4 Evaluation Methodology and Implementation
4.3 Model Implementation
4.3.3 Cryptography
The core evaluation of IBE-BF and RSA is based on a model construct that allows key- encrypting key operations. However, the complete end to end SPIBE cryptographic operations including AES256 data encryption are implemented. The main objective for evaluation was to create a single consistent solution where programming languages would not have impact on the overall performance measures. Decision regarding programming language for the actual solution is crucial because it has to consider further consequences
/// <summary>
/// Creates an instance of a single OOXML document supporting basic access control functionality
/// </summary>
/// <param name="singleStream">Document file stream</param> /// <param name="fileAccess">Access type</param>
public XDocument(SingleStream singleStream, FileAccess fileAccess) {
this.singleStream = singleStream;
this.WrapDocument(fileAccess); }
private SqlFileStream GetData() {
const string SQL_TRANS_QUERY = @"SELECT GET_FILESTREAM_TRANSACTION_CONTEXT()"; //byte[] buffer;
//UInt32 position = 0;
string sqlQuery = String.Format(@" SELECT TOP 1 [MetaDataFile].PathName() FROM [NEHST].[dbo].[MetaData] WHERE [MetaDataID] = '{0}'", this.metaDataID);
if( this.fileStreamer.SqlConnection.State == System.Data.ConnectionState.Closed) {
this.fileStreamer.SqlConnection.Open(); }
using (SqlCommand sqlCommand = new SqlCommand(sqlQuery,
this.fileStreamer.SqlConnection)) {
//using (SqlTransaction sqlTransaction this.sqlTransaction =
this.fileStreamer.SqlConnection.BeginTransaction(this.metaDataID.Replace("-", String.Empty)); sqlCommand.Transaction = this.sqlTransaction;
string filePath = (string)sqlCommand.ExecuteScalar();
//SetRemoteSecurityContext(filePath);
sqlCommand.CommandText = SQL_TRANS_QUERY;
this.streamHandle = (byte[])sqlCommand.ExecuteScalar();
return new SqlFileStream(filePath, this.streamHandle, this.fileAccess); }
point (PEP) application would be running on Unix machine there should be existing not only set of OOXML editing libraries but also XACML libraries together with all cryptographic primitive implementations that could work under Unix system. If the editing application should have option to run as a client or server-side solution it is important to make underlying libraries generic written in the same programming language and configured for one single system. Such an approach simplifies the maintenance where critical changes could be quickly tested and deployed without need to maintain functionally identical solutions separately because of the programming architecture limitations.
Cryptographic libraries implemented as under Visual Studio solution allow further integration with XACML PEP component, but the aim is that popular MS based OOXML editor application part could be easily evaluated under the same software architecture. There are two main C++ evaluation methods, one ibe_eval for IBE-BF with Sticky Policy mapping into key space and the other rsa_eval for RSA evaluation (see Appendix H). Actual implementation C++ methods could wrap the underlying C cryptographic libraries and expose them for all other programming language projects under one single Visual Studio solution.
Figure 30 XACML Policy mapped into Public Key space via SHA256, C
static int ibe_bf_set_public_key(const unsigned char *id, long id_size, unsigned char *key,
const int key_size, char *err) {
const int HASH_LEN = 32;
unsigned char hash[HASH_LEN] = { 0 }; key = (unsigned char *)malloc(key_size+1); if (SHA256(id, id_size, hash) == NULL) {
ERR_error_string(ERR_get_error(), err); printf("%s\n", err);
return -1; }
for (int i = 0; i < key_size; i++) {
key[i] = hash[i % HASH_LEN]; }
key[key_size] = '\0'; return strlen((char *)key); }
Figure 31. IBE-BF Public Key generation evaluation, C
Figure 32 IBE-BF Private Key Generation Performance Evaluation, C
static void ibe_eval(int argc, char **argv) {
//...
for (int i = 0; i < 100; i++) { /******** ++++BEG_TIMING *********/ QueryPerformanceCounter(&t1); /******** ----BEG_TIMING *********/
element_from_hash(mapped_id_hash_Qid, key, pkey_sz);
/******** ++++END_TIMING *********/
QueryPerformanceCounter(&t2);
time_spent = (t2.QuadPart - t1.QuadPart) * (double)CLOCKS_PER_SEC / frequency.QuadPart; printf("%f\n", time_spent); fprintf(file_key_gen, "%f;[ms]\n", time_spent); /******** ----END_TIMING *********/ } //... }
static void ibe_eval(int argc, char **argv) {
//...
