rabe is an Attribute Based Encryption library, written in Rust

Last update: Dec 15, 2022

Overview

Rabe

rabe is a rust library implementing several Attribute Based Encryption (ABE) schemes using a modified version of the bn library of zcash (type-3 pairing / Baretto Naering curve). The modification of bn brings in serde instead of the deprecated rustc_serialize.

This is a rust crate and comes with C bindings. For integration in distributed applications contact us.

Implemented Ciphertext Policy Schemes (CP-ABE)

BDABE CP-ABE

Georg Bramm, Mark Gall, Julian Schütte , "Blockchain based Distributed Attribute-based Encryption". In Proceedings of the 15th International Joint Conference on e-Business and Telecommunications (ICETE 2018) - Volume 2: SECRYPT, pages 99-110. Available from https://doi.org/10.5220/0006852602650276

AC17 CP-ABE

Shashank Agrawal, Melissa Chase, "FAME: Fast Attribute-based Message Encryption", (Section 3). In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security 2017. Available from https://eprint.iacr.org/2017/807.pdf

AW11 CP-ABE

Lewko, Allison, and Brent Waters, "Decentralizing Attribute-Based Encryption.", (Appendix D). In Eurocrypt 2011. Available from http://eprint.iacr.org/2010/351.pdf

BSW CP-ABE

John Bethencourt, Amit Sahai, Brent Waters, "Ciphertext-Policy Attribute-Based Encryption" In IEEE Symposion on Security and Privacy, 2007. Available from https://doi.org/10.1109/SP.2007.11

MKE08 CP-ABE

S Müller, S Katzenbeisser, C Eckert , "Distributed Attribute-based Encryption". Published in International Conference on Information Security and Cryptology, Heidelberg, 2008. Available from http://www2.seceng.informatik.tu-darmstadt.de/assets/mueller/icisc08.pdf

Implemented Key Policy Schemes (KP-ABE)

AC17 KP-ABE

Shashank Agrawal, Melissa Chase, "FAME: Fast Attribute-based Message Encryption". In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security 2017. Available from https://eprint.iacr.org/2017/807.pdf

LSW KP-ABE

Allison Lewko, Amit Sahai and Brent Waters, "Revocation Systems with Very Small Private Keys". In IEEE Symposium on Security and Privacy, 2010. SP'10. Available from http://eprint.iacr.org/2008/309.pdf

YCT14 KP-ABE

Xuanxia Yao, Zhi Chen, Ye Tian, "A lightweight attribute-based encryption scheme for the Internet of things". In Future Generation Computer Systems. Available from http://www.sciencedirect.com/science/article/pii/S0167739X14002039

Building rabe

In order to compile and test:

install rust nightly
git clone library
install build-essential
and then run 'cargo build && RUST_BACKTRACE=1 cargo test -- --nocapture'

In order to run on the console use

target/debug/rabe

For example, in order to create msk and pk of an AC17 KP-ABE scheme run:

$ ./target/debug/rabe --scheme AC17KP setup

Comments

Library fails to process policies with more than 60 attributes.

More or less. You need to create a policy with ~80 attributes to produces the bug and call encrypt/keygen, respectively. Unclear if this is a parser issue or scheme issue. Happens with AC17/BSW schemes (all).

opened by schanzen 8
About the AES dependency

I've been using this library for part of my Ph.D. research. it has proven very useful so far, but I was wondering about the AES cipher used underneath.

I've seen that rabe calls aes from aes-0.7.0. This crate only offers AES or AES-CTR. Seemed weird to me, and I have checked the newest version of aes crate and developers comment how:

This crate implements only the low-level block cipher function, and is intended for use for implementing higher-level constructions only. It is NOT intended for direct use in applications.

So now I'm wondering what mode of AES does Rabe use. Or whether at some point in the code you build AES-CBC or AES-GCM.

In case Rabe is using pure AES, since this is not recommended, are you planning on implementing AEADs?

BTW thanks for all the hard work 😄

opened by PekeDevil 2
YCT14 KP-ABE scheme is broken

Hello,

The YCT14 scheme was broken in [1] and a 'fixed' version was again broken in [2]. We have demonstrated how the attack can be implemented in practice in https://www.blackhat.com/eu-21/briefings/schedule/index.html#practical-attacks-against-attribute-based-encryption-25058.

