public static BFCText encrypt(BFUserPublicKey pk, byte[] m, Random rnd) { Pairing e = pk.Param.Pairing; byte[] sigma = new byte[BFCipher.sigmaBitLength / 8]; rnd.NextBytes(sigma); //sigma||m byte[] toHash = new byte[sigma.Length + m.Length]; Array.Copy(sigma, 0, toHash, 0, sigma.Length); Array.Copy(m, 0, toHash, sigma.Length, m.Length); //hash(sigma||m) to biginteger r; Field field = e.Curve2.Field; BigInt r = BFUtil.HashToField(toHash, field); //hash(ID) to point byte[] bid = null; String ID = pk.Key; bid = Encoding.UTF8.GetBytes(ID); Point Q = BFUtil.HashToPoint(bid, e.Curve, e.Cofactor); //gID = e(Q, sP), sP is Ppub FieldElement gID = e.Compute(Q, pk.Param.Ppub); //U=rP Point U = e.Curve2.Multiply(pk.Param.P, r); //gID^r FieldElement gIDr = e.Gt.Pow(gID, r); //V=sigma xor hash(gID^r) byte[] hash = BFUtil.HashToLength(gIDr.ToUByteArray(), sigma.Length); //This could fail byte[] V = BFUtil.XorTwoByteArrays(sigma, hash); //W =m xor hash(sigma) hash = BFUtil.HashToLength(sigma, m.Length); byte[] W = BFUtil.XorTwoByteArrays(m, hash); return(new BFCText(U, V, W)); }
public static KeyPair Extract(KeyPair masterKey, String ID, Random rnd) { //user public key is ID+ public parameters BFUserPublicKey pk = new BFUserPublicKey(ID, (BFMasterPublicKey)masterKey.Public); Pairing e = ((BFMasterPublicKey)masterKey.Public).Pairing; //user private key: hash(ID)->point Q //sQ, s is the master private key byte[] bid = null; bid = Encoding.UTF8.GetBytes(ID); Point Q = BFUtil.HashToPoint(bid, e.Curve, e.Cofactor); BigInt s = ((BFMasterPrivateKey)masterKey.Private).Key; Q = e.Curve.Multiply(Q, s); BFUserPrivateKey sk = new BFUserPrivateKey(Q, (BFMasterPublicKey)masterKey.Public); return(new KeyPair(pk, sk)); }