diff options
author | wukong <rebirthmonkey@gmail.com> | 2015-11-23 17:48:48 +0100 |
---|---|---|
committer | wukong <rebirthmonkey@gmail.com> | 2015-11-23 17:48:48 +0100 |
commit | fca74d4bc3569506a6659880a89aa009dc11f552 (patch) | |
tree | 4cefd06af989608ea8ebd3bc6306889e2a1ad175 /moon-abe/pbc-0.5.14/example/yuanli.c | |
parent | 840ac3ebca7af381132bf7e93c1e4c0430d6b16a (diff) |
moon-abe cleanup
Change-Id: Ie1259856db03f0b9e80de3e967ec6bd1f03191b3
Diffstat (limited to 'moon-abe/pbc-0.5.14/example/yuanli.c')
-rw-r--r-- | moon-abe/pbc-0.5.14/example/yuanli.c | 165 |
1 files changed, 0 insertions, 165 deletions
diff --git a/moon-abe/pbc-0.5.14/example/yuanli.c b/moon-abe/pbc-0.5.14/example/yuanli.c deleted file mode 100644 index a3606377..00000000 --- a/moon-abe/pbc-0.5.14/example/yuanli.c +++ /dev/null @@ -1,165 +0,0 @@ -/* Contributed by Dmitry Kosolapov - * - * I haven't tested this much, and I'm personally not familiar with - * this particular cryptosystem. -Ben Lynn - */ -/* Here we represent the original Yuan-Li ID-Based Authenticated Key Agreement Protocol, 2005. - * This protocol has 2 stages: Setup and Extract. We represent them inside one code block with demo and time outputs. - */ - -/*Yuan-Li protocol description according to: -Quan Yuan and Songping Li, A New Efficient ID-Based Authenticated Key Agreement Protocol, Cryptology ePrint Archive, Report 2005/309 - -SETUP: -KGS chooses G1, G2, e: G1*G1 -> G2, P, H: {0, 1}* -> G1, s, H - some function for key calculation. -KGS calculates Ppub = s*P, publishes {G1, G2, e, P, Ppub, H1, H} and saves s as master key. - -EXTRACT: - -For the user with ID public key can be calculated with Qid = H1(ID). KGS generates bound public key Sid = s*Qid. -1. A chooses random a from Z_p*, calculates Ta = a*P. - A -> B: Ta -2. B chooses random b from Z_p*, calculates Tb = b*P. - B -> A: Tb -3. A calculates h = a*Tb = a*b*P and shared secret key Kab = e(a*Ppub + Sa, Tb + Qb) -4. B calculates h = b*Ta = a*b*P and shared secret key Kba = e(Ta + Qa, b*Ppub + Sb) -Session key is K = H(A, B, h, Kab). -H was not defined in the original article. -I've defined it as H(A, B, h, Kab)=e(h,H1(A)+H1(B))+Kab. -*/ - -#include <pbc.h> -#include <pbc_test.h> - -int main(int argc, char **argv) { - pairing_t pairing; - double t0, t1; - element_t s, a, b, P, Ppub, Qa, Qb, Sa, Sb, Ta, Tb, Kab, Kba, K, temp1, - temp2, temp3, temp4, temp5, h; - - pbc_demo_pairing_init(pairing, argc, argv); - if (!pairing_is_symmetric(pairing)) pbc_die("pairing must be symmetric"); - - element_init_Zr(s, pairing); - element_init_Zr(a, pairing); - element_init_Zr(b, pairing); - - element_init_G1(P, pairing); - element_init_G1(Ppub, pairing); - element_init_G1(Qa, pairing); - element_init_G1(Qb, pairing); - element_init_G1(Sa, pairing); - element_init_G1(Sb, pairing); - element_init_G1(Ta, pairing); - element_init_G1(Tb, pairing); - element_init_G1(temp1, pairing); - element_init_G1(temp2, pairing); - element_init_G1(temp3, pairing); - element_init_G1(h, pairing); - - element_init_GT(Kab, pairing); - element_init_GT(Kba, pairing); - element_init_GT(K, pairing); - element_init_GT(temp4, pairing); - element_init_GT(temp5, pairing); - - printf("Yuan-Li key agreement protocol\n"); - - t0 = pbc_get_time(); - -//Setup, system parameters generation - printf("SETUP STAGE\n"); - element_random(P); - element_printf("P = %B\n", P); - element_random(s); - element_mul_zn(Ppub, P, s); - element_printf("Ppub = %B\n", Ppub); - -//Extract, key calculation - printf("EXTRACT STAGE\n"); - element_from_hash(Qa, "A", 1); - element_from_hash(Qb, "B", 1); - element_mul_zn(Sa, Qa, s); - element_mul_zn(Sb, Qb, s); - element_printf("Sa = %B\n", Sa); - element_printf("Sb = %B\n", Sb); - - printf("-----1-----\n"); - - element_random(a); - element_mul_zn(Ta, P, a); - element_printf("A sends B Ta = %B\n", Ta); - - printf("-----2-----\n"); - - element_random(b); - element_mul_zn(Tb, P, b); - element_printf("B sends A Tb = %B\n", Tb); - - printf("-----3-----\n"); - - printf("A calculates h and Kab\n"); - element_mul_zn(h, Tb, a); - element_printf("h = %B\n", h); - element_mul_zn(temp1, Ppub, a); - element_add(temp1, temp1, Sa); - element_add(temp2, Tb, Qb); - element_pairing(Kab, temp1, temp2); - element_printf("Kab = %B\n", Kab); - - printf("-----4-----\n"); - - printf("B calculates h and Kba\n"); - element_mul_zn(h, Ta, b); - element_printf("h = %B\n", h); - element_add(temp1, Ta, Qa); - element_mul_zn(temp2, Ppub, b); - element_add(temp2, temp2, Sb); - element_pairing(Kba, temp1, temp2); - element_printf("Kba = %B\n", Kba); - - printf("-----FINAL-----\n"); - - element_add(temp3, Qa, Qb); - element_pairing(temp4, h, temp3); - - element_add(K, temp4, Kab); - element_printf("A has the key K = %B\n", K); - element_set(temp5, K); - - element_add(K, temp4, Kba); - element_printf("B has the key K = %B\n", K); - - if (!element_cmp(temp5, K)) - printf("The keys are the same. Start session...\n"); - else - printf("The keys aren't the same. Try again, please.\n"); - - element_clear(K); - element_clear(Kab); - element_clear(Kba); - element_clear(h); - element_clear(temp1); - element_clear(temp2); - element_clear(temp3); - element_clear(temp4); - element_clear(temp5); - element_clear(s); - element_clear(a); - element_clear(b); - element_clear(P); - element_clear(Ppub); - element_clear(Qa); - element_clear(Qb); - element_clear(Sa); - element_clear(Sb); - element_clear(Ta); - element_clear(Tb); - - t1 = pbc_get_time(); - - printf("All time = %fs\n", t1 - t0); - printf("Have a good day!\n"); - - return 0; -} |