fraunhofer-aisec / rabe Goto Github PK

More or less.
You need to create a policy with ~80 attributes to produces the bug and call encrypt/keygen, respectively.
Unclear if this is a parser issue or scheme issue.
Happens with AC17/BSW schemes (all).

Hi all,

I compiled and built the lib based on the readme in the parent directory, but for some reason running rabe commands led to a 'zsh: command not found: rabe' error, suggesting something went wrong.

WHen I went to compile rabe-console, everything but the last step worked. Running ../target/release/rabe returned the following error:

    --s <s>

USAGE:
    rabe [OPTIONS] --s <s> [SUBCOMMAND]

For more information try --help```

which is cyclical because `rabe --help` doesn't work either.

How should I troubleshoot this?

The following will cause panic:

    let human = String::from("(B and C)");
    let _human_val: PolicyValue = parse(&human, PolicyLanguage::HumanPolicy).expect("unsuccessful parse");

The CLI tools do not work anymore for BSW and AC17 C/KP-ABE.
Apparently, the added schemes cause this.

The problem: https://github.com/Fraunhofer-AISEC/rabe/blob/master/src/main.rs#L1228
This line fails with:

  0: std::sys::unix::backtrace::tracing::imp::unwind_backtrace
             at src/libstd/sys/unix/backtrace/tracing/gcc_s.rs:39
   1: std::sys_common::backtrace::_print
             at src/libstd/sys_common/backtrace.rs:71
   2: std::panicking::default_hook::{{closure}}
             at src/libstd/sys_common/backtrace.rs:59
             at src/libstd/panicking.rs:197
   3: std::panicking::default_hook
             at src/libstd/panicking.rs:211
   4: std::panicking::rust_panic_with_hook
             at src/libstd/panicking.rs:474
   5: std::panicking::continue_panic_fmt
             at src/libstd/panicking.rs:381
   6: std::panicking::begin_panic_fmt
             at src/libstd/panicking.rs:336
   7: rabe::main::read_file
             at src/main.rs:1574
   8: rabe::main::run_encrypt
             at src/main.rs:1228
   9: rabe::main::run
             at src/main.rs:406
  10: rabe::main
             at src/main.rs:393
  11: std::rt::lang_start::{{closure}}
             at /rustc/a53f9df32fbb0b5f4382caaad8f1a46f36ea887c/src/libstd/rt.rs:64
  12: std::panicking::try::do_call
             at src/libstd/rt.rs:49
             at src/libstd/panicking.rs:293
  13: __rust_maybe_catch_panic
             at src/libpanic_unwind/lib.rs:85
  14: std::rt::lang_start_internal
             at src/libstd/panicking.rs:272
             at src/libstd/panic.rs:394
             at src/libstd/rt.rs:48
  15: std::rt::lang_start
             at /rustc/a53f9df32fbb0b5f4382caaad8f1a46f36ea887c/src/libstd/rt.rs:64
  16: main
  17: __libc_start_main
  18: _start

Reason:

https://github.com/Fraunhofer-AISEC/rabe/blob/master/src/main.rs#L329

The wrong variable is assigned.

Hi,
in order to create msk and pk of an AC17 KP-ABE scheme, I used all as you say but it is not working. it says "--scheme: command not found".
where should I use this command? in my rabe path "ubuntu:~/rabe" ?
I think the problem is path, I did what you said in "compile and test" and it is work and I have no problem with it.
also I have another issue, how can I calculate time of run based on number of attributes? where can I change the number?
I hope you help me in this, I used so many ways but none works and I can't change number of attributes.
thanks

See https://doc.rust-lang.org/cargo/commands/cargo-publish.html

Hi. My name is Humberto.
I am studying about ABE, and I get rabe-console to test it.
But i don't take success in file encrypt e decryption. For example:

Start with:

$ rabe --s AC17CP setup
$ rabe --s AC17CP keygen --a 'A B'

In the encryption example 1:

rabe --s AC17CP encrypt pk.key 'B' teste.doc

It finish at error:

error: The following required arguments were not provided:

USAGE:
rabe encrypt [ARGS]

And other example, 2:

rabe encrypt pk.key "B" ./teste.doc

error: The following required arguments were not provided:

USAGE:
rabe --s encrypt [ARGS]

use crate::error::RabeError;
#[cfg(feature = "borsh")]
use borsh::{BorshSerialize, BorshDeserialize};
#[cfg(not(feature = "borsh"))]
use serde::{Serialize, Deserialize};

Hi, I'm writing a C-FFI binding for this project, but i think some function signature is not reasonable enough.

Example

pub fn keygen(
    _pk: &KpAbePublicKey,
    _msk: &KpAbeMasterKey,
    _policy: &String,
    _language: PolicyLanguage,
) -> Result<KpAbeSecretKey, RabeError> 

the parameter _policy in this function is &String, but this function only need a immutable reference, i recommend use &str.
Similarly, in this function:

pub fn encrypt(
    _gk: &Aw11GlobalKey,
    _pks: &Vec<Aw11PublicKey>,
    _policy: &String,
    _language: PolicyLanguage,
    _plaintext: &[u8],
) -> Result<Aw11Ciphertext, RabeError> 

the type of _pks should be &[Aw11PublicKey] instead of &Vec<Aw11PublicKey>

Reason

• I can construct a String from a *const c_char by let s = String::from_raw_parts(policy as *mut u8,len, len) during FFI calling.But, because this String not really own its memory, so we need a std::mem::forget(s) to make sure not free the memory passed by FFI calling.
• If use &str, i can construct a slice from pointer directly and no need to care about memory.
• Also, When i pass a array of pointer for &Vec<Aw11PublicKey>, i need to use Vec::from_raw_partsand not free the memory.
• Not only in FFI, if i want to pass a let policy = "xxxxx", i also need to construct a String and pass it to function. But if the parameter is &str, i can pass policy directly.
• And because String had impl trait Deref<str>, pass a &String to a &str is ok.
• Similarly, use &Vec<T> instead of &[T] has the same problem. Such as &Vec<String>, all of these are FFI unfriendly and may cause unnecessary overhead under certain circumstances.