[1] https://ieeexplore.ieee.org/document/8651482 [2] https://ieeexplore.ieee.org/document/9291064

opened by adelapie 1

CLI utilities do not work

The CLI tools do not work anymore for BSW and AC17 C/KP-ABE. Apparently, the added schemes cause this.

The problem: https://github.com/Fraunhofer-AISEC/rabe/blob/master/src/main.rs#L1228 This line fails with:

  0: std::sys::unix::backtrace::tracing::imp::unwind_backtrace
             at src/libstd/sys/unix/backtrace/tracing/gcc_s.rs:39
   1: std::sys_common::backtrace::_print
             at src/libstd/sys_common/backtrace.rs:71
   2: std::panicking::default_hook::{{closure}}
             at src/libstd/sys_common/backtrace.rs:59
             at src/libstd/panicking.rs:197
   3: std::panicking::default_hook
             at src/libstd/panicking.rs:211
   4: std::panicking::rust_panic_with_hook
             at src/libstd/panicking.rs:474
   5: std::panicking::continue_panic_fmt
             at src/libstd/panicking.rs:381
   6: std::panicking::begin_panic_fmt
             at src/libstd/panicking.rs:336
   7: rabe::main::read_file
             at src/main.rs:1574
   8: rabe::main::run_encrypt
             at src/main.rs:1228
   9: rabe::main::run
             at src/main.rs:406
  10: rabe::main
             at src/main.rs:393
  11: std::rt::lang_start::{{closure}}
             at /rustc/a53f9df32fbb0b5f4382caaad8f1a46f36ea887c/src/libstd/rt.rs:64
  12: std::panicking::try::do_call
             at src/libstd/rt.rs:49
             at src/libstd/panicking.rs:293
  13: __rust_maybe_catch_panic
             at src/libpanic_unwind/lib.rs:85
  14: std::rt::lang_start_internal
             at src/libstd/panicking.rs:272
             at src/libstd/panic.rs:394
             at src/libstd/rt.rs:48
  15: std::rt::lang_start
             at /rustc/a53f9df32fbb0b5f4382caaad8f1a46f36ea887c/src/libstd/rt.rs:64
  16: main
  17: __libc_start_main
  18: _start

Reason:

https://github.com/Fraunhofer-AISEC/rabe/blob/master/src/main.rs#L329

The wrong variable is assigned.

opened by schanzen 1

Preparation of crate.io release
This project depends on georgbramm/bn which is a fork of zcash-hackworks/bn. The former is not available as a crate, the latter seems to be not maintained anymore (the last PR is open for >2yrs).

Publishing to crates.io requires all dependencies to be available on crate.io as well. So, there are only two options:

Create a PR and convince the maintainers of zcash-hackworks to accept and publish it as a version bn:0.4.4

Publish georgbramm/bn as a whole new crate, say under the name bn-serde.

Include georgbramm/bn as a submodule into this project and bundle it into the published crate

This PR does (3).

(1) would obviously be favorable, but the chances of convincing the zcash authors to accept a major breaking PR in the near future are low.

(2) is irreversible and may lead to further confusion

(3) is not elegant, but it can easily be reverted in case an updated version of bn is published in the future
opened by JulianSchuette 1
Error in encrypt files

Hi. My name is Humberto. I am studying about ABE, and I get rabe-console to test it. But i don't take success in file encrypt e decryption. For example:

Start with:

$ rabe --s AC17CP setup $ rabe --s AC17CP keygen --a 'A B'

In the encryption example 1:

rabe --s AC17CP encrypt pk.key 'B' teste.doc

It finish at error:

error: The following required arguments were not provided:

USAGE: rabe encrypt [ARGS]

And other example, 2:

rabe encrypt pk.key "B" ./teste.doc

error: The following required arguments were not provided:

USAGE: rabe --s ~~encrypt [ARGS]~~

How to encrypt the teste.doc, and after decrypt it?

Would you add a full use scenario in the Rabe Console README file?

Thank you for attention.

~~opened by lindrix 0~~

Change some function signature

Hi, I'm writing a C-FFI binding for this project, but i think some function signature is not reasonable enough.

