public interface MultiKeyEncryptionScheme
When constructing a garbled circuit, an encryption scheme must be specified. The Garbled circuit will use the specified scheme to encrypt each gate.
See Garbling Schemes by Mihir Bellare, Viet Tung Hoang, and Phillip Rogaway. In this paper, the authors present the idea of a Garbling Scheme--i.e. the notion to treat Garbling Schemes as cryptographic primitive. In the paper, they present a number of different efficient garbling schemes.
We have implemented a number of the schemes that they mentioned, and any other garbling scheme can easily be implemented and used anywhere in our code as long as they implement this interface.
|Modifier and Type||Method and Description|
Decrypts the ciphertext.
This method used the individual
This method generates a single
This method is provided with individual
Returns the size of the ciphertext.
Checks if the key for this
Sets the key to the specified
See Garbling Schemes by Mihir Bellare, Viet Tung Hoang, and Phillip Rogaway.
This is necessary since the user will often need to generate single keys first and then combine them to a single
Consider the following problem: Say we want to garble and compute a gate in Yao's protocol.
Consider a 2 input gate. Each input Wire will have two possible garbled values--corresponding to a 0 value and a 1 value.
These values are <@code SecretKey}s NOTMultiSecretKeys. When we encrypt the truth table, we combine the single
keys to create
MultiSecretKeys. So, if we want to encrypt the 0-0 entry of the truth table, we will take the 0 key from
GarbledWire and combine them to a
MultiSecretKey (using the
Then if we want to encrypt the 0-1 entry, we will use the 0-key from the first wire and the 1-key from the second wire.
We will combine these 2 keys into a single
MultiSecretKey and use this to encrypt. Note that in this example,
the 0-key from the first Wire is combined from 2 different
MultiSecretKeys. First we combined it with the 0-key of the second
wire and then we combined it with the 1-key.
Thus, it is necessary to have a method to generate individual keys and a separate method to combine different single keys into
SecretKeyof the specified size. One or more of these keys will be combined into a
MultiSecretKeyto encrypt and decrypt with.
MultiSecretKey generateMultiKey(javax.crypto.SecretKey... keys)
SecretKeys and combines them into a
MultiSecretKeythat can be used for encryption and decryption with the
keys- The individual
SecretKeys that make up the
SecretKeyobjects can be passed in an array or as individual parameters.
MultiSecretKeymade up of the
SecretKeys that were passed as parameters.
void setKey(MultiSecretKey key)
The key that it is currently set to, will be used for encryption and decryption until
setKey() is called again.
MultiSecretKeyto be used for encryption and decryption.
void setTweak(byte tweak)
Some encryption schemes use a tweak and instead of encrypting directly the entry of the plaintext, encrypt the tweak and then XOR the result with the plaintext.
Some encryption schemes do not make use of a tweak, in which case calls to set the tweak have no effect. If you are implementing an encryption scheme that does not use a tweak, just leave the body of this method blank.
tweak- The tweak to be used for this encryption scheme.
byte encrypt(byte plaintext) throws KeyNotSetException, TweakNotSetException, javax.crypto.IllegalBlockSizeException, PlaintextTooLongException, java.security.InvalidKeyException
SecretKeys that make up the
MultiSecretKeyto encrypt the plaintext.
byte decrypt(byte ciphertext) throws CiphertextTooLongException, KeyNotSetException, TweakNotSetException, java.security.InvalidKeyException, javax.crypto.IllegalBlockSizeException
MultiKeyEncryptionSchemehas been set.
true if it has been and
false if it has not been.
Before encrypting and decrypting, the key must be set.
trueif the key has been set,