for (int i = 0; i < 100; i++) { /******** ++++BEG_TIMING *********/ QueryPerformanceCounter(&t1); /******** ----BEG_TIMING *********/
element_mul_zn(Ppub, gen_P, master_key_s); element_printf("++s: %B\n", master_key_s); element_printf("++P: %B\n", gen_P); element_printf("++Ppub: %B\n", Ppub); /******** ++++END_TIMING *********/ QueryPerformanceCounter(&t2);
time_spent = (t2.QuadPart - t1.QuadPart) * (double)CLOCKS_PER_SEC / frequency.QuadPart; printf("%f\n", time_spent); fprintf(file_key_gen, "%f;[ms]\n", time_spent); /******** ----END_TIMING *********/ } //... }
Figure 33. RSA key pair factorization, C
Figure 34 RSA key-encrypting key encryption evaluation, C
static RSA *rsa_create_key_pair(unsigned char **public_key, int *public_key_size, unsigned char **private_key, int *private_key_size)
{
const int KEY_SIZE = 1024;
const int PUB_EXP = 3; RSA *key_pair;
key_pair = RSA_generate_key(KEY_SIZE, PUB_EXP, NULL, NULL); BIO *bio_private_key = BIO_new(BIO_s_mem());
BIO *bio_public_key = BIO_new(BIO_s_mem());
PEM_write_bio_RSAPrivateKey(bio_private_key, key_pair, NULL, NULL, 0, NULL, NULL); PEM_write_bio_RSAPublicKey(bio_public_key, key_pair);
*private_key_size = BIO_pending(bio_private_key); *public_key_size = BIO_pending(bio_public_key);
*private_key = (unsigned char *)malloc(*private_key_size); *public_key = (unsigned char *)malloc(*public_key_size); BIO_read(bio_private_key, *private_key, *private_key_size); BIO_read(bio_public_key, *public_key, *public_key_size);
return key_pair; }
static void rsa_eval() {
//...
for (int i = 0; i < 100; i++) { /******** ++++BEG_TIMING *********/ QueryPerformanceCounter(&t1); /******** ----BEG_TIMING *********/
int size_enc = RSA_public_encrypt(AES_KEY_SZ, aes_key, cipher, key_pair, RSA_PKCS1_PADDING); /******** ++++END_TIMING *********/ QueryPerformanceCounter(&t2); /******** ----END_TIMING *********/
time_spent = (t2.QuadPart - t1.QuadPart) * (double)CLOCKS_PER_SEC / frequency.QuadPart; printf("%f\n", time_spent); fprintf(file_key_gen, "%f;[ms]\n", time_spent); } //... }
Figure 35 RSA key-encrypting key decryption evaluation, C
The cryptographic evaluation is mostly focused on key-encrypting key cryptographic operations. For IBE-BF the public key is derived directly from the policy (see Figure 30, Figure 31 and Figure 32) therefore there is no need to perform key-encrypting key operations like in RSA, where asymmetric keys have to be derived from prime numbers factorization (see Figure 33) and symmetric data-encrypting key encrypted or decrypted under RSA (see Figure 34 and Figure 35).
The further IBE-BF evaluation work itself is focused more on simple model workflows and looking at the actual performance of overall SPBIE cryptographic operations (see Figure 36, Figure 37, Figure 38). Here the policy into key space mapping under IBE-BF and data encryption using AES256 are evaluated together in various setups.
static void rsa_eval() {
//...
