|
Verified Set Operation (VSOlib) LibraryVSOlib implements efficient cryptographic protocols for verifiable delegation of computation over outsourced sets. The main protocols implemented by the library has been described in the paper "Implementation of verified set operation protocols based on bilinear accumulators", presented at the 15th International Conference on Cryptology and Network Security (CANS 2016). The library represents an ongoing work and might be modified and improved in the future. If you want to cite this work please cite the published paper. License and WarrantyWe release the library to the public under the GPL license WITHOUT ANY WARRANTY. The library is a prototype and must NOT be used in production environments.
Downloading and installing VSOlib
The latest version of the library can be downloaded here and can be installed by using the distutils-compliant
The setup module also supports a few unittest scripts for quick testing:
The current version of the library has been tested on Debian- and Fedora-based Linux distributions. We tested it on Debian Jessie and Stretch, Ubuntu 16.04 and Fedora 24. DependenciesVerSOp is mainly implemented in Python 3, plus a few C/C++ extensions. Using the libraries requires to install the NTL library for big integers arithmetic and algorithms, and the Charm-Crypto and PBC libraries for pairing cryptography. Both NTL and Charm-Crypto depend on the GMP library, that can be easily installed from the official repository of the adopted Linux distribution. Charm-Crypto also requires SSL development libraries, that are also usually available on the official repositories.
NTL is available from official repositories of many Linux distributions, but we suggest installing the latest version from the official website. Please refer to the official documentation for details on all NTL configuration and installing options. We tested the library against NTL 10.1.0 compiled with the following configure options:
Charm-Crypto depends on the PBC libraries. As these libraries only depends on GMP, downloading and compiling them from the official website should be quite easy. We provide some scripts to automatically install such dependencies in your home directory here. VSOlib also includes sample programs that let users issue operations to an in-memory set collection through command-line interfaces. These programs require additional third-party Python libraries that are are also available on pipy:
Running the authenticated set collections example applicationWe provide a few network applications that allow users to test the implemented protocols by using a prompt. We assume that the library has been installed correctly and the scripts have been made available in a directory included in the PATH environment variable (if you installed the library through distutils they should be already available). After the first setup phase we will use three independent terminals to emulate the three parties (server, owner, user). System setup
The local hidden directory
The configuration file can be modified to execute protocol variants, such as different serialization protocols, elements compression and cache sizes as well as network parameters.
Note that:
In the following we show how to execute the three command-line programs in different terminals. Note that the order of the execution of the three programs must be server, owner, users:
Running the ServerUse the
Executing the Owner CLIUse the
To exit from the command-line interface use CTRL+d or use the
The command creates a local queue of values to be added or removed to the sets referenced by the given labels. As an example:
Note that the current version of the server and owner programs keep all modifications only in memory. Thus, closing any of the two will cause inconsistencies between the cryptographic information that represent the state of the database. Executing the User CLIUse the
To exit from the command-line interface use CTRL+d or use the
The user program supports hierarchical set union and intersection operations. The server automatically selects the correct set operation proof protocols as described in Sections 4 and 6 of the paper. It returns to the user both the result of the query and the cryptographic proof.
If the proof is invalid, the program notifies it to the user (as an example, if the owner executed an update and the user did not request the new digest):
|