nach oben

Erschienen in:

01.06.2013 | Regular Paper

Charm: a framework for rapidly prototyping cryptosystems

verfasst von: Joseph A. Akinyele, Christina Garman, Ian Miers, Matthew W. Pagano, Michael Rushanan, Matthew Green, Aviel D. Rubin

Erschienen in: Journal of Cryptographic Engineering | Ausgabe 2/2013

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

We describe Charm, an extensible framework for rapidly prototyping cryptographic systems. Charm provides a number of features that explicitly support the development of new protocols, including support for modular composition of cryptographic building blocks, infrastructure for developing interactive protocols, and an extensive library of re-usable code. Our framework also provides a series of specialized tools that enable different cryptosystems to interoperate. We implemented over 40 cryptographic schemes using Charm, including some new ones that, to our knowledge, have never been built in practice. This paper describes our modular architecture, which includes a built-in benchmarking module to compare the performance of Charm primitives to existing C implementations. We show that in many cases our techniques result in an order of magnitude decrease in code size, while inducing an acceptable performance impact. Lastly, the Charm framework is freely available to the research community and to date, we have developed a large, active user base.

Vorheriger Artikel Improving cross-device attacks using zero-mean unit-variance normalization

Nächster Artikel Minimizing performance overhead in memory encryption

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Nur mit Berechtigung zugänglich

Project webpage: http://charm-crypto.com.

A dedicated module to support lattice-based cryptography is in preparation for a future release.

Nor are we the first to import cryptographic operations into Python. See, for example, [37, 71].

It is also well supported. Our experiments show that there have been significant performance improvements between Python 2.x and 3.x. Charm supports both versions for backwards compatibility with legacy applications.

For consistency, group operations are always specified in multiplicative notation, thus \(*\) is used for EC point addition and \(**\) for point multiplication. This makes it easy to switch between group settings.

For more scheme implementations, see http://jhuisi.github.com/charm/schemes.html.

In practice, we first compile to bytecode, then execute. This reduces overhead for proofs that will be conducted multiple times.

Clearly the verifier does not have access to the secret variables. We address this later in this section.

In some cases, evaluation of a scheme depends on the scheme’s public key.

The value \(r\) is typically a large prime.

On a call to encrypt or keygen the adapter simply hashes an arbitrary string into an element of \(\mathbb{Z }_r\), then passes the result to the underlying IBE scheme. This technique and its security implications are described in [17].

Naor [40] observed that adaptively-secure IBE can be converted into a signature scheme by using the IBE key extraction algorithm for signing.

http://www.cs.auckland.ac.nz/~pgut001/cryptlib/.

http://www.rsa.com/rsalabs/node.asp?id=2301.

http://www.cryptix.org/.

http://www.bouncycastle.org/.

http://charm-crypto.com/Documentation.html.

The Advanced Crypto Software Collection. http://acsc.cs.utexas.edu/

Acar, T., Belenkiy, M., Bellare, M., Cash, D.: Cryptographic agility and its relation to circular encryption. In: EUROCRYPT (2010)

Acar, T., Fournet, C., Shumow, D.: Design and verication of a crypto-agile distributed key manager (2011)

Akinyele, J.A., Green, M., Rubin, A.: Charm-crypto framework. http://eprint.iacr.org/2011/617

Almeida, J.B., Bangerter, E., Barbosa, M., Krenn, S., Sadeghi, A.-R., Schneider, T.A.: Certifying compiler for zero-knowledge proofs of knowledge based on \(\Sigma \)-protocols. In: Proceedings of the 15th European conference on Research in Computer Security, ESORICS, pp. 151–167. Springer, Berlin (2010)

Aranha, D.F., Gouvêa, C.P.L.: RELIC is an efficient library for cryptography. http://code.google.com/p/relic-toolkit/

Ateniese, G., de Medeiros, B.: On the key exposure problem in chameleon hashes. In: SCN. LNCS vol. 3352, pp. 165–179. Springer, Berlin (2004)

Bangerter, E., Barzan, S., Sadeghi, A., Schneider, T., Tsay, J.: Bringing zero-knowledge proofs of knowledge to practice. In: 17th International Workshop on Security Protocols (2009)

Bangerter, E., Camenisch, J., Krenn, S., Sadeghi, A.-R., Schneider, T.: Automatic generation of sound zero-knowledge protocols. Cryptology ePrint Archive, Report 2008/471 (2008). http://eprint.iacr.org/

10.

