Fully Secure Anonymous HIBE and Secret-Key Anonymous IBE with Short Ciphertexts

Authors

A. De Caro and V. Iovino and G. Persiano

Abstract

Lewko and Waters [Eurocrypt 2010] presented a fully secure HIBE with short ciphertexts. In this paper we show how to modify their construction to achieve anonymity. We prove the security of our scheme under static (and generically secure) assumptions formulated in composite order bilinear groups. In addition, we present a fully secure Anonymous IBE in the secret-key setting. Secret-Key Anonymous IBE was implied by the work of [Shen-Shi-Waters - TCC 2009] which can be shown secure in the selective-id model. No previous fully secure construction of secret-key Anonymous IBE is known.

Usage


1    package it.unisa.dia.gas.crypto.jpbc.fe.ibe.dip10;
2    
3    import it.unisa.dia.gas.crypto.jpbc.fe.ibe.dip10.engines.AHIBEDIP10KEMEngine;
4    import it.unisa.dia.gas.crypto.jpbc.fe.ibe.dip10.generators.AHIBEDIP10KeyPairGenerator;
5    import it.unisa.dia.gas.crypto.jpbc.fe.ibe.dip10.generators.AHIBEDIP10SecretKeyGenerator;
6    import it.unisa.dia.gas.crypto.jpbc.fe.ibe.dip10.params.*;
7    import it.unisa.dia.gas.crypto.kem.KeyEncapsulationMechanism;
8    import it.unisa.dia.gas.jpbc.Element;
9    import it.unisa.dia.gas.jpbc.Pairing;
10   import it.unisa.dia.gas.plaf.jpbc.pairing.PairingFactory;
11   import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
12   import org.bouncycastle.crypto.CipherParameters;
13   import org.bouncycastle.crypto.InvalidCipherTextException;
14   
15   import java.util.Arrays;
16   
17   import static org.junit.Assert.*;
18   
19   
20   /**
21    * @author Angelo De Caro (jpbclib@gmail.com)
22    */
23   public class AHIBEDIP10 {
24   
25   
26       public AHIBEDIP10() {
27       }
28   
29   
30       public AsymmetricCipherKeyPair setup(int bitLength, int length) {
31           AHIBEDIP10KeyPairGenerator setup = new AHIBEDIP10KeyPairGenerator();
32           setup.init(new AHIBEDIP10KeyPairGenerationParameters(bitLength, length));
33   
34           return setup.generateKeyPair();
35       }
36   
37       public Element[] map(CipherParameters publicKey, String... ids) {
38           Pairing pairing = PairingFactory.getPairing(((AHIBEDIP10PublicKeyParameters) publicKey).getParameters());
39   
40           Element[] elements = new Element[ids.length];
41           for (int i = 0; i < elements.length; i++) {
42               byte[] id = ids[i].getBytes();
43               elements[i] = pairing.getZr().newElementFromHash(id, 0, id.length);
44           }
45           return elements;
46       }
47   
48   
49       public CipherParameters keyGen(AsymmetricCipherKeyPair masterKey, Element... ids) {
50           AHIBEDIP10SecretKeyGenerator generator = new AHIBEDIP10SecretKeyGenerator();
51           generator.init(new AHIBEDIP10SecretKeyGenerationParameters(
52                   (AHIBEDIP10MasterSecretKeyParameters) masterKey.getPrivate(),
53                   (AHIBEDIP10PublicKeyParameters) masterKey.getPublic(),
54                   ids
55           ));
56   
57           return generator.generateKey();
58       }
59   
60       public CipherParameters delegate(AsymmetricCipherKeyPair masterKey, CipherParameters secretKey, Element id) {
61           AHIBEDIP10SecretKeyGenerator generator = new AHIBEDIP10SecretKeyGenerator();
62           generator.init(new AHIBEDIP10DelegateGenerationParameters(
63                   (AHIBEDIP10PublicKeyParameters) masterKey.getPublic(),
64                   (AHIBEDIP10SecretKeyParameters) secretKey,
65                   id
66           ));
67   
68           return generator.generateKey();
69       }
70   
71       public byte[][] encaps(CipherParameters publicKey, Element... ids) {
72           try {
73               KeyEncapsulationMechanism kem = new AHIBEDIP10KEMEngine();
74               kem.init(true, new AHIBEDIP10EncryptionParameters((AHIBEDIP10PublicKeyParameters) publicKey, ids));
