chore: Merge branch 'release/v14.0.0'

Cosmian · Mar 7, 2024 · 1b1d704 · 1b1d704
2 parents 0c1dcc8 + 6a990f1
commit 1b1d704
Show file tree

Hide file tree

Showing 29 changed files with 2,235 additions and 924 deletions.
diff --git a/.cargo/audit.toml b/.cargo/audit.toml
@@ -0,0 +1,5 @@
+[advisories]
+# Waiting for https://github.com/Argyle-Software/kyber/pull/110
+ignore = [
+  "RUSTSEC-2023-0079", # pqc-kyber
+]
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,6 +2,17 @@
 
 All notable changes to this project will be documented in this file.
 
+## [14.0.0] - 2024-03-07
+
+### Features
+
+- Change `Axis` to `Dimension` with a clear distinction between `Ordered` and `Unordered`.
+- Create a `Dictionary` data structure to store and update `Ordered Dimension` efficiently
+- Change the data structure of `MasterSecretKey` and `UserSecretKey` to keep track of subkeys version.
+- Policy does not count the attribute rotations anymore as they are stored in the subkeys.
+- a `UserSecretKey` can now be refreshed without any external `Policy` information.
+- Internalize `Policy` parsing method from the KMS to improve encapsulation.
+
 ## [13.0.0] - 2023-11-06
 
 ### Bug Fixes

diff --git a/Cargo.toml b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "cosmian_cover_crypt"
-version = "13.0.0"
+version = "14.0.0"
 authors = [
   "Théophile Brezot <[email protected]>",
   "Bruno Grieder <[email protected]>",
@@ -32,10 +32,10 @@ base64 = { version = "0.21.0", optional = true }
 cosmian_crypto_core = { version = "9.2.0", default-features = false, features = ["ser", "sha3", "aes", "curve25519"] }
 pqc_kyber = { version = "0.4", features = ["std", "hazmat"] }
 serde = { version = "1.0", features = ["derive"] }
-serde_json = "1.0"
+serde_json = { version = "1.0", features = ["preserve_order"] }
 tiny-keccak = { version = "2.0.2", features = ["shake", "kmac"] }
 zeroize = "1.6.0"
 
 [dev-dependencies]
 base64 = { version = "0.21.0" }
-criterion = { version = "0.4", features = ["html_reports"], default_features = false }
+criterion = { version = "0.5", features = ["html_reports"], default_features = false }
diff --git a/benches/benches.rs b/benches/benches.rs
@@ -65,10 +65,10 @@ fn policy() -> Result<Policy, Error> {
 fn bench_policy_editing(c: &mut Criterion) {
     let cover_crypt = Covercrypt::default();
     let new_dep_attr = Attribute::new("Department", "Tech");
-    let new_dep_name = "IT";
+    let new_dep_name = "IT".to_string();
     let remove_dep_attr = Attribute::new("Department", "FIN");
     let old_sl_attr = Attribute::new("Security Level", "Protected");
-    let new_sl_name = "Open";
+    let new_sl_name = "Open".to_string();
     let disable_sl_attr = Attribute::new("Security Level", "Confidential");
 
     let mut group = c.benchmark_group("Edit Policy");
@@ -88,11 +88,13 @@ fn bench_policy_editing(c: &mut Criterion) {
                     .add_attribute(new_dep_attr.clone(), EncryptionHint::Classic)
                     .unwrap();
                 policy
-                    .rename_attribute(&new_dep_attr, new_dep_name)
+                    .rename_attribute(&new_dep_attr, new_dep_name.clone())
                     .unwrap();
                 policy.remove_attribute(&remove_dep_attr).unwrap();
 
-                policy.rename_attribute(&old_sl_attr, new_sl_name).unwrap();
+                policy
+                    .rename_attribute(&old_sl_attr, new_sl_name.clone())
+                    .unwrap();
                 policy.disable_attribute(&disable_sl_attr).unwrap();
 
