{"id":16672534,"url":"https://github.com/jezachen/ssepy","last_synced_at":"2025-03-21T17:32:57.434Z","repository":{"id":38368903,"uuid":"468215646","full_name":"JezaChen/SSEPy","owner":"JezaChen","description":"SSEPy: Implementation of searchable symmetric encryption in pure Python","archived":false,"fork":false,"pushed_at":"2024-04-03T11:41:01.000Z","size":331,"stargazers_count":70,"open_issues_count":0,"forks_count":8,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-03-18T03:22:31.202Z","etag":null,"topics":["cryptography","encryption","python","searchable-encryption","searchable-symmetric-encryption","security","sse"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/JezaChen.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-03-10T06:07:16.000Z","updated_at":"2025-03-11T08:39:05.000Z","dependencies_parsed_at":"2024-10-28T11:28:07.623Z","dependency_job_id":"bbdf718f-2b67-4828-919d-ae39e2286d88","html_url":"https://github.com/JezaChen/SSEPy","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JezaChen%2FSSEPy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JezaChen%2FSSEPy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JezaChen%2FSSEPy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JezaChen%2FSSEPy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/JezaChen","download_url":"https://codeload.github.com/JezaChen/SSEPy/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":244838773,"owners_count":20518881,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cryptography","encryption","python","searchable-encryption","searchable-symmetric-encryption","security","sse"],"created_at":"2024-10-12T12:06:28.838Z","updated_at":"2025-03-21T17:32:56.977Z","avatar_url":"https://github.com/JezaChen.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# SSEPy: Implementation of searchable symmetric encryption in pure Python\n\n![SSEPy Logo](https://s3.bmp.ovh/imgs/2022/03/885a91b23aff75d2.jpg)\n\nSource Code: https://github.com/JezaChen/SSEPy\n\nSearchable symmetric encryption, one of the research hotspots in applied cryptography, has continued to be studied for two decades. A number of excellent SSE schemes have emerged, enriching functionality and optimizing performance. However, many SSE schemes have not been implemented concretely and are generally stuck in the prototype implementation stage, and worse, most SSE schemes are not publicly available in source code. Based on this foundation, this project first implements SSE schemes (first single-keyword, then multi-keyword) published in top conferences and journals, and then implements them into concrete applications. I hope that this project will provide a good aid for researchers as well as a reference for industry.\n\nThis is a project that is moving forward...\n\n## Usage\n\n### Environment\n\n- Python 3.8+\n- OpenSSL\n- libffi\n- build-essential (for Debain), build-base (for Alpine)\n\n### Install Required Packages\nBefore running, you need to install the necessary packages\n\n```shell\npip3 install -r requirements.txt\n```\n\n### Adjust global configuration\n\nThe global configuration file is on global_config.py, \nwhich is divided into client-side global configuration and server-side global configuration.\nThe example files are as follows:\n\n```python\nimport logging\n\n\n# FOR CLIENT\nclass ClientConfig:\n    SERVER_URI = \"ws://localhost:8001\"\n    CONSOLE_LOG_LEVEL = logging.WARNING\n    FILE_LOG_LEVEL = logging.INFO\n\n\n# FOR SERVER\nclass ServerConfig:\n    HOST = \"\"\n    PORT = 8001\n```\n\nAmong them, ClientConfig indicates the client configuration,\nwhere `SERVER_URI` indicates the WebSocket address of the server, \n`CONSOLE_LOG_LEVEL` indicates the console log output level, \nand `FILE_LOG_LEVEL` indicates the file log output level;\n`ServerConfig` indicates the server configuration, \nwhere `HOST` indicates the listening address, \nand `PORT` indicates the bound port.\n\n### Server\n\nThe server just needs to run `run_server.py`\n\n#### Run Server\n```shell\n python3 run_server.py start\n```\n\n### Client\n\n#### 1. Generate Config File\n\nThe CLI command `generate-config` generates a default configuration file \nby giving the SSE scheme name and \nconfiguration file output path. \nThe user can then open the configuration file and modify it as needed.\n\n- command: `generate-config`\n- options:\n  - `--scheme`: the name of the SSE scheme\n  - `--save-path`: the path where the configuration file is saved\n- example:\n    ```\n    python3 run_client.py generate-config --scheme CJJ14.PiBas --save-path cjj14_config\n\n    \u003e\u003e\u003e Create default config of CJJ14.PiBas successfully.\n    ```\n  \n  The default configuration of the PiBas scheme is as follows:\n  \n  ```json\n  {\n    \"scheme\": \"CJJ14.PiBas\", \n    \"param_lambda\": 32, \n    \"prf_f_output_length\": 32,\n    \"prf_f\": \"HmacPRF\",\n    \"ske\": \"AES-CBC\"\n  }\n  ```\n\n#### 2. According to the configuration, create an SSE service\n\nGiven a configuration file path, \nthe client CLI command `create-service` creates a service \nand returns the service id (sid).