Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Why there is no correctness_keys in result=capsule.to_bytes() #257

Open
Himan000 opened this issue May 30, 2020 · 10 comments
Open

Why there is no correctness_keys in result=capsule.to_bytes() #257

Himan000 opened this issue May 30, 2020 · 10 comments
Assignees
@cygnusv
Labels
question

Comments

@Himan000
Copy link

Himan000 commented May 30, 2020
edited
Loading

For capsule, when in Re-Encryption,

capsule.set_correctness_keys(delegating=alices_public_key,
                             receiving=bobs_public_key,
                             verifying=alices_verifying_key)

cfrags = list()           
for kfrag in kfrags[:10]:
  cfrag = pre.reencrypt(kfrag=kfrag, capsule=capsule)
  cfrags.append(cfrag)

if serialize capsule to file using,

save_file(capsule_path, capsule.to_bytes())

no correctness_keys serialize to bytes,

    def to_bytes(self) -> bytes:
        e, v, s = self.components()
        return e.to_bytes() + v.to_bytes() + s.to_bytes()

but Decryption by Bob need correctness_keys.

for cfrag in cfrags:
  capsule.attach_cfrag(cfrag)

bob_cleartext = pre.decrypt(ciphertext=ciphertext,
                            capsule=capsule,
                            decrypting_key=bobs_private_key)
assert bob_cleartext == plaintext

my code is,

def re_encryption(a_public_key_path, verifying_key_path, capsule_path, k_frags_path, b_public_key_path,
                  target_path="data"):
    a_public_key = UmbralPublicKey.from_bytes(load_file(a_public_key_path))
    capsule = Capsule.from_bytes(load_file(capsule_path), a_public_key.params)
    b_public_key = UmbralPublicKey.from_bytes(load_file(b_public_key_path))
    verifying_key = UmbralPublicKey.from_bytes(load_file(verifying_key_path))
    k_frags = KFrag.from_bytes(load_file(k_frags_path))
    k_frags_list = [k_frags]
    capsule.set_correctness_keys(delegating=a_public_key, receiving=b_public_key, verifying=verifying_key)

    c_frags = list()
    for rk_frag in k_frags_list:
        c_frag = pre.reencrypt(kfrag=rk_frag, capsule=capsule)
        c_frags.append(c_frag)

    alice = os.path.basename(a_public_key_path)
    if alice.endswith(".pub"):
        alice = alice[0:alice.index(".pub")]
    bob = os.path.basename(b_public_key_path)
    if bob.endswith(".pub"):
        bob = bob[0:bob.index(".pub")]

    save_file(os.path.join(target_path, "c_frags_" + alice + "2" + bob), c_frags[0].to_bytes())
    save_file(capsule_path, capsule.to_bytes())


def re_decryption(c_frags_path, cipher_text_path, capsule_path, b_private_key_path,
                  target_path="data"):
    c_frags = CapsuleFrag.from_bytes(load_file(c_frags_path))
    c_frags_list = [c_frags]
    b_private_key = UmbralPrivateKey.from_bytes(load_file(b_private_key_path))
    cipher_text = load_file(cipher_text_path)
    capsule = Capsule.from_bytes(load_file(capsule_path), b_private_key.params)

    for c_frag in c_frags_list:
        capsule.attach_cfrag(c_frag)

    b_plaintext = pre.decrypt(ciphertext=cipher_text,
                              capsule=capsule,
                              decrypting_key=b_private_key)
    file_name = get_file_name(cipher_text_path)
    if file_name.endswith(".ct"):
        file_name = file_name[0:file_name.index(".ct")]
    save_file(os.path.join(target_path, file_name), b_plaintext)


if __name__ == '__main__':
    gen_keys("alice", target_path="keys/alice", is_gen_sig=True)
    gen_keys("bob", target_path="keys/bob", is_gen_sig=False)
    encrypt("keys/alice/alice.pub", "keys/alice/m.txt", "keys/alice")
    decrypt("keys/alice/m.txt.ct", "keys/alice/m.txt.csl", "keys/alice/alice.key")
    gen_rk("keys/alice/alice.key", "keys/alice/alice.sig", "keys/bob/bob.pub", "keys/alice")
    re_encryption("keys/alice/alice.pub", "keys/alice/alice.vrf", "keys/alice/m.txt.csl",
                  "keys/alice/k_frags_alice2bob", "keys/bob/bob.pub", "keys/alice")
    re_decryption("keys/alice/c_frags_alice2bob", "keys/alice/m.txt.ct", "keys/alice/m.txt.csl",
                  "keys/bob/bob.key", "keys/bob")

