The London Perl and Raku Workshop takes place on 26th Oct 2024. If your company depends on Perl, please consider sponsoring and/or attending.
 / 
Crypt-PBC-WIBE-0.1
River stage zero No dependents
/ Crypt::PBC::WIBE

NAME

Crypt::PBC::WIBE - Implementation of the Boneh-Gentry-Goh Wildcarded Identity-based Encryption scheme.

SYNOPSIS

    use Crypt::PBC::WIBE;

    # Create a new instance, generate public, master secret key
    my $wibe = new Crypt::PBC::WIBE( L => 2 );

    # Derive Key for Alice, Bob
    my $alice = $wibe->derive(1);
    my $bob = $wibe->derive(2);

    # Derive Subkey (notice: same ID!) for friend of alice
    my $carol = $alice->derive(1);

    # Recap: Alice now has the ID vector [1]
    # and carol (friend of alice) has [1,1]

    # Pattern: Allow all friends (*)
    my $pattern = ['*'];

    # Create a random element from Crypt::PBC
    my $msg = $wibe->pairing->init_GT->random;

    my $cipher = $wibe->encrypt_element($pattern, $msg);

    die "Alice should be able to decrypt"
    unless $alice->decrypt_element($cipher)->is_eq($msg);

    die "Carol must be unable to decrypt"
    if $carol->decrypt_element($cipher)->is_eq($msg);

OVERVIEW

This module provides an implementation to the Boneh–Boyen–Goh Wildcarded Identity-Based Encryption scheme as proposed by Abdalla et al., as appeared in Journal of Cryptology: Volume 24, Issue 1 , pp 42-82..

This implementation relies on the PBC library and thus, its Perl bindings Crypt::PBC.

DISCLAIMER

This module is part of a prototype implementation of the Boneh-Gentry-Goh WIBE. While it works fine in my tests, I advise against using it for anything productive other than experimental work.

I appreciate your input on anything you might encounter while using this module.

METHODS

The exposed methods described below follow the four algorithms from the paper closely.

new

Returns a WIBE instance. new() expects a parameter hash with at least the following pair set:

    B<L>: Pattern length / Maximum hierarchy of the encryption scheme.

and the following optional keys:

    B<pairing>: A Type-A pairing. Passed directly to L<Crypt::PBC::new()|Crypt::PBC/Crypt::PBC::new>.
    May be a pairing string, filehandle or filename.

    B<SK>, B<MPK>: Secret and Public Key of the system. If not set, they
    are generated through C<setup()>.

pairing

Returns the Type-A pairing used in this WIBE instance.

See "Pairing-Functions" in Crypt::PBC.

setup

Generates the mpk (public key) and msk (master secret key) of the WIBE system and stores them in the WIBE instance.

derive

Returns a WIBE instance for a derived ID element.

Required Parameters:

    B<next_id>: Next Identifier element in the hierarchy.

This serves as a shortcut for the following steps:

    B<1.)> Create a derived key C<SK[ID0, ... , IDi, next_id] = $self->key_derive(next_id)>.

    B<2.)> Create a new WIBE instance with the same public key
           and the derived secret key C<SK[ID0, .., IDi+1]>

    B<3.)> Returns that instance.

key_derive

Derive a key for the given ID element using the derivable secret key (DSK) of this instance.

Parameters:

    B<id>: Next Identifier element in the hierarchy.

Returns the derived key of size (sk - 1), which is a simple hash with the following keys:

    B<key>: The element_t secret key for the derived ID.
    B<ids>: Hierarchy of the secret key.

Example:

    - Alice derives an identity 1 (Zp) for Bob
      using the Master Key. (size |L| + 2)

    - Bob receives a secret key of size |L| + 1
      and its identity.

    - Bob derives an identity 0 (Zp) for Bob
      (i.e., the self key).

    -> Bob can decrypt for Pattern [1,*] or [1,0].

encrypt_element

Perform an encryption for an element in G1 using the WIBE scheme.

This key may later be expanded using HKDF and used in a symmetric AE scheme as a hybrid encryption scheme.

Parameters:

  - B<Pattern>: An arrayref of size L with one of:
    1.) C<'*'>, wildcard. Can be derived by any containing the parent pattern
    2.) An Identifier (int >= 0). Derived only by the owner of that identifier.

    B<Example>: For L=2, possible patterns are:

    B<['*','*']>: Decrypt possible with patterns matching C<'X.*'> or C<'X.Y'> for any C<X>.
    B<['X','*']>: Decrypt possible for X and any subkeys of id C<X>.
    B<['X', 0 ]>: Decrypt possible for subkey 0 of C<X>, which by convention is C<X.self>.

  - B<m>: An element of G1 to encrypt.

The resulting ciphertext of the encryption is a hashref.

decrypt_element

Recover the element of GT from the given ciphertext.

Required parameters:

    B<1.)> The ciphertext is a hashref with (P,C1,..C4) keys,
        as returned from the C<encrypt_element> method.

    B<2.)> The derived secret key of hierarchy length >= |P| as output from
        C<key_derive>.

Returns an element of GT. Use Crypt::PBC/Comparison-Functions to determine the success or failure of the decryption.

AUTHOR

Oliver Günther <mail@oliverguenther.de>

COPYRIGHT

Copyright (C) 2014 by Oliver Günther

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>.

SEE ALSO

    L<Crypt::PBC>

    http://crypto.stanford.edu/pbc/

    http://groups.google.com/group/pbc-devel

2 POD Errors

The following errors were encountered while parsing the POD:

Around line 58:

Non-ASCII character seen before =encoding in 'Boneh–Boyen–Goh'. Assuming UTF-8

Around line 425:

alternative text 'Crypt::PBC/Comparison-Functions' contains non-escaped | or /