75   
76               byte[] ciphertext = kem.process();
77   
78               assertNotNull(ciphertext);
79               assertNotSame(0, ciphertext.length);
80   
81               byte[] key = Arrays.copyOfRange(ciphertext, 0, kem.getKeyBlockSize());
82               byte[] ct = Arrays.copyOfRange(ciphertext, kem.getKeyBlockSize(), ciphertext.length);
83   
84               return new byte[][]{key, ct};
85           } catch (InvalidCipherTextException e) {
86               e.printStackTrace();
87               fail(e.getMessage());
88           }
89           return null;
90       }
91   
92       public byte[] decaps(CipherParameters secretKey, byte[] cipherText) {
93           try {
94               KeyEncapsulationMechanism kem = new AHIBEDIP10KEMEngine();
95   
96               kem.init(false, secretKey);
97               byte[] key = kem.processBlock(cipherText);
98   
99               assertNotNull(key);
100              assertNotSame(0, key.length);
101  
102              return key;
103          } catch (InvalidCipherTextException e) {
104              e.printStackTrace();
105              fail(e.getMessage());
106          }
107  
108          return null;
109      }
110  
111  
112      public static void main(String[] args) {
113          AHIBEDIP10 engine = new AHIBEDIP10();
114  
115          // Setup
116          AsymmetricCipherKeyPair keyPair = engine.setup(64, 3);
117  
118          // KeyGen
119          Element[] ids = engine.map(keyPair.getPublic(), "angelo", "de caro", "unisa");
120  
121          CipherParameters sk0 = engine.keyGen(keyPair, ids[0]);
122          CipherParameters sk01 = engine.keyGen(keyPair, ids[0], ids[1]);
123          CipherParameters sk012 = engine.keyGen(keyPair, ids[0], ids[1], ids[2]);
124  
125          CipherParameters sk1 = engine.keyGen(keyPair, ids[1]);
126          CipherParameters sk10 = engine.keyGen(keyPair, ids[1], ids[0]);
127          CipherParameters sk021 = engine.keyGen(keyPair, ids[0], ids[2], ids[1]);
128  
129          // Encryption/Decryption
130          byte[][] ciphertext0 = engine.encaps(keyPair.getPublic(), ids[0]);
131          byte[][] ciphertext01 = engine.encaps(keyPair.getPublic(), ids[0], ids[1]);
132          byte[][] ciphertext012 = engine.encaps(keyPair.getPublic(), ids[0], ids[1], ids[2]);
133  
134          // Decrypt
135          assertEquals(true, Arrays.equals(ciphertext0[0], engine.decaps(sk0, ciphertext0[1])));
136          assertEquals(true, Arrays.equals(ciphertext01[0], engine.decaps(sk01, ciphertext01[1])));
137          assertEquals(true, Arrays.equals(ciphertext012[0], engine.decaps(sk012, ciphertext012[1])));
138  
139          assertEquals(false, Arrays.equals(ciphertext0[0], engine.decaps(sk1, ciphertext0[1])));
140          assertEquals(false, Arrays.equals(ciphertext01[0], engine.decaps(sk10, ciphertext01[1])));
141          assertEquals(false, Arrays.equals(ciphertext012[0], engine.decaps(sk021, ciphertext012[1])));
142  
143          // Delegate/Decrypt
144          assertEquals(true, Arrays.equals(ciphertext01[0], engine.decaps(engine.delegate(keyPair, sk0, ids[1]), ciphertext01[1])));
145          assertEquals(true, Arrays.equals(ciphertext012[0], engine.decaps(engine.delegate(keyPair, sk01, ids[2]), ciphertext012[1])));
146          assertEquals(true, Arrays.equals(ciphertext012[0], engine.decaps(engine.delegate(keyPair, engine.delegate(keyPair, sk0, ids[1]), ids[2]), ciphertext012[1])));
147  
148          assertEquals(false, Arrays.equals(ciphertext01[0], engine.decaps(engine.delegate(keyPair, sk0, ids[0]), ciphertext01[1])));
149          assertEquals(false, Arrays.equals(ciphertext012[0], engine.decaps(engine.delegate(keyPair, sk01, ids[1]), ciphertext012[1])));
150          assertEquals(false, Arrays.equals(ciphertext012[0], engine.decaps(engine.delegate(keyPair, engine.delegate(keyPair, sk0, ids[2]), ids[1]), ciphertext012[1])));
151      }
152  
153  
154  }