Distributed key generation + proxy re-encryption

crate Docs License Build Status Coverage

nube is a Rust implementation of a proxy re-encryption algorithm with distributed key generation. See notes/dkg.lyx for the scheme descriptioin.

Usage example

```rust use nube::{decrypt, encrypt, generate_kfrags, reencrypt, KeyMaker, RecipientSecretKey};

// In this example, we're going to create KeyFrags for a 2-of-3 PRE (T=2, N=3) let threshold = 2; let shares = 3;

// // Keymakers //

// Let's assume there's a DKG of Ñ=4 keymakers let keymaker1 = KeyMaker::random(); let keymaker2 = KeyMaker::random(); let keymaker3 = KeyMaker::random(); let keymaker4 = KeyMaker::random();

// // Encryptor //

// Accumulate the encryption key let keyparts = [ keymaker1.encryptionkey(), keymaker2.encryptionkey(), keymaker3.encryptionkey(), keymaker4.encryption_key(), ];

let encryptionkey = &keyparts[0] + &keyparts[1] + &keyparts[2] + &key_parts[3];

// Now, Encryptor encrypts something with the DKG encryption key // For simplicity, we don't deal with messages here but only with the computation // of the secret factor used to derive the symmetric key that encrypts the message // TODO: use the symmetric key to encrypt a ciphertext. let (capsule, symmetrickey) = encrypt(&encryptionkey);

// // Recipient //

// Recipient creates a secret key for decryption, // and a public key that will be a target for keyslivers/keyfrags. let recipientsk = RecipientSecretKey::random(); let recipientpk = recipientsk.publickey();

// // Author //

// Author creates a label and sends it to Keymakers, requesting key slivers let label = b"some label";

// Keymakers make key slivers intended for Recipient let ksliver1 = keymaker1.makekeysliver(label, &recipientpk, threshold, shares); let ksliver2 = keymaker2.makekeysliver(label, &recipientpk, threshold, shares); let ksliver3 = keymaker3.makekeysliver(label, &recipientpk, threshold, shares); let ksliver4 = keymaker4.makekeysliver(label, &recipientpk, threshold, shares);

// The slivers are sent back to the Author who repackages them into kfrags. let kfrags = generate_kfrags(&[ksliver1, ksliver2, ksliver3, ksliver4]).unwrap();

// // Proxies //

// Proxies reencrypt the keyfrags. let cfrag0 = reencrypt(&capsule, &kfrags[0]); let _cfrag1 = reencrypt(&capsule, &kfrags[1]); let cfrag2 = reencrypt(&capsule, &kfrags[2]);

// // Recipient //

// Recipient decryptis with 2 out of 3 cfrags let decryptedkey = decrypt(&recipientsk, &[cfrag0, cfrag2]).unwrap();

asserteq!(symmetrickey, decrypted_key); ```