-
Notifications
You must be signed in to change notification settings - Fork 5
/
ibe_help.txt
131 lines (83 loc) · 3.81 KB
/
ibe_help.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
Help for IBE programs
Ben Lynn ([email protected])
INTRODUCTION
Two binaries are provided, one to generate system parameters, and the other
to perform IBE operations.
QUICKSTART
The default configuration should be fine.
Encrypt messages to yourself by typing
ibe encrypt ID
where ID is your email address. (Throughout this section, ID will always
be your email address.)
It uses standard input/output, so you can encrypt a file by typing
something like:
ibe encrypt ID < plain.txt > cipher.txt
By now it is evident what the main advantage of IBE is: there is no need
to generate/retrieve a public key in order to encrypt.
Next, retrieve your private key share by typing:
ibe request ID
You'll be asked to make up a password.
Soon you should receive an email from the private key generator to that
address. Save it to a file "keyshare". Then type:
ibe combine ID keyshare
You'll need the password you just made up for this to work, and it will
then ask you for another password.
Now you can decrypt the message you encrypted to yourself by typing:
ibe decrypt ID < cipher.txt
(You'll need to enter the password for your private key which you concocted
in the previous step.)
You should also be able to decrypt the message sent to you on the IBE
homepage (in the Try IBE section).
DETAILS
Configure the system parameters generator, gen, by editing gen.cnf.
If run, it will output a file containing new system parameters and secret
shares for PKG's to use.
Configure ibe by editing ibe.cnf. To use the program, type
ibe <command> <args>
on the command-line. At the moment the commands are:
encrypt
Once system parameters are available (they can be generated by the gen
program or obtained elsewhere), the encrypt command can be used (recall
in an IBE scheme, any string is a public key). So for example, typing:
ibe encrypt Alice
will encrypt the standard input using the public key "Alice".
The ciphertext is printed on standard output.
request
The request command requests the private key for a given ID.
For example,
ibe request [email protected]
will send the server(s) (configured in ibe.cnf) requests for parts of
Bob's private key. They will be emailed to the address provided on the
command-line (i.e. the ID).
combine
The combine command combines files given out by private key generators into
a private key. For example, if Bob has received the file "file" from a PKG,
and only one file is needed to make a private key (this depends on the
system parameters), he can type
ibe combine [email protected] file
to recover his private key. If there were more than one file, he types
ibe combine [email protected] file1 file2 ...
decrypt
Once the private key has been recovered (it is saved to a file
automatically; the filename is read from the config file),
the decrypt command may be used as follows:
ibe decrypt Alice
It takes the ciphertext on standard input and outputs the corresponding
plaintext on standard output.
extract_share
This simulates what a PKG would do. If you have run gen to obtain
a master share, then run
ibe extract_share Alice mastersharefile
to obtain a key share for Alice corresponding to the given master share.
These key shares can be combined with the combine command to construct
a private key.
key_from_master_shares
This is intended for testing only; in real life, the master shares should
never reside on the same server. Type
ibe key_from_master_shares Alice mastersharefile1 mastersharefile2 ...
to recover Alice's private key.
imratio
The imratio command is a benchmarking tool, which was used to find the
relative cost of inversions and multiplications. It is not needed by the
end user, but I'm interested in what values various machines report for
the I/M ratios.