.lw11.params.*;
7    import it.unisa.dia.gas.crypto.kem.KeyEncapsulationMechanism;
8    import Element;
9    import Pairing;
10   import PairingFactory;
11   import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
12   import org.bouncycastle.crypto.CipherParameters;
13   import org.bouncycastle.crypto.InvalidCipherTextException;
14   
15   import java.util.Arrays;
16   
17   import static org.junit.Assert.*;
18   
19   /**
20    * @author Angelo De Caro (arcanumlib@gmail.com)
21    */
22   public class UHIBELW11 {
23   
24   
25       public UHIBELW11() {
26       }
27   
28   
29       public AsymmetricCipherKeyPair setup(int bitLength) {
30           UHIBELW11KeyPairGenerator setup = new UHIBELW11KeyPairGenerator();
31           setup.init(new UHIBELW11KeyPairGenerationParameters(bitLength));
32   
33           return setup.generateKeyPair();
34       }
35   
36       public Element[] map(CipherParameters publicKey, String... ids) {
37           Pairing pairing = PairingFactory.getPairing(((UHIBELW11PublicKeyParameters) publicKey).getParameters());
38   
39           Element[] elements = new Element[ids.length];
40           for (int i = 0; i < elements.length; i++) {
41               byte[] id = ids[i].getBytes();
42               elements[i] = pairing.getZr().newElementFromHash(id, 0, id.length);
43           }
44           return elements;
45       }
46   
47   
48       public CipherParameters keyGen(AsymmetricCipherKeyPair masterKey, Element... ids) {
49           UHIBELW11SecretKeyGenerator generator = new UHIBELW11SecretKeyGenerator();
50           generator.init(new UHIBELW11SecretKeyGenerationParameters(
51                   (UHIBELW11MasterSecretKeyParameters) masterKey.getPrivate(),
52                   (UHIBELW11PublicKeyParameters) masterKey.getPublic(),
53                   ids
54           ));
55   
56           return generator.generateKey();
57       }
58   
59       public CipherParameters delegate(AsymmetricCipherKeyPair masterKey, CipherParameters secretKey, Element id) {
60           UHIBELW11SecretKeyGenerator generator = new UHIBELW11SecretKeyGenerator();
61           generator.init(new UHIBELW11DelegateGenerationParameters(
62                   (UHIBELW11PublicKeyParameters) masterKey.getPublic(),
63                   (UHIBELW11SecretKeyParameters) secretKey,
64                   id
65           ));
66   
67           return generator.generateKey();
68       }
69   
70       public byte[][] encaps(CipherParameters publicKey, Element... ids) {
71           try {
72               KeyEncapsulationMechanism kem = new UHIBELW11KEMEngine();
73               kem.init(true, new UHIBELW11EncryptionParameters((UHIBELW11PublicKeyParameters) publicKey, ids));
74   
75               byte[] ciphertext = kem.process();
76   
77               assertNotNull(ciphertext);
78               assertNotSame(0, ciphertext.length);
79   
80               byte[] key = Arrays.copyOfRange(ciphertext, 0, kem.getKeyBlockSize());
81               byte[] ct = Arrays.copyOfRange(ciphertext, kem.getKeyBlockSize(), ciphertext.length);
82   
83               return new byte[][]{key, ct};
84           } catch (InvalidCipherTextException e) {
85               e.printStackTrace();
86               fail(e.getMessage());
87           }
88           return null;
89       }
90   
91       public byte[] decaps(CipherParameters secretKey, byte[] cipherText) {
92           try {
93               KeyEncapsulationMechanism kem = new UHIBELW11KEMEngine();
94   
95               kem.init(false, secretKey);
96               byte[] key = kem.processBlock(cipherText);
97   
98               assertNotNull(key);
99               assertNotSame(0, key.length);
100  
101              return key;
102          } catch (InvalidCipherTextException e) {
103              e.printStackTrace();
104              fail(e.getMessage());
105          }
106  
107          return null;
108      }
109  
110      public static void main(String[] args) {
111          UHIBELW11 engine = new UHIBELW11();
112  
113         // Setup
114          AsymmetricCipherKeyPair keyPair = engine.setup(32);
115  
116          // KeyGen
117          Element[] ids = engine.map(keyPair.getPublic(), "angelo", "de caro", "unisa");
118  
119          CipherParameters sk0 = engine.keyGen(keyPair, ids[0]);
120          CipherParameters sk01 = engine.keyGen(keyPair, ids[0], ids[1]);
121          CipherParameters sk012 = engine.keyGen(keyPair, ids[0], ids[1], ids[2]);
122  
123          CipherParameters sk1 = engine.keyGen(keyPair, ids[1]);
124          CipherParameters sk10 = engine.keyGen(keyPair, ids[1], ids[0]);
125          CipherParameters sk021 = engine.keyGen(keyPair, ids[0], ids[2], ids[1]);
126  
127          // Encryption/Decryption
128          byte[][] ciphertext0 = engine.encaps(keyPair.getPublic(), ids[0]);
129          byte[][] ciphertext01 = engine.encaps(keyPair.getPublic(), ids[0], ids[1]);
130          byte[][] ciphertext012 = engine.encaps(keyPair.getPublic(), ids[0], ids[1], ids[2]);
131  
132          // Decrypt
133          assertEquals(true, Arrays.equals(ciphertext0[0], engine.decaps(sk0, ciphertext0[1])));
134          assertEquals(true, Arrays.equals(ciphertext01[0], engine.decaps(sk01, ciphertext01[1])));
135          assertEquals(true, Arrays.equals(ciphertext012[0], engine.decaps(sk012, ciphertext012[1])));
136  
137          assertEquals(false, Arrays.equals(ciphertext0[0], engine.decaps(sk1, ciphertext0[1])));
138          assertEquals(false, Arrays.equals(ciphertext01[0], engine.decaps(sk10, ciphertext01[1])));
139          assertEquals(false, Arrays.equals(ciphertext012[0], engine.decaps(sk021, ciphertext012[1])));
140  
141          // Delegate/Decrypt
142          assertEquals(true, Arrays.equals(ciphertext01[0], engine.decaps(engine.delegate(keyPair, sk0, ids[1]), ciphertext01[1])));
143          assertEquals(true, Arrays.equals(ciphertext012[0], engine.decaps(engine.delegate(keyPair, sk01, ids[2]), ciphertext012[1])));
144          assertEquals(true, Arrays.equals(ciphertext012[0], engine.decaps(engine.delegate(keyPair, engine.delegate(keyPair, sk0, ids[1]), ids[2]), ciphertext012[1])));
145  
146          assertEquals(false, Arrays.equals(ciphertext01[0], engine.decaps(engine.delegate(keyPair, sk0, ids[0]), ciphertext01[1])));
147          assertEquals(false, Arrays.equals(ciphertext012[0], engine.decaps(engine.delegate(keyPair, sk01, ids[1]), ciphertext012[1])));
148          assertEquals(false, Arrays.equals(ciphertext012[0], engine.decaps(engine.delegate(keyPair, engine.delegate(keyPair, sk0, ids[2]), ids[1]), ciphertext012[1])));
149      }
150  
151  }