                 cover_crypt
@@ -308,57 +310,58 @@ fn bench_header_encryption(c: &mut Criterion) {
 fn bench_header_decryption(c: &mut Criterion) {
     let policy = policy().expect("cannot generate policy");
     let authenticated_data = vec![1, 2, 3, 4, 5, 6, 7, 8, 9];
-    let (user_access_policy, access_policies) = get_access_policies();
+    let (user_access_policies, access_policies) = get_access_policies();
     let cover_crypt = Covercrypt::default();
     let (msk, mpk) = cover_crypt
         .generate_master_keys(&policy)
         .expect("cannot generate master keys");
-    let user_decryption_keys: Vec<_> = user_access_policy
-        .iter()
-        .map(|ap| {
-            cover_crypt
-                .generate_user_secret_key(&msk, ap, &policy)
-                .expect("cannot generate user private key")
-        })
-        .collect();
     let mut group = c.benchmark_group("Header encryption and decryption");
-    for (n_partitions_usk, usk) in user_decryption_keys.iter().enumerate() {
+    for (n_user, user_access_policy) in user_access_policies.iter().enumerate() {
         for (n_partition_ct, access_policy) in access_policies.iter().enumerate() {
             group.bench_function(
                 &format!(
                     "ciphertexts with {} partition(s), usk with {} partitions",
                     n_partition_ct + 1,
-                    n_partitions_usk + 1
+                    n_user + 1
                 ),
                 |b| {
-                    b.iter(|| {
-                        let (_, encrypted_header) = EncryptedHeader::generate(
-                            &cover_crypt,
-                            &policy,
-                            &mpk,
-                            access_policy,
-                            None,
-                            Some(&authenticated_data),
-                        )
-                        .unwrap_or_else(|_| {
-                            panic!(
-                                "cannot encrypt header for {} ciphertext partition(s), {} usk \
-                                 partition(s)",
-                                n_partition_ct + 1,
-                                n_partitions_usk
+                    b.iter_batched(
+                        || {
+                            let usk = cover_crypt
+                                .generate_user_secret_key(&msk, user_access_policy, &policy)
+                                .expect("cannot generate user private key");
+                            let (_, encrypted_header) = EncryptedHeader::generate(
+                                &cover_crypt,
+                                &policy,
+                                &mpk,
+                                access_policy,
+                                None,
+                                Some(&authenticated_data),
                             )
-                        });
-                        encrypted_header
-                            .decrypt(&cover_crypt, usk, Some(&authenticated_data))
                             .unwrap_or_else(|_| {
                                 panic!(
-                                    "cannot decrypt header for {} ciphertext partition(s), {} usk \
+                                    "cannot encrypt header for {} ciphertext partition(s), {} usk \
                                      partition(s)",
                                     n_partition_ct + 1,
-                                    n_partitions_usk
+                                    n_user
                                 )
                             });
-                    });
+                            (usk, encrypted_header)
+                        },
+                        |(usk, encrypted_header)| {
+                            encrypted_header
+                                .decrypt(&cover_crypt, &usk, Some(&authenticated_data))
+                                .unwrap_or_else(|_| {
+                                    panic!(
+                                        "cannot decrypt header for {} ciphertext partition(s), {} \
+                                         usk partition(s)",
+                                        n_partition_ct + 1,
+                                        n_user
+                                    )
+                                });
+                        },
+                        BatchSize::SmallInput,
+                    );
                 },
             );
         }

diff --git a/examples/runme.rs b/examples/runme.rs
@@ -61,14 +61,10 @@ fn main() {
     assert!(encrypted_header.decrypt(&cover_crypt, &usk, None).is_ok());
 
     //
-    // Rotate the `Security Level::Top Secret` attribute
-    policy
-        .rotate(&Attribute::from(("Security Level", "Top Secret")))
-        .unwrap();
-
-    // Master keys need to be updated to take into account the policy rotation
+    // Rekey all keys using the `Security Level::Top Secret` attribute
+    let rekey_access_policy = AccessPolicy::Attr(Attribute::from(("Security Level", "Top Secret")));
     cover_crypt
-        .update_master_keys(&policy, &mut msk, &mut mpk)
+        .rekey_master_keys(&rekey_access_policy, &policy, &mut msk, &mut mpk)
         .unwrap();
 
     // Encrypt with rotated attribute
@@ -82,7 +78,7 @@ fn main() {
 
     // refresh user secret key, do not grant old encryption access
     cover_crypt
-        .refresh_user_secret_key(&mut usk, &access_policy, &msk, &policy, false)
+        .refresh_user_secret_key(&mut usk, &msk, false)
         .unwrap();
 
     // The user with refreshed key is able to decrypt the newly encrypted header.

diff --git a/src/abe_policy/access_policy.rs b/src/abe_policy/access_policy.rs
@@ -346,7 +346,8 @@ impl AccessPolicy {
     /// given access policy. It is an OR expression of AND expressions.
     ///
     /// - `policy`                              : global policy
-    /// - `include_lower_attributes_from_dim`   : set to `true` to combine lower attributes
+    /// - `include_lower_attributes_from_dim`   : set to `true` to combine lower
+    ///   attributes
     /// from dimension with hierarchical order
     pub fn to_attribute_combinations(
         &self,
@@ -360,12 +361,13 @@ impl AccessPolicy {
                     .get(&attr.dimension)
                     .ok_or_else(|| Error::DimensionNotFound(attr.dimension.to_string()))?;
                 let mut res = vec![vec![attr.clone()]];
-                if let Some(order) = dim_parameters.order.as_deref() {
-                    if include_lower_attributes_from_dim {
-                        // add attribute values for all attributes below the given one
-                        for name in order.iter().take_while(|&name| name != &attr.name) {
-                            res.push(vec![Attribute::new(&attr.dimension, name)]);
-                        }
+                if include_lower_attributes_from_dim && dim_parameters.is_ordered() {
+                    // add attribute values for all attributes below the given one
+                    for name in dim_parameters
+                        .get_attributes_name()
+                        .take_while(|&name| name != &attr.name)
+                    {
+                        res.push(vec![Attribute::new(&attr.dimension, name)]);
                     }
                 }
                 Ok(res)

diff --git a/src/abe_policy/attribute.rs b/src/abe_policy/attribute.rs
@@ -30,6 +30,7 @@ impl BitOr for EncryptionHint {
 }
 
 impl EncryptionHint {
+    #[must_use]
     pub fn new(is_hybridized: bool) -> Self {
         if is_hybridized {
             Self::Hybridized
@@ -39,6 +40,12 @@ impl EncryptionHint {
     }
 }
 
+impl From<EncryptionHint> for bool {
+    fn from(val: EncryptionHint) -> Self {
+        val == EncryptionHint::Hybridized
+    }
+}
+
 /// Whether to provide an encryption key in the master public key for this
 /// attribute.
 #[derive(Copy, Clone, Debug, Serialize, Deserialize, PartialEq, Eq)]