stefano81 / dcpabe Goto Github PK
View Code? Open in Web Editor NEWDecentralized CP-ABE
License: MIT License
Decentralized CP-ABE
License: MIT License
I discovered this bug while running the test case of your library.
Element M = pairing.getGT().newRandomElement().getImmutable();
message.m = M.toBytes();
I understand that you want to associate the message byte array with the element M that is generated randomly but surely this won't allow if we set the message by ourselves. Also the bug itself will actually passes the test but also the test should be wrong as in the test case there isn't any byte assigned to it then suddenly after encryption the byte is then filled with random element M, which is wrong.
What I suggest for fix of this bug is something like this:
Element M = pairing.getGT().newZeroElement();
M.setFromBytes(message.m)
As Per the Lewko Waters Paper "Decentralized ABE" ,in decrypt algorithm , the decryptor need to choose constants cx such that Σ cx Ax = (1,0,...0) . In the of DCPABE.java file , how the statement "t.mul(c1x.mul(p1).mul(p2.invert()));" in loop i.e. the product of the statement satisfies the condition. There is no algorithm for choosing constants in package sg.edu.ntu.sce.sands.crypto.dcpabe.ac
Please reply
where can I check the corresponding papers?
While the project is not yet in maven central, it can still be used leveraging services like https://jitpack.io .
Add some sentences to the README on how to leverage these services.
Vulnerable versions: >= 2.0.0, < 2.9.9
Patched version: 2.9.9
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint, the service has the mysql-connector-java jar (8.0.14 or earlier) in the classpath, and an attacker can host a crafted MySQL server reachable by the victim, an attacker can send a crafted JSON message that allows them to read arbitrary local files on the server. This occurs because of missing com.mysql.cj.jdbc.admin.MiniAdmin validation.
Could you tell me how do you define the structure for the policy? In the test case you wrote something like this
AccessStructure as = AccessStructure.buildFromPolicy("and a or d and b c");
and the attributes that fulfill the policy is a and d. How is that possible? Also what if I would like to make simple policy like a or b? How do I define it?
When I try to encrypt the specified file, the decrypted data is always a fixed length byte stream, resulting in decryption failure. Could you give me some guidance。
// Message message = DCPABE.generateRandomMessage(gp);
Path path = Paths.get("src/test/java/textTest/test.txt");
byte[] ss = Files.readAllBytes(path);
Message msg = new Message(ss);
Create a new release and increment version number.
Could you explain what the lambda input for global setup represents? In the Testing.java you put 160 as the input parameter of the global setup, is it the length of the keys later will be generated or the security level?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.