The Idea

The goal of the Advanced Crypto Software Collection (ACSC) is to provide a set of cryptographic tools to system developers. This site will primarily be focused on providing software that implements "advanced" cryptographic primitives. By advanced we typically mean cryptography that uses more modern methods and can’t necessarily be built from the traditional tools of hashing, signing, and basic encryption.

The collection is intended to provide a diverse set of tools ranging from low-level number theoretic primitives such as a bilinear-map implementation, to API’s for new efficient cryptographic primitives like Broadcast Encryption and Forward Secure Signatures, to applications. The software was developed by several different contributors, who are credited along with the project descriptions. The software provided here is primarily intended for the use of researchers in building system prototypes. Currently, most software has not been reviewed thoroughly enough for commercial deployment.

The Projects

Listed below are the current projects along with short descriptions. Click on a project’s name to access a longer description and software. Eight projects are currently available. Some are still under development, while others are fairly stable.

Some of these projects are hosted locally at the ACSC website. Other projects (notably the PBC Library) predate the ACSC and have their own homepage elsewhere; these are marked "external".

  • Ciphertext-Policy Attribute-Based Encryption
    Developers: John Bethencourt, Amit Sahai (advisory role), Brent Waters (advisory role)
    License: GPL
    Added to ACSC: December 1, 2006
    Last updated: March 24, 2011
    This project provides an implementation of a Ciphertext Policy Attribute-Based Encryption (CP-ABE) system due to Bethencourt, Sahai and Waters. In such a system each user’s private key is associated with a set of attributes representing their capabilities, and a ciphertext is encrypted such that only users whose attributes satisfy a certain policy can decrypt. For example, we can encrypt a ciphertext such that in a company it can only be decrypted by a someone with attributes “Senior” and “Human Resources” or has the attribute “Executive ”. One interesting application of this tool is that we can do Role-Based Access Control (RBAC) without requiring trusted data storage.
  • Paillier Library
    Developer: John Bethencourt
    License: GPL
    Added to ACSC: July 21, 2006
    Last updated: January 30, 2010
    Paillier is a public key cryptosystem which offers an additive homomorphism, making it very useful for privacy preserving applications. This is a simple C library based on GMP which implements Paillier key generation, encryption, decryption, and also makes it easy to use the homomorphism.
  • Private Stream Searching Toolkit
    Developers: John Bethencourt, Brent Waters (advisory role)
    License: GPL
    Added to ACSC: July 21, 2006
    Last updated: September 28, 2009
    This toolkit provides programs implementing a private stream searching scheme due to Bethencourt, Song, and Waters that built upon work of Ostrovsky and Skeith. Suppose a client sends some search keywords to a server. The server checks some documents against the keywords and eventually sends back all the documents that matched. But the catch is that the client wants all this to take place without the server being able to learn what keywords they are interested in or which documents they end up with. These programs let you do that.
  • Forward-Secure Signatures with Untrusted Update
    Developers: Emily Shen (primary), John Bethencourt (build system)
    License: GPL
    Added to ACSC: September 13, 2007
    Last updated: October 22, 2007
    This C library implements a forward-secure signature scheme that allows “untrusted updates”. In most forward-secure signature constructions, a program that periodically updates a user's private signing key must have full access to the private key. However, this prevents the common practice of encrypting it on disk under a passphrase. A scheme supporting untrusted updates, however, allows updates to the private key while it is encrypted.
  • Proxy Re-cryptography Library [external]
    Developers: Giuseppe Ateniese, Kevin Fu, Matthew Green, Susan Hohenberger
    License: only non-commercial use permitted
    Added to ACSC: March 28th, 2007
    Proxy re-encryption is a form of public-key encryption that allows a user Alice to "delegate" her decryption rights to another user Bob. In a proxy re-encryption scheme, Alice delegates a semi-trusted proxy to translate ciphertexts encrypted under her key into ciphertexts encrypted under Bob’s key. Once delegated, the proxy operates independently of Alice. The proxy is considered "semi-trusted" because it does not see the content of the messages being translated, nor can it re-encrypt Alice’s messages to users for whom Alice has not granted decryption rights. This project is a C++ implementation of the proxy re-encryption schemes proposed in NDSS 2005, using the MIRACL library. A future version of the library will incorporate "proxy re-signature" schemes from CCS 2005.
  • Percy++ [external]
    Developer: Ian Goldberg
    License: GPL
    Added to ACSC: March 6th, 2007
    Percy++ is an implementation of Private Information Retrieval (PIR) protocols in C++, as described in the paper Improving the Robustness of Private Information Retrieval, Ian Goldberg, IEEE Symposium on Security and Privacy (Oakland), 2007. Briefly, private information retrieval is the task of fetching a block of data from a database server (or group of distributed servers) without the server(s) learning which block it was that you were interested in. The protocols implemented in this project provide information-theoretic, computational, and hybrid privacy protection against configurable numbers of honest, faulty, or malicious servers.
  • Broadcast Encryption [external]
    Developers: Matt Steiner (original), Ben Lynn (current)
    License: GPL
    Added to ACSC: July 28, 2006
    A broadcast encryption scheme allows a broadcaster to send an encrypted message to a set of receivers S, each of which has a different private key. Given any subset S’ of S, the broadcaster may construct an encrypted message so that only the receivers in S’ may decrypt it. This may be trivially accomplished by having a key pair for every member of S. Then a copy of the message may be separately encrypted under the key of each receiver in S’. This of course results in very inefficient communication, however. The challenge is to construct a scheme which has communication sublinear in the number of receivers. This project is an implementation of the BGW broadcast encryption scheme (see also this more recent paper) based on the PBC Library.
  • Pairing-Based Cryptography Library [external]
    Developer: Ben Lynn
    License: GPL
    Added to ACSC: July 21, 2006
    Pairing-based cryptography (PBC) is a relatively young area of cryptography that revolves around a certain function with special properties. The PBC library (Pairing-Based Cryptography library) is a high performance C library built on top of the GMP library that contains routines which aid the implementation of pairing-based cryptosystems, including curve generation and pairing computation. In addition to the detailed documentation, simple implementations of many sample cryptosystems are included as examples of using PBC. PBC makes it very easy to quickly implement a great many of the recent advances in cryptography.

The Contributors

The following persons have directly or indirectly contributed code or ideas to the Advanced Crypto Software Collection.