So, how to serialize capsule with correctness_keys to bytes? Thanks.
@Himan000
Copy link
Author

Himan000 commented Jun 2, 2020
edited
Loading

Hi @KPrasch
Do you have any comment about above question?
I can add _cfrag_correctness_keys and _attached_cfrags to the Capsule.to_bytes() and Capsule.from_bytes(), but I want to make sure there is no misunderstanding about the serializer flow.
Thanks.

@cygnusv
Copy link
Member

cygnusv commented Jun 2, 2020

Hi @Himan000, when we designed the APIs for Umbral, we decided that both correctness keys and cfrags were just attached to the capsule on running time, and not when serialized. It's up to the developer/user to track these when using the capsule again.

In fact, we were talking today of potentially going even further and make the API completely stateless (hi @fjarri 👋 ).

@Himan000
Copy link
Author

Himan000 commented Jun 3, 2020
edited
Loading

Hi @cygnusv ,
Great!Looking forward to new version API. Thanks.

@fjarri fjarri mentioned this issue Jun 3, 2020
Closed
6 tasks
@Himan000
Copy link
Author

Himan000 commented Jun 4, 2020
edited
Loading

Hi @cygnusv ,
Does your team still support goUmbral? I found there is no update anymore in the past two years. And the installation command in goUmbral is fail.

@tuxxy
Copy link
Contributor

tuxxy commented Jun 4, 2020

@Himan000 Unfortunately, we do not maintain that implementation anymore. Do you have a need for a golang implementation of Umbral?

@Himan000
Copy link
Author

Himan000 commented Jun 5, 2020
edited
Loading

Hi @cygnusv ,
Yes. Because it's inconvenience that python as a client in Windows/OSX/Android app/iOS. Generating or Using PrivateKey/signing_key/kfrags should be kept in Client or wallet. If you have an up-to-date version of goUmbral or javaUmbral even jsUmbral, it would be perfect. If not, I have to find some tool to wrap or translate it. I'm studying WebAssembly for python and golang.

@Himan000
Copy link
Author

Hi @tuxxy ,
Do you have latest go version of umbral which can work well? pyUmbral can't work in WebAssembly but golang can. Please give me one if you have. Thanks.

@tuxxy
Copy link
Contributor

tuxxy commented Jun 11, 2020

GoUmbral is an incomplete project, I’m afraid. It used OpenSSL cgo bindings for secp256k1 which, unfortunately, make it likely not very usable for WebAssembly.

If there is a large demand for a WebAssembly variant of Umbral, I’m very interested in writing a Rust implementation over a Golang version. There has been some work by @vepkenez to produce a JavaScript version of Umbral, but I’m not familiar with the status of it.

@Himan000
Copy link
Author

Hi @tuxxy
Rust implementation is OK too becuase Rust can be converted to WebAssembly.
There is another problem. Becasue kfrags does not contain any info of reencrypt ciphertext, if proxy collaborates with Boy, they can use kfrags to decrypt any ciphertext of Alice.

Could you add a condition w to reencrypt ciphertext and kfrags so that one ciphertext is only for one kfrags?

@cygnusv
Copy link
Member

cygnusv commented Jun 11, 2020

Hi @Himan000,
We currently have something similar to that. When Alice creates the policy public key, she provides a label (which is very similar to a condition) and the kfrags for the policy are only applied to ciphertexts with that label.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@cygnusv cygnusv

Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@KPrasch @cygnusv @tuxxy @Himan000 and others