Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/nucypher/nube


https://github.com/nucypher/nube

Last synced: about 1 year ago
JSON representation

Awesome Lists containing this project

README 

          
# Distributed key generation + proxy re-encryption



[![crate][rust-crate-image]][rust-crate-link] [![Docs][rust-docs-image]][rust-docs-link] ![License][rust-license-image] [![Build Status][rust-build-image]][rust-build-link] [![Coverage][rust-coverage-image]][rust-coverage-link]



`nube` is a Rust implementation of a proxy re-encryption algorithm with distributed key generation.

See `notes/dkg.lyx` for the scheme descriptioin.



[rust-crate-image]: https://img.shields.io/crates/v/nube.svg

[rust-crate-link]: https://crates.io/crates/nube

[rust-docs-image]: https://docs.rs/nube/badge.svg

[rust-docs-link]: https://docs.rs/nube/

[rust-license-image]: https://img.shields.io/crates/l/nube

[rust-build-image]: https://github.com/nucypher/nube/workflows/nube/badge.svg?branch=main&event=push

[rust-build-link]: https://github.com/nucypher/nube/actions?query=workflow%3Anube

[rust-coverage-image]: https://codecov.io/gh/nucypher/nube/branch/main/graph/badge.svg

[rust-coverage-link]: https://codecov.io/gh/nucypher/nube



## Usage example



```rust

use nube::{decrypt, encrypt, generate_kfrags, reencrypt, KeyMaker, RecipientSecretKey};



// In this example, we're going to create KeyFrags for a 2-of-3 PRE (T=2, N=3)

let threshold = 2;

let shares = 3;



//

// Keymakers

//



// Let's assume there's a DKG of Ñ=4 keymakers

let keymaker1 = KeyMaker::random();

let keymaker2 = KeyMaker::random();

let keymaker3 = KeyMaker::random();

let keymaker4 = KeyMaker::random();



//

// Encryptor

//



// Accumulate the encryption key

let key_parts = [

    keymaker1.encryption_key(),

    keymaker2.encryption_key(),

    keymaker3.encryption_key(),

    keymaker4.encryption_key(),

];



let encryption_key = &key_parts[0] + &key_parts[1] + &key_parts[2] + &key_parts[3];



// Now, Encryptor encrypts something with the DKG encryption key

// For simplicity, we don't deal with messages here but only with the computation

// of the secret factor used to derive the symmetric key that encrypts the message

// TODO: use the symmetric key to encrypt a ciphertext.

let (capsule, symmetric_key) = encrypt(&encryption_key);



//

// Recipient

//



// Recipient creates a secret key for decryption,

// and a public key that will be a target for keyslivers/keyfrags.

let recipient_sk = RecipientSecretKey::random();

let recipient_pk = recipient_sk.public_key();



//

// Author

//



// Author creates a label and sends it to Keymakers, requesting key slivers

let label = b"some label";



// Keymakers make key slivers intended for Recipient

let ksliver1 = keymaker1.make_key_sliver(label, &recipient_pk, threshold, shares);

let ksliver2 = keymaker2.make_key_sliver(label, &recipient_pk, threshold, shares);

let ksliver3 = keymaker3.make_key_sliver(label, &recipient_pk, threshold, shares);

let ksliver4 = keymaker4.make_key_sliver(label, &recipient_pk, threshold, shares);



// The slivers are sent back to the Author who repackages them into kfrags.

let kfrags = generate_kfrags(&[ksliver1, ksliver2, ksliver3, ksliver4]).unwrap();



//

// Proxies

//



// Proxies reencrypt the keyfrags.

let cfrag0 = reencrypt(&capsule, &kfrags[0]);

let _cfrag1 = reencrypt(&capsule, &kfrags[1]);

let cfrag2 = reencrypt(&capsule, &kfrags[2]);



//

// Recipient

//



// Recipient decryptis with 2 out of 3 cfrags

let decrypted_key = decrypt(&recipient_sk, &[cfrag0, cfrag2]).unwrap();



assert_eq!(symmetric_key, decrypted_key);

```