Example

pub fn keygen( _pk: &KpAbePublicKey, _msk: &KpAbeMasterKey, _policy: &String, _language: PolicyLanguage, ) -> Result<KpAbeSecretKey, RabeError>

the parameter _policy in this function is &String, but this function only need a immutable reference, i recommend use &str. Similarly, in this function:

pub fn encrypt( _gk: &Aw11GlobalKey, _pks: &Vec<Aw11PublicKey>, _policy: &String, _language: PolicyLanguage, _plaintext: &[u8], ) -> Result<Aw11Ciphertext, RabeError>

the type of _pks should be &[Aw11PublicKey] instead of &Vec<Aw11PublicKey>

Reason

I can construct a String from a *const c_char by let s = String::from_raw_parts(policy as *mut u8,len, len) during FFI calling.But, because this String not really own its memory, so we need a std::mem::forget(s) to make sure not free the memory passed by FFI calling.

If use &str, i can construct a slice from pointer directly and no need to care about memory.

Also, When i pass a array of pointer for &Vec<Aw11PublicKey>, i need to use Vec::from_raw_partsand not free the memory.

Not only in FFI, if i want to pass a let policy = "xxxxx", i also need to construct a String and pass it to function. But if the parameter is &str, i can pass policy directly.

And because String had impl trait Deref<str>, pass a &String to a &str is ok.

Similarly, use &Vec<T> instead of &[T] has the same problem. Such as &Vec<String>, all of these are FFI unfriendly and may cause unnecessary overhead under certain circumstances.

opened by Aya0wind 0

in order to create example, how to calculate time based on number of Attributes?

Hi, in order to create msk and pk of an AC17 KP-ABE scheme, I used all as you say but it is not working. it says "--scheme: command not found". where should I use this command? in my rabe path "ubuntu:~/rabe" ? I think the problem is path, I did what you said in "compile and test" and it is work and I have no problem with it. also I have another issue, how can I calculate time of run based on number of attributes? where can I change the number? I hope you help me in this, I used so many ways but none works and I can't change number of attributes. thanks

opened by karim14 1

cffi

Almost got cffi working, just missing 1 little thing, I guess...

from cffi import FFI ffi = FFI() ffi.cdef(""" struct CpAbeCiphertext; struct CpAbeContext; struct CpAbeSecretKey; struct CpAbeContext* rabe_bsw_context_create(); void rabe_bsw_context_destroy(struct CpAbeContext* ctx); struct CpAbeSecretKey* rabe_bsw_keygen(const struct CpAbeContext* ctx, const char* attributes); void rabe_bsw_keygen_destroy(void* sk); int32_t rabe_bsw_encrypt(const void* pk, char* policy, char* pt, int32_t pt_len, char** ct, int32_t *ct_len); int32_t rabe_bsw_decrypt(const struct CpAbeSecretKey* sk, const char* ct, uint32_t ct_len, char** pt_buf, uint32_t *pt_len); """) C = ffi.dlopen("librabe.so") ctx = C.rabe_bsw_context_create() print(ctx) sk = C.rabe_bsw_keygen(ctx, b"[ \"test1\", \"test2\", \"test3\" ]") print(sk) pt = b"testing123" ct = ffi.new("char **") ct_len = ??? output = C.rabe_bsw_encrypt(ctx, b"{\"OR\": [{\"ATT\": \"A\"}, {\"ATT\": \"B\"}]}", pt, len(pt), ct, ct_len) print(output)

How should I define ct_len?

opened by Sp0Q1 1

Releases(v0.3.1)

v0.3.1(May 30, 2022)

Latest version uses aes-gcm = "0.9.4" for symmetric encryption/decryption.
Source code(tar.gz)
Source code(zip)

v0.3.0(Mar 21, 2022)

Source code(tar.gz)
Source code(zip)

v0.2.6(Feb 11, 2021)

updated AES KEM: removed/replaced old rust-crypto (thx @dabch )

add console app again as sub-crate (in folder /console)

YCT14: added new KP-ABE IoT scheme by Yao et al.

Source code(tar.gz)
Source code(zip)

v0.2.2(Jul 31, 2020)

Released a new version 0.2.2 with:

a new policy language parser based on pest.

two available example policy languages (See human.policy.pest and json.policy.pest)

update all dependencies to current version

Source code(tar.gz)
Source code(zip)

0.1.2(May 27, 2019)

Current release of rabe v0.1.2
Source code(tar.gz)
Source code(zip)