for (int i = 0; i < 100; i++) { /******** ++++BEG_TIMING *********/ QueryPerformanceCounter(&t1); /******** ----BEG_TIMING *********/
int size_dec = RSA_private_decrypt(size_enc, cipher, aes_key_v, key_pair, RSA_PKCS1_PADDING); /******** ++++END_TIMING *********/ QueryPerformanceCounter(&t2); /******** ----END_TIMING *********/ } //... }
Figure 36 IBE-BF encryption over AES256, C
Figure 37 IBE-BF decryption over AES256 evaluation, C
static int ibe_bf_aes256_encrypt(element_t r, element_t U, element_t P, element_t gid, element_t mapped_id_hash_Qid, element_t Ppub, unsigned char *data, long data_len, unsigned char *cipher, char *err)
{
const int HASH_LEN = 32;
char hash[HASH_LEN] = { 0 };
unsigned char *gs; element_random(r); element_mul_zn(U, P, r);
element_pairing(gid, mapped_id_hash_Qid, Ppub); element_pow_zn(gid, gid, r);
gs = (unsigned char*)malloc(element_length_in_bytes(gid)); element_to_bytes(gs, gid);
if (SHA256((unsigned char*)gs, element_length_in_bytes(gid), (unsigned char *)hash) ==
NULL) {
ERR_error_string(ERR_get_error(), err); printf("%s\n", err);
}
unsigned char iv[128] = { 0 };
int cipher_len = aes_evp256_encrypt((unsigned char*)data, data_len, (unsigned char*)hash, iv, cipher);
free(gs);
return cipher_len; }
static void ibe_eval(int argc, char **argv) {
//...
for (int i = 0; i < 100; i++) { /******** ++++BEG_TIMING *********/ QueryPerformanceCounter(&t1); /******** ----BEG_TIMING *********/ //ENCRYPTION
ibe_encrypt(r, U, P, gid, mapped_id_hash_Qid, Ppub, data, data_sz, cipher, err); cipher_sz = ibe_bf_aes256_encrypt(r, U, gen_P, gid, mapped_id_hash_Qid, Ppub, data, data_sz, cipher, err);
char *b64MsgHash;
to_base64(cipher, data_sz, &b64MsgHash); element_printf("++m: %s\n", b64MsgHash); /******** ++++END_TIMING *********/ QueryPerformanceCounter(&t2); ///******** //----END_TIMING //*********/
time_spent = (t2.QuadPart - t1.QuadPart) * (double)CLOCKS_PER_SEC / frequency.QuadPart; printf("%f\n", time_spent); fprintf(file_key_gen, "%f;[ms]\n", time_spent); } //... }
Figure 38 IBE-BF decryption over AES256, C 4.3.4 Policy Engine
XACML policy engine was evaluated with 400 XACML policies to receive a valid access response (see Appendix P) and to see the actual policy decision point (PDP) behaviour. All policy engine components but policy enforcement point (PEP) could be easily deployed under single system architecture using the same programming language. The PEP if deployed on a client-side it brings many challenges. To simplify actual SPIBE deployment it might be easier to create server-side PEP first with web-based editor application. If PEP should be deployed to client, the actual cryptographic operations should be handled on as low level as possible to avoid any possibility of intercepting the keys and making illegitimate changes to the protected document and the access policy. The Windows system Minifilter driver acting as a PEP has been partially implemented to see the possible use cases and the implementation complexity (see Appendix JJ).
By comparing XML and JSON formatted XACML policy sizes it is possible to see some benefits of using JSON formatted expressions as well as possibilities of using some cryptographic primitives with larger keys that could additionally encrypt the policy to increase the model security. Larger mapping key space for IBE BF close to policy size would reduce possible collisions in the long term. Some cryptographic primitives limit the size of the plaintext to the key size. If encryption of the actual XACML policy should be considered it is important to see what the largest and the average policy size is. This
static int ibe_bf_aes256_encrypt(element_t r, element_t U, element_t P, element_t gid, element_t mapped_id_hash_Qid, element_t Ppub, unsigned char *data, long data_len, unsigned char *cipher, char *err)
{
const int HASH_LEN = 32;
char hash[HASH_LEN] = { 0 };
unsigned char *gs; element_random(r); element_mul_zn(U, P, r);
element_pairing(gid, mapped_id_hash_Qid, Ppub); element_pow_zn(gid, gid, r);
gs = (unsigned char*)malloc(element_length_in_bytes(gid)); element_to_bytes(gs, gid);
if (SHA256((unsigned char*)gs, element_length_in_bytes(gid), (unsigned char *)hash) ==
NULL) {
ERR_error_string(ERR_get_error(), err); printf("%s\n", err);
}
unsigned char iv[128] = { 0 };
int cipher_len = aes_evp256_encrypt((unsigned char*)data, data_len, (unsigned char*)hash, iv, cipher);
free(gs);
return cipher_len; }
part of the evaluation may have many implications for the future work and should be beneficial for other researchers working on similar problems.