libpep 0.12.0

Library for polymorphic encryption and pseudonymization
Documentation
const {
    Attribute,
    GroupElement,
    makeDistributedGlobalKeys,
    DistributedTranscryptor,
    Client,
    Pseudonym,
    PseudonymizationDomain,
    EncryptionContext,
} = require("../../pkg/libpep.js");

test('n_pep', async () => {
    const n = 3;

    // Create distributed global keys.
    const [globalPublicKeys, blindedGlobalKeys, blindingFactors] = makeDistributedGlobalKeys(n);

    // Initialize systems.
    const systems = Array.from({ length: n }, (_, i) => {
        const pseudonymizationSecret = `secret-${i}`;
        const encryptionSecret = `secret-${i}`;
        const blindingFactor = blindingFactors[i];
        return new DistributedTranscryptor(pseudonymizationSecret, encryptionSecret, blindingFactor);
    });

    // Create pseudonymization domains and encryption contexts.
    const domainA = new PseudonymizationDomain("user-a");
    const domainB = new PseudonymizationDomain("user-b");
    const sessionA1 = new EncryptionContext("session-a1");
    const sessionB1 = new EncryptionContext("session-b1");

    // Generate session key shares using the convenience method.
    const sksA1 = systems.map(system => system.sessionKeyShares(sessionA1));
    const sksB1 = systems.map(system => system.sessionKeyShares(sessionB1));

    // Create PEP clients using the standard constructor.
    const clientA = new Client(
        blindedGlobalKeys,
        sksA1
    );
    const clientB = new Client(
        blindedGlobalKeys,
        sksB1
    );

    // Generate random pseudonym and data point.
    const pseudonym = Pseudonym.random();
    const data = new Attribute(GroupElement.random());

    // Encrypt pseudonym and data.
    const encPseudo = clientA.encryptPseudonym(pseudonym);
    const encData = clientA.encryptData(data);

    // Transcrypt pseudonym and rekey data.
    const transcryptedPseudo = systems.reduce((acc, system) =>
        system.pseudonymize(acc, system.pseudonymizationInfo(domainA, domainB, sessionA1, sessionB1)), encPseudo);

    const transcryptedData = systems.reduce((acc, system) =>
        system.rekey(acc, system.attributeRekeyInfo(sessionA1, sessionB1)), encData);

    // Decrypt pseudonym and data.
    const decPseudo = clientB.decryptPseudonym(transcryptedPseudo);
    const decData = clientB.decryptData(transcryptedData);

    // Assert equality and inequality.
    expect(decData.toHex()).toEqual(data.toHex());
    expect(decPseudo).not.toEqual(pseudonym);

    // Reverse pseudonymization.
    const revPseudonymized = systems.reduce((acc, system) =>
        system.pseudonymize(acc, system.pseudonymizationInfo(domainA, domainB, sessionA1, sessionB1).reverse()), transcryptedPseudo);

    const revDecPseudo = clientA.decryptPseudonym(revPseudonymized);
    expect(revDecPseudo.toHex()).toEqual(pseudonym.toHex());
});