Hi
I've built the project using cargo build --release.
Now I see librabe.so file. It contains these symbols (using nm command):

0000000000004008 b completed.8061
                 w __cxa_finalize@@GLIBC_2.2.5
0000000000001040 t deregister_tm_clones
00000000000010b0 t __do_global_dtors_aux
0000000000003dd0 d __do_global_dtors_aux_fini_array_entry
0000000000004000 d __dso_handle
0000000000003dd8 d _DYNAMIC
0000000000001114 t _fini
00000000000010f0 t frame_dummy
0000000000003dc8 d __frame_dummy_init_array_entry
0000000000002094 r __FRAME_END__
0000000000003fc8 d _GLOBAL_OFFSET_TABLE_
                 w __gmon_start__
0000000000002000 r __GNU_EH_FRAME_HDR
0000000000001000 t _init
                 w _ITM_deregisterTMCloneTable
                 w _ITM_registerTMCloneTable
0000000000001070 t register_tm_clones
0000000000004008 d __TMC_END__
0000000000001100 t _ZN3std3sys4unix4args3imp15ARGV_INIT_ARRAY12init_wrapper17h9817c52b4f788959E
0000000000003dc0 d _ZN3std3sys4unix4args3imp15ARGV_INIT_ARRAY17hf93f535c4855ea1bE
0000000000004010 b _ZN3std3sys4unix4args3imp4ARGC17h4850cf38500183b7E.0
0000000000004018 b _ZN3std3sys4unix4args3imp4ARGV17hd52966b69df71d64E.0

I don't see any encrypt or decrypt function. Did I have a mistake in building the project? or is there another way to see the exports of this shared object (so) file.

finally I want to use this project in python language.

The following policy with duplicated attribute "B" would caused decryption in BSW scheme to fail:

    let policy = String::from(r#"{"name": "or", "children": [{"name": "and", "children":  [{"name": "A"}, {"name": "B"}]}, {"name": "and", "children":  [{"name": "C"}, {"name": "B"}]}]}"#);

I've tested with the Python implementation by the original BSW authors and duplicated attributes are supported. Their paper also mentioned duplicated attributes are supported.

Please help to resolve this.

I've been using this library for part of my Ph.D. research. it has proven very useful so far, but I was wondering about the AES cipher used underneath.

I've seen that rabe calls aes from aes-0.7.0. This crate only offers AES or AES-CTR. Seemed weird to me, and I have checked the newest version of aes crate and developers comment how:

This crate implements only the low-level block cipher function, and is intended for use for implementing higher-level constructions only. It is NOT intended for direct use in applications.

So now I'm wondering what mode of AES does Rabe use. Or whether at some point in the code you build AES-CBC or AES-GCM.

In case Rabe is using pure AES, since this is not recommended, are you planning on implementing AEADs?

BTW thanks for all the hard work 😄

Almost got cffi working, just missing 1 little thing, I guess...

from cffi import FFI
ffi = FFI()
ffi.cdef("""
    struct CpAbeCiphertext;
    struct CpAbeContext;
    struct CpAbeSecretKey;

    struct CpAbeContext* rabe_bsw_context_create();
    void rabe_bsw_context_destroy(struct CpAbeContext* ctx);
    struct CpAbeSecretKey* rabe_bsw_keygen(const struct CpAbeContext* ctx, const char* attributes);
    void rabe_bsw_keygen_destroy(void* sk);
    int32_t rabe_bsw_encrypt(const void* pk, char* policy, char* pt, int32_t pt_len, char** ct, int32_t *ct_len);
    int32_t rabe_bsw_decrypt(const struct CpAbeSecretKey* sk, const char* ct, uint32_t ct_len, char** pt_buf, uint32_t *pt_len);
""")

C = ffi.dlopen("librabe.so")

ctx = C.rabe_bsw_context_create()
print(ctx)
sk = C.rabe_bsw_keygen(ctx, b"[ \"test1\", \"test2\", \"test3\" ]")
print(sk)
pt = b"testing123"
ct = ffi.new("char **")
ct_len = ???

output = C.rabe_bsw_encrypt(ctx, b"{\"OR\": [{\"ATT\": \"A\"}, {\"ATT\": \"B\"}]}", pt, len(pt), ct, ct_len)
print(output)

How should I define ct_len?

Hello,

The YCT14 scheme was broken in [1] and a 'fixed' version was again broken in [2].
We have demonstrated how the attack can be implemented in practice in https://www.blackhat.com/eu-21/briefings/schedule/index.html#practical-attacks-against-attribute-based-encryption-25058.

[1] https://ieeexplore.ieee.org/document/8651482
[2] https://ieeexplore.ieee.org/document/9291064