Bellare, M., Rogaway, P.: Optimal asymmetric encryption padding—how to encrypt with rsa. In: EUROCRYPT, pp. 92–111 (1994)

11.

Bellare, M., Rogaway, P.: The exact security of digital signatures: how to sign with RSA and Rabin. In: Maurer, U (ed.) EUROCRYPT. LNCS, vol. 1070. Springer, Berlin (1996)

12.

Bernstein, D.J., Lange, T., Schwabe, P.: The security impact of a new cryptographic library. In: Hevia, A., Neven, G. (eds.) Progress in cryptology—LATINCRYPT. Lecture Notes in Computer Science. Springer, Berlin (2012, to appear). Document ID: 5f6fc69cc5a319aecba43760c56fab04, http://cryptojedi.org/papers/

13.

Bethencourt, J.: Libpaillier (2006)

14.

Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: Proceedings of the 2007 IEEE Symposium on Security and Privacy, pp. 321–334. IEEE Computer Society, New York (2007)

15.

Bethencourt, J., Song, D., Waters, B.: Analysis-resistant malware. In: NDSS (2008)

16.

Blakley, G., Chaum, D., ElGamal, T.: A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms, vol. 196, pp. 10–18. Springer, Berlin (1985)

17.

Boneh, D., Boyen, X.: Efficient selective-ID secure identity-based encryption without random oracles. In: EUROCRYPT. LNCS, vol. 3027, pp. 223–238 (2004)

18.

Boneh, D., Boyen, X., Shacham, H.: Short group signatures. In: CRYPTO. LNCS, vol. 3152, pp. 45–55 (2004)

19.

Boneh, D., Franklin, M.K.: Identity-based encryption from the Weil Pairing. In: CRYPTO. LNCS, vol. 2139, pp. 213–229 (2001)

20.

Boneh, D., Katz, J.: Improved efficiency for cca-secure cryptosystems built using identity based encryption. In: CT-RSA. LNCS, vol. 3376. Springer, Berlin (2005)

21.

Boneh, D., Lynn, B., Shacham, H.: Short signatures from the Weil Pairing. In: ASIACRYPT. LNCS, vol. 2248, pp. 514–532 (2001)

22.

Boyen, X.: Mesh signatures: how to leak a secret with unwitting and unwilling participants. In: EUROCRYPT. LNCS, vol. 4515, pp. 210–227. Springer, Berlin (2007)

23.

Brassard, G., Schnorr, C.: Efficient Identification and Signatures for Smart Cards, vol. 435, pp. 239–252. Springer, Berlin (1990)

24.

Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, CCS, pp. 132–145. ACM, New York (2004)

25.

Camenisch, J., Groth, J.: Group signatures: better efficiency and new theoretical aspects. In: Blundo, C., Cimato, S. (eds.) Security in Communication Networks. Lecture Notes in Computer Science, vol. 3352, pp. 120–133. Springer, Berlin (2005)

26.

Camenisch, J., Hohenberger, S., Stergaard Pedersen, M.: Batch verification of short signatures. In: EUROCRYPT. LNCS, vol. 4515. Springer, Berlin, pp. 246–263 (2007)

27.

Camenisch, J., Kohlweiss, M., Rial, A., Sheedy, C.: Blind and anonymous identity-based encryption and authorised private searches on public key encrypted data. In: PKC, Irvine, pp. 196–214. Springer, Berlin (2009)

28.

Camenisch, J., Lysyanskaya, A.: An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In: EUROCRYPT. LNCS, vol. 2045, pp. 93–118. Springer, Berlin (2001)

29.

Camenisch, J., Lysyanskaya, A.: A signature scheme with efficient protocols. In: Proceedings of the 3rd International Conference on Security in Communication Networks, SCN, pp. 268–289. Springer, Berlin (2003)

30.

Camenisch, J., Lysyanskaya, A.: Signature Schemes and Anonymous Credentials from Bilinear Maps, pp. 56–72. Springer, Berlin (2004)

31.

Camenisch, J., Neven, G., Shelat, A.: Simulatable adaptive oblivious transfer. In: EUROCRYPT. LNCS, vol. 4515, pp. 573–590 (2007)

32.

Camenisch, J., Stadler, M.: Efficient group signature schemes for large groups. In: CRYPTO. LNCS, vol. 1296, pp. 410–424 (1997)

33.

