Implementation of SSE schemes. For now, the repo includes a C++ implementation of Sophos, Diana and Janus. Sophos has been described in Σoφoς – Forward Secure Searchable Encryption by Bost, and Diana and Janus in Forward and Backward Private Searchable Encryption from Constrained Cryptographic Primitives by Bost, Minaud and Ohrimenko.
OpenSSE's schemes implementation dependencies need a compiler supporting C++14 (although the core codebase doesn't). It has been successfully built and tested on Ubuntu 14 LTS using both clang 3.6 and gcc 4.9.3 and on Mac OS X.10 using clang 7.0.0
$ [sudo] apt-get install build-essential autoconf libtool yasm openssl scons $ [sudo] xcode-select --installIf you still haven't, you should get Homebrew. You will actually need it to install dependencies:
$ brew install automake autoconf yasm openssl sconsOpenSSE uses Google's gRPC as its RPC machinery. Follow the instructions to install gRPC's C++ binding (see here for the 0.14 release).
OpenSSE uses Facebook's RocksDB as its storage engine. OpenSSE has been tested with the 5.7 release. See the installation guide.
Note that on OS X, RocksDB ca be installed via Homebrew:
brew install rocksdbThe code is available via git:
$ git clone https://github.com/OpenSSE/opensse-schemes.gitYou will also need to fetch the submodules:
$ git submodule update --initBuilding is done through SConstruct.
To build the submodules, you can either run
$ scons depsor do it by hand:
$ (cd third_party/crypto; scons lib); (cd third_party/ssdmap; scons lib); (cd third_party/db-parser; scons lib); Then, to build the code itself, just enter in your terminal
$ scons The SConstruct files default values might not fit your system. For example, you might want to choose a specific C++ compiler.
You can easily change these default values without modifying the SConstruct file itself. Instead, create a file called config.scons and change the values in this file. For example, say you want to use clang instead of your default gcc compiler and you placed the headers and shared library for gRPC in some directories that are not in the compiler's include path, say
~/grpc/include and ~/grpc/lib. Then you can use the following configuration file:
Import('*')
env['CC'] = 'clang'
env['CXX'] = 'clang++'
env.Append(CPPPATH=['~/grpc/include'])
env.Append(LIBPATH=['~/grpc/lib'])This repository provides implementations of SSE as a proof of concept, and cannot really be used for real sensitive applications. In particular, the cryptographic toolkit most probably has many implementation flaws.
The building script builds basic test programs for Sophos, Diana and Janus (respectively sophos_debug, diana_debug, and janus_debug), that are of no use per se, and two pairs of client/server programs for Sophos and Diana (sophos_server and sophos_client for Sophos, and diana_server and diana_client for Diana). These are the ones you are looking for.
The clients usage is as follows
sophos_client [-b client.db] [-l inverted_index.json] [-p] [-r count] [-q] [keyword1 [... keywordn]]
-
-b client.db: use file as the client database (test.csdb by default) -
-l file.json: load the reversed index file.json and add it to the database. file.json is a JSON file with the following structure :
{
"keyword1" : [1,2,3,4],
"keyword2": [11,22,33,44,55]
}In the repo, inverted_index.json is an example of such file.
-p: print stats about the loaded database (number of keywords)-r count: generate a database with count entries. Look at the aux/db_generator.* files to see how such databases are generatedkeyword1 … keywordn: search queries with keyword1 … keywordn.
The servers usage is as follows
sophos_server [-b server.db] [-s]
-b server.db: use file as the server database (test.ssdb by default)-s: use synchronous searches (when searching, the server retrieves all the results before sending them to the client. By default, results are sent once retrieved). I used this option for the benchmarks without RPC.
Unless otherwise stated, the code has been written by Raphael Bost.
OpenSSE Schemes is licensed under the GNU Affero General Public License v3.
