Crypt::SDTree::Publish - Create Broadcast Messages
use Crypt::SDTree::Publish; # create a new publisher with all key maerial my $publisher = Crypt::SDTree::Publish->new(); # Generate client keys $p->generateKeylist("00000000000000000000000000000001"); $p->writeClientData('clientkeys'); # revoke a user $publisher->revokeUser("10000000000000000000000000000000"); # save publisher keys and list of revoked users $publisher->writeServerData('serverkeys'); # encrypt message my $data = 'testmessage'; $publisher->generateCover; my $encrypted = $publisher->generateSDTreeBlock($data);
Perl interface for the encryption of broadcast messages and user-management.
This package allows the encryption of broadcast messages, creation of broadcaster and subscriber keys as well as the encryption of messages. Messages can be decrypted using <Crypt::SDTree::Subscribe>.
Individual clients are identified by a path in a 32-bit binary tree, which is represented as a bitstring.
Please note that this module has not been reviewed by anyone other than myself. I am not sure that it actually is secure - while the theoretical basis should be sound it might leak key material or have other implementation defects.
Hence, please consult a cryptographer before using this for anything that is actually important.
Create a new class instance. Includes the generation of an EC server key (for signing) and the subset-difference keys.
Create a new class instance. Load previously generated key material from $file.
$file
Create a new class instance. Previously generated key material is provided in $data.
Print information about the server EC key to STDOUT.
Write the current server EC and subset-keys, as well as the information about revoked users to $file.
Returns the same information as in writeServerData as a string.
Revoke the user that is identified by the 32-bit path in $user. After calling this function, the server data should probably be saved.
$user
Please note that, for the scheme to work, always at least one user has to be revoked.
Clear the list of revoked users
Generate a client keylist for a specified user. Only holds it in the library, it is not output or written to disk.
Write the last generated client keylist to $filename.
$filename
Return the last generated client keylist
Generate the keys, etc. necessary for data encryption using the current list of revoked users. After calling this function you can encrypt data using generateSDTreeBlock.
generateSDTreeBlock
Please note that at least one user always has to be revoked for the encryption to work. Please also note that no user- or other management functions should be called after generateCover is called, because it alters some data structures in a non-reversible way.
Do not call writeServerData after calling this function.
Return an encrypted block of data.
Bernhard Amann, <bernhard@icsi.berkeley.edu>
Copyright (C) 2010-2012 by Bernhard Amann
This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version.
This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
To install Crypt::SDTree, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Crypt::SDTree
CPAN shell
perl -MCPAN -e shell install Crypt::SDTree
For more information on module installation, please visit the detailed CPAN module installation guide.