Camenisch, J., Van Herreweghen, E.: Design and implementation of the idemix anonymous credential system. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, CCS, pp. 21–30. ACM, New York (2002)

34.

Canetti, R., Halevi, S., Katz, J.: Chosen-ciphertext security from identity based encryption. In: EUROCRYPT. LNCS, vol. 3027, pp. 207–222 (2004)

35.

Cha, J.C., Cheon, J.H.: An identity-based signature from gap Diffie-Hellman groups. In: PKC. LNCS, vol. 2139, pp. 18–30. Springer, Berlin (2003)

36.

Chow, S.S.M., Yiu, S.M., Hui, L.C.K.: Efficient identity based ring signature. In: Applied Crypto and Network Security—ACNS. LNCS, vol. 3531, pp. 499–512. Springer, Berlin (2005)

37.

Condra, G.: pypbc. http://www.gitorious.org/pypbc

38.

Cramer, R., Shoup, V.: A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. In: CRYPTO, pp. 13–25. Springer, London (1998)

39.

Denis, T.S.: LibTomCrypt Project. http://libtom.org

40.

Dolev, D., Dwork, C., Naor, M.: Non-malleable cryptography. SIAM J. Comput. 542–552 (2000)

41.

Dufour, M.: Shedskin (2009). http://code.google.com/p/shedskin

42.

El Gamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. In: Proceedings of Crypto, pp. 10–18 (1984)

43.

Fiat, A., Shamir, A.: How to prove yourself: Practical solutions to identification and signature problems. In: CRYPTO. LNCS, vol. 263, pp. 186–194 (1986)

44.

Freeman, D.: Converting pairing-based cryptosystems from composite-order groups to prime-order groups. In: EUROCRYPT, 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 44–61 (2010)

45.

Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Proceedings of the 41st Annual ACM Symposium on Theory of Computing, STOC, pp. 169–178. ACM, New York (2009)

46.

GNU. The GNU Multiple Precision Arithmetic Library. http://www.gmplib.org

47.

Goldreich, O., Micali, S., Wigderson, A.: Proofs that yield nothing but their validity or all languages in np have zero-knowledge proof systems. J. ACM 38(3), 690–728 (1991)MathSciNetCrossRef

48.

Groth, J., Sahai, A.: Efficient non-interactive proof systems for bilinear groups. In: EUROCRYPT. LNCS, vol. 4965, pp. 415–432. Springer, Berlin (2008)

49.

Henecka, W., Kögl, S., Sadeghi, A.-R., Schneider, T., Wehrenberg, I.: Tasty: tool for automating secure two-party computations. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS, pp. 451–462. ACM, New York (2010)

50.

Hess, F.: Efficient identity based signature schemes based on pairings. In: SAC, LNCS 2595, pp. 310–324. Springer, Berlin (2002)

51.

Hohenberger, S., Waters, B.: Realizing hash-and-sign signatures under standard assumptions. In: Advances in Cryptology—EUROCRYPT (2009)

52.

Hohenberger, S., Waters, B.: Constructing verifiable random functions with large input spaces. In: EUROCRYPT, 29th Annual International Conference on the Theory and Applications of Cryptographic, Techniques, pp. 656–672 (2010)

53.

Iovino, V., Persiano, G.: Hidden-vector encryption with groups of prime order. In: Proceedings of the 2nd International Conference on Pairing-Based Cryptography, Pairing ’08, pp. 75–88. Springer, Berlin (2008)

54.

Lacy, J.B.: CryptoLib: Cryptography in software. USENIX Security Conference IV, pp. 1–18 (1993)

55.

Laurie, B., Clifford, B.: The Stupid programming language. Source code available at http://code.google.com/p/stupid-crypto/

56.

Lewis, J.R., Martin, B.: CRYPTOL: High Assurance, Retargetable Crypto Development and Validation (2003). http://www.galois.com/files/Cryptol_Whitepaper.pdf

57.

Lewko, A., Sahai, A., Waters, B.: Revocation systems with very small private keys. In: Proceedings of the IEEE Symposium on Security and Privacy, SP, pp. 273–285. IEEE Computer Society, Washington, DC (2010)

58.

Lewko, A., Waters, B.: Decentralizing attribute-based encryption. In: Patterson, K.G. (ed.) EUROCRYPT. LNCS, vol. 6632, pp. 568–588. Springer, Berlin. http://eprint.iacr.org/

59.

