Click here to Skip to main content
Rate this: bad
good
Please Sign up or sign in to vote.
See more: C#
hello,
 
this is my first post, any mistake please forgive me...
 
i want implement the short group signature algorithm..
 
i ll briefly explain about it..
suppose i have a group with 10 people... and i generate 10 different keys (any key) and transmit to them...
 
they will encrypt some data and send them back to me..
 
me, without using all the private key of them, i should be able to identify the the person who encrypted it...
 
meaning is, with one shot i should identify the user...
 
Please respond asap..
any idea or algorithm or C# code are welcome..
 
Thanks in advance..
Posted 18-Jan-13 8:06am
Comments
Sergey Alexandrovich Kryukov at 18-Jan-13 13:44pm
   
Interesting question, but I don't see why you could not just apply logic to what you already know. Anyway, I up-voted the question with my 4.
—SA
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 1

1) encryption and signature are both applications of the same PKI approach, but they have different algorithms.
- when signing, the sender is encrypting the hash of the document with his private key, and you will use the his public key to verify signature
- when encrypting, the sender is using your public key, and you will use your private key to decrypt.
It is not clear to me what you really want, since you wrote about a strange mixture of these...
 
So you will never need the private key of other people, this would compromise the whole idea. Or you are not talking about PKI...
 
2) What you can do with PKI:
a) The sender generates the document (D) and an identity card (IC), this one could be an XML that contains information about the sender and probably about the document.
b) The sender encrypts the document with hes private key: ED = E(D, Prk)
c) The sender signs the encrypted document and the card with your public key key SED = S(ED + IC, Puk)
d) Sends the whole thing to you. You have their public keys and your private key.
e) You read the unencrypted identity card, and you see the sender. Since you have all public key, you simply choose that of the one on the card, and you verify the signature just once. If it is ok, you decrypt the encrypted document with your private key, and that's it. If the signature verification fails, than the message had been compromised.
  Permalink  
v2
Comments
CPallini at 14-Sep-14 13:22pm
   
5.
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 3

I hope you full understand how public-key cryptography works, in particular, for encryption: http://en.wikipedia.org/wiki/Public-key_cryptography[^].
 
In case you perfectly understand it, sorry for redundant information. But if you do, everything else is pure logic. There is nothing you could no infer by yourself. So, if you need a group to send you encrypted information, you create a pair of keys. You send only the public keys, one to each. If I understand you right, you send, say, 10 individual keys, one to each, so you generate 10 key pairs. It's important that you send the public key and them message: use this key to encrypt your data and send me back your encrypted data. It's important that this initial message is non-encrypted. So, anyone who gets this information, can encrypt it, but no one can decrypt it, except you, because only you have the private key.
 
Again, I hope you knew it all.
 
But now, you also don't know the identity of the sender of the encrypted message. Normally, this is not the case. If you say e-mail (for example), you can identify the sender by e-mail address. Note, that even from this point, this is not quite safe, because e-mail can be forged, but let's ignore it for a while, because you probably have much worse situation: by some reason, you don't know identity.
 
From the very beginning, you should understand that not only you cannot get the shortcut you want, but, strictly speaking, you cannot even decrypt a message, because you don't even use which of the keys to use. You can only try all 10 private keys to each, but even in case of success, you cannot guarantee this is a true decrypting (in practice, this is extremely unlikely that some reasonably looking decrypted message is wrong, but we are talking about the principles: encryption always assumes identity).
 
How to resolve the problem? I can suggest just one method: each sender should send your the identity along with the message. How? The message should be in two part: in one part, the sender should send you back a copy of the public key, another part is encrypted message. If course, the first part should be not encrypted. If you do that, the security is not compromised, because you already sent the public keys publicly; and having the public keys does not allow for decryption of anything. But now you have full information, because you can store both public and corresponding private key (use, for example, System.Collections.Generic.Dictionary<,>).
 
It looks like the problem is solved, but it is solved only in part of encryption. There is another problem: no one can decrypt the messages, but anyone (under certain condition which may or may not be met in your case), impersonate one of your companions and send you a fake message. Is it an issue for your? In many cases, this is the issue, and the solution is based on digital signature. The scenario of using the digital signatures is considerably more complex than encryption, but, technically, this is just the inversion of the roles of the keys. If you need, you can learn about it.
 
—SA
  Permalink  
Comments
kaliprasad123 at 19-Jan-13 0:06am
   
thanks for ur reply...
 
short group signature is a algorithm, which generate the key pairs (public key and private key) and distribute to the group...
 
the group in here is the vehicles, these vehicle get the public key and encrypt the data like road condition, GPS position and send to the authority..
 
authority has all the private keys of the group, and if the authority try to keep on trying to decrypt using all the private keys, then it will consume more time...
 
so, the short group signature says that, within one decryption we should be able to decrypt the encrypted data and find the user who has encrypted it...
 
this is the scenario i am in...
 
please help to solve this problem...
 

here is the algorithm..
 
1. G1 aid G2 are two (multiplicative) cyclic groups of prime order p:
2. g1 is a generator of G1 and g2 is a generator of G2;
3. phi is a computable isomorphism from G2 to G1. with phi(g2) = g1;
 
and
4. e is a computable map e : G1 x G2 —> GT with the following
 
properties:
• Bilinearity: for all u belongs G1, v belongs G2 and a, b belongs Z,
 
e(u^a. v^b) = e(u, v)^ab.
• Non-degeneracy: e(g1, g2) != 1.
Sergey Alexandrovich Kryukov at 19-Jan-13 0:19am
   
Thank you for this comment, I'll take a look...
—SA
CPallini at 14-Sep-14 13:22pm
   
5.
Sergey Alexandrovich Kryukov at 14-Sep-14 19:04pm
   
Thank you, Carlo.
—SA
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 4

You can go for the KP-ABE or CP-ABE algorithm.
For bileaner pairing u can user JPBC public library.
  Permalink  
Comments
kaliprasad123 at 20-Jan-13 23:02pm
   
thanks for ur reply...
 
is KP-ABE or CP-ABE algorithm is built in class or just an algorithm...
 
can u pls give the reference link...
 
and one more think i want in C#
 
thnak you
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 5

kp-abe == KEY POLICY - ATTRIBUTE BASE ENCRYPTION
CP-ABE = CIPHER TEXT POLICY ATTRIBUTE BASE ENCRYPTION
 

are set of encryption,decryption, key gen, setup algorithm. which is based on bilinear pairing.
  Permalink  
Comments
kaliprasad123 at 24-Jan-13 6:34am
   
THANKS FOR UR REPLY...
 
actually i am asking for in built class in c#..
 
if exists please give the full explanation of it... like namespace and class name....
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 6

finally i got the solution..
 

with the use " Bouncy castle " , i found the solution...
  Permalink  
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 7

can u mail me the solution ...
plzzz
nd advance thanq
vanitakengua@yahoo.com
  Permalink  
Comments
Wes Aday at 14-Sep-14 10:41am
   
Exactly how is this a solution?
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 8

can u plzz
mail me the solution
thnq u in advance
 
vanitakengua@yahoo.com
  Permalink  

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



Advertise | Privacy | Mobile
Web04 | 2.8.150327.1 | Last Updated 14 Sep 2014
Copyright © CodeProject, 1999-2015
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100