\n\n- command: `create-service`\n- options:\n  - `--config`: the file path of configuration\n  - `--sname`: service name, an alias of service id\n- returns: the sid of the created service\n- example:\n    ```\n    python3 run_client.py create-service --config cjj14_config --sname pibas_s0\n\n    \u003e\u003e\u003e Create service e9cbf76d6578ba967f5a1d80250096f59a0524cea9c8a4d47f0bf92c157f1959 successfully.\n    \u003e\u003e\u003e sid: e9cbf76d6578ba967f5a1d80250096f59a0524cea9c8a4d47f0bf92c157f1959\n    \u003e\u003e\u003e sname: pibas_s0\n    ```\n    where `e9cbf76d6578ba967f5a1d80250096f59a0524cea9c8a4d47f0bf92c157f1959` is the service id\n\n\n#### 3. Upload configuration file\n\nAfter the configuration file is created, the user can use the `upload-config` command, \nenter the sid (service id) or sname (service name), and the CLI uploads the configuration file of the service to the server.\n\n- command: `upload-config`\n- options:\n  - `--sid` or `--sname`: (choose one of two) the service id or service name\n- example:\n  ```\n  python3 run_client.py upload-config --sname pibas_s0\n\n  \u003e\u003e\u003e Upload config successfully\n  ```\n\n#### 4. Create SSE Key\n\nAfter the configuration file is created, the user can use the command `generate-key`, \nenter the sid or sname, and the CLI will generate the SSE key.\n\n- command: `generate-key`\n- options:\n  - `--sid` or `--sname`: (choose one of two) the service id or service name\n- example:\n  ```\n  python3 run_client.py generate-key --sname pibas_s0\n  \n  \u003e\u003e\u003e Generate key successfully.\n  ```\n\n#### 5. Generate Encrypted Database\n\nAfter creating the configuration file and key, the user can use the command `encrypt-database`, \nenter the sid (or sname) and database path, and the CLI will generate an encrypted database.\n\n- command: `encrypt-database`\n- options:\n  - `--sid` or `--sname`: (choose one of two) the service id or service name\n  - `--db-path`: the file path of database\n- example:\n  ```\n  python3 run_client.py encrypt-database --sname pibas_s0 --db-path example_db.json\n  \n  \u003e\u003e\u003e Encrypted Database successfully.\n  ```\n\nCurrently, the database is a json file. \nOur project provides an example database example_db.json, the content is as follows.\n\n```json\n{\n  \"China\": [\n    \"3A4B1ACC\",\n    \"2DDD1FFF\",\n    \"1122AA4B\",\n    \"C2C2C2C2\"\n  ],\n  \"Github\": [\n    \"1A1ADD2C\",\n    \"2222CC1F\"\n  ],\n  \"Chen\": [\n    \"1BB2BB2B\",\n    \"23327878\",\n    \"88771ABB\"\n  ]\n}\n```\nThe database consists of a dictionary where the keys are utf-8 strings \nand the values are an array whose elements are hex strings (don't start with `0x`).\n\n#### 6. Upload Encrypted Database\n\nAfter the database is created, the user can use the command `upload-encrypted-database`, \nenter the sid, and the CLI will upload the encrypted database to the server.\n\n- command: `upload-encrypted-database`\n- options:\n  - `--sid` or `--sname`: (choose one of two) the service id or service name\n- example:\n  ```\n  python3 run_client.py upload-encrypted-database --sname pibas_s0\n  \n  \u003e\u003e\u003e Upload encrypted database successfully\n  ```\n\n#### 7. Keyword Search\n\nAfter the encrypted database is uploaded, the user can use the `search` command, \nenter a keyword (currently only single-keyword search is supported) \nand the sid, encrypt it into a token and upload it to the server for searching.\n\n- command: `search`\n- options:\n  - `--sid` or `--sname`: (choose one of two) the service id or service name\n  - `--keyword`: the query keyword\n- example:\n  ```\n  python3 run_client.py search --keyword Chen --sname pibas_s0\n  \n  \u003e\u003e\u003e The result is [b'\\x1b\\xb2\\xbb+', b'#2xx', b'\\x88w\\x1a\\xbb'].\n  ```\n\n## Implemented schemes\n\n### Single-keyword Static SSE Schemes\n\n- (Completed) SSE-1 and SSE-2 in \\[CGKO06\\]: Curtmola, Reza, et al. \"Searchable symmetric encryption: improved definitions and efficient constructions.\" Proceedings of the 13th ACM conference on Computer and communications security. 2006.\n- (Completed) Schemes PiBas, PiPack, PiPtr and Pi2Lev in \\[CJJ+14\\]: Cash, David, et al. \"Dynamic Searchable Encryption in Very-Large Databases: Data Structures and Implementation.\" (2014).\n- (Completed) Scheme Pi in \\[CT14\\]: Cash, David, and Stefano Tessaro. \"The locality of searchable symmetric encryption.\" Annual international conference on the theory and applications of cryptographic techniques. Springer, Berlin, Heidelberg, 2014.\n- (Completed) Scheme 3 (Section 5, Construction 5.1) in \\[ANSS16\\]: Asharov, Gilad, et al. \"Searchable symmetric encryption: optimal locality in linear space via two-dimensional balanced allocations.\" Proceedings of the forty-eighth annual ACM symposium on Theory of Computing. 2016.\n- (Completed) Scheme in \\[DP17\\]: Demertzis, Ioannis, and Charalampos Papamanthou. \"Fast searchable encryption with tunable locality.\" Proceedings of the 2017 ACM International Conference on Management of Data. 2017.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjezachen%2Fssepy","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjezachen%2Fssepy","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjezachen%2Fssepy/lists"}