Lewko, A.B.: Tools for simulating features of composite order bilinear groups in the prime order setting. IACR Cryptol. ePrint Archive 2011, 490 (2011)

60.

Litzenberger, D.C.: PyCrypto—The Python Cryptography Toolkit. http://www.dlitz.net/software/pycrypto/

61.

Lynn, B.: The Stanford Pairing Based Crypto Library. http://crypto.stanford.edu/pbc

62.

Malkhi, D., Nisan, N., Pinkas, B., Sella, Y.: Fairplay—a secure two-party computation system. In: Proceedings of the 13th USENIX Security Symposium, pp. 287–302. USENIX Association, Berkeley (2004)

63.

Meiklejohn, S., Erway, C.C., Küpçü, A., Hinkle, T., Lysyanskaya, A.: ZKPDL: a language-based system for efficient zero-knowledge proofs and electronic cash. In: Proceedings of the 19th USENIX Conference on Security, USENIX Security, pp. 13–13. USENIX Association, Berkeley (2010)

64.

Meiklejohn, S., Mowery, K., Checkoway, S., Shacham, H.: The phantom tollbooth: privacy-preserving electronic toll collection in the presence of driver collusion. In: Proceedings of the 20th USENIX conference on Security, SEC, pp. 32–32. USENIX Association, Berkeley (2011)

65.

NIST.: Digital Signature Standard (DSS). Federal Information Processing Standards Publication 186 (1994)

66.

Pedersen, T.P.: Non-interactive and information-theoretic secure verifiable secret sharing. In: CRYPTO. LNCS, vol. 576, pp. 129–140 (1992)

67.

Regev, O.: Lattice-based cryptography. In: Dwork, C. (ed.) Advances in Cryptology—CRYPTO 2006. Lecture Notes in Computer Science, vol. 4117, pp. 131–141 Springer Berlin Heidelberg (2006).

68.

Rouselakis, Y., Waters, B.: New constructions and proof methods for large universe attribute-based encryption. Cryptology ePrint Archive Report 2012/583 (2012) http://eprint.iacr.org/

69.

Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: EUROCRYPT, pp. 457–473 (2005)

70.

Scott, M.: MIRACL library. Indigo Software. http://indigo.ie/mscott/download

71.

Stein, W., et al.: Sage Mathematics Software (Version 5.0.1). The Sage Development Team. http://www.sagemath.org

72.

Stern, J., Paillier, P.: Public-Key Cryptosystems Based on Composite Degree Residuosity Classes, vol. 1592, pp. 223–238. Springer, Berlin (1999)

73.

The OpenSSL Project. OpenSSL: The open source toolkit for SSL/TLS (2010). http://www.openssl.org

74.

Wang, X., Yin, Y.L., Yu, H.: Finding collisions in the full sha-1. In: Proceedings of Crypto, pp. 17–36. Springer, Berlin (2005)

75.

Wang, X., Yu, H.: How to break md5 and other hash functions. In: EUROCRYPT. Springer, Berlin (2005)

76.

Waters, B.: Efficient identity-based encryption without random oracles. In: EUROCRYPT. LNCS, vol. 3494, pp. 114–127 (2005)

77.

Waters, B.: Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. Cryptology ePrint Archive Report 2008/290 (2008). http://eprint.iacr.org/

78.

Waters, B.: Functional encryption for regular languages. In: Safavi-Naini, R., Canetti, R. (eds.) Advances in Cryptology CRYPTO 2012. Lecture Notes in Computer Science, vol. 7417, pp. 218–235. Springer, Berlin (2012)

79.

Wustrow, E., Wolchok, S., Goldberg, I., Halderman, J.A.: Telex: Anticensorship in the network infrastructure. In: Proceedings of the 20th USENIX Security Symposium (2011)

Titel: Charm: a framework for rapidly prototyping cryptosystems
verfasst von: Joseph A. Akinyele
Christina Garman
Ian Miers
Matthew W. Pagano
Michael Rushanan
Matthew Green
Aviel D. Rubin
Publikationsdatum: 01.06.2013
Verlag: Springer-Verlag
Erschienen in: Journal of Cryptographic Engineering / Ausgabe 2/2013
Print ISSN: 2190-8508
Elektronische ISSN: 2190-8516
DOI: https://doi.org/10.1007/s13389-013-0057-3

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"