def setUp(self):
self.a1 = Fq(48, 199)
self.b1 = Fq(50, 199)
self.c1 = Fq(62, 199)
self.A1 = EC.get_point_from_x(self.a1)
self.B1 = EC.get_point_from_x(self.b1)
self.a2 = Fq2(self.b1, self.a1)
self.b2 = Fq2(self.b1, self.c1)
self.A2 = TwistedEC.get_point_from_x(self.a2)
self.B2 = TwistedEC.get_point_from_x(self.b2)
self.g1 = EC.from_affine(g1_x, g1_y)
self.g2 = TwistedEC.from_affine(g2_x, g2_y)
def untwist(P):
q = P.X.q
root = Fq6(Fq2.zero(q), Fq2.one(q), Fq2.zero(q))
zero = Fq6.zero(q)
omega2 = Fq12(root, zero)
omega3 = Fq12(zero, root)
return EC.from_affine(omega2.inverse() * P.x, omega3.inverse() * P.y)
def test_twisted_EC_over_Fq2(self):
self.assertTrue(self.A2.is_on_curve())
self.assertEqual(self.A2 + self.A2, self.A2.double())
self.assertTrue((self.A2 + self.A2).is_on_curve())
self.assertTrue(self.A2.double().is_on_curve())
self.assertTrue((self.A2 * 100).is_on_curve())
self.assertTrue((self.A2 - self.A2).is_infinity())
self.assertEqual((self.A2 + EC.infinity(self.a2)), self.A2)
self.assertEqual(self.A2 + self.A2 + self.A2 + self.B2 + self.B2,
3 * self.A2 + 2 * self.B2)
def test_EC_over_Fq(self):
self.assertTrue(self.A1.is_on_curve())
self.assertEqual(self.A1 + self.A1, self.A1.double())
self.assertTrue((self.A1 + self.A1).is_on_curve())
self.assertTrue(self.A1.double().is_on_curve())
self.assertTrue((self.A1 * 100).is_on_curve())
self.assertTrue((self.A1 - self.A1).is_infinity())
self.assertEqual((self.A1 + EC.infinity(self.a1)), self.A1)
self.assertEqual(self.A1 + self.A1 + self.A1 + self.B1 + self.B1,
3 * self.A1 + 2 * self.B1)
def setUp(self):
self.g1 = EC.from_affine(g1_x, g1_y)
self.g2 = TwistedEC.from_affine(g2_x, g2_y)
self.sk_0 = int(uniform(1, r))
self.sk_1 = int(uniform(1, r))
self.pk_0 = key_gen(self.sk_0)
self.pk_1 = key_gen(self.sk_1)
self.msg_0 = self.g2 * int(uniform(1, r))
self.msg_1 = self.g2 * int(uniform(1, r))
self.sigma_0_0 = sign(self.msg_0, self.sk_0)
self.sigma_0_1 = sign(self.msg_0, self.sk_1)
self.sigma_1_0 = sign(self.msg_1, self.sk_0)
self.sigma_1_1 = sign(self.msg_1, self.sk_1)
q_t = 36 * (t**4) + 36 * (t**3) + 24 * (t**2) + 6 * t + 1
p = q_t
a = 1
b = 0x05
n_t = 36 * (t**4) + 36 * (t**3) + 18 * (t**2) + 6 * t + 1
n = n_t
cf = 1
k = 12
# TODO: beta
# beta =
d_1 = 1
d_2 = 2
cid = 0x12
fp = finite_field.get_prime_finite_field_element_class(q_t, 'fp')
ec_g_1 = EC(fp(a), fp(b))
# TODO: correct?
ec_g_2 = EC(SM9G2(fp(a)), SM9G2(fp(b)))
x_p_1 = 0x93DE051D_62BF718F_F5ED0704_487D01D6_E1E40869_09DC3280_E8C4E481_7C66DDDD
y_p_1 = 0x21FE8DDA_4F21E607_63106512_5C395BBC_1C1C00CB_FA602435_0C464CD7_0A3EA616
p_1 = ECPoint(ec_g_1, fp(x_p_1), fp(y_p_1))
x_p_2 = (
0x85AEF3D0_78640C98_597B6027_B441A01F_F1DD2C19_0F5E93C4_54806C11_D8806141,
0x37227552_92130B08_D2AAB97F_D34EC120_EE265948_D19C17AB_F9B7213B_AF82D65B)
y_p_2 = (
0x17509B09_2E845C12_66BA0D26_2CBEE6ED_0736A96F_A347C8BD_856DC76B_84EBEB96,
0xA7CF28D5_19BE3DA6_5F317015_3D278FF2_47EFBA98_A71A0811_6215BBA5_C999A7C7)
p_2 = ECPoint(ec_g_2, SM9G2(fp(x_p_2[0]), fp(x_p_2[1])),
SM9G2(fp(y_p_2[0]), fp(y_p_2[1])))
import math import matplotlib.pyplot as plot from coord import Coord # Set Dimention P = 11 # Elliptic curve params a = 2 b = 4 from ec import EC ec = EC(a, b, P) # Adding points p1 = Coord(2, 4) p2 = Coord(3, 9) p3 = ec.add(p1, p2) print p1 print p2 print p3 # Snversing points p4 = ec.neg(p3) print p4 # multiplying by the number p5 = ec.mul(p1, 2) print p5
from paring import paring
from params import g1_x, g1_y, g2_x, g2_y, q, q_bits
from ec import EC, TwistedEC
from fields import Fq, Fq2
g1 = EC.from_affine(g1_x, g1_y)
g2 = TwistedEC.from_affine(g2_x, g2_y)
def sign(message, private_key):
return message * private_key
def verify(message, signature, public_key):
if not signature.is_on_curve():
return False
return paring(public_key, message, exp=True) == paring(g1,
signature,
exp=True)
def key_gen(private_key):
return g1 * private_key
def compress(point):
res = 0
for i, x in enumerate(point.x):
res += x << (i * q_bits)
res += (point.y > -point.y) << (
2 * q_bits) # Encodes the parity bit for the Y co-ord
from ec import EC, ECPoint import finite_field ''' p = 0xFFFFFFFE_FFFFFFFF_FFFFFFFF_FFFFFFFF_FFFFFFFF_00000000_FFFFFFFF_FFFFFFFF a = 0xFFFFFFFE_FFFFFFFF_FFFFFFFF_FFFFFFFF_FFFFFFFF_00000000_FFFFFFFF_FFFFFFFC b = 0x28E9FA9E_9D9F5E34_4D5A9E4B_CF6509A7_F39789F5_15AB8F92_DDBCBD41_4D940E93 n = 0xFFFFFFFE_FFFFFFFF_FFFFFFFF_FFFFFFFF_7203DF6B_21C6052B_53BBF409_39D54123 Gx = 0x32C4AE2C_1F198119_5F990446_6A39C994_8FE30BBF_F2660BE1_715A4589_334C74C7 Gy = 0xBC3736A2_F4F6779C_59BDCEE3_6B692153_D0A9877C_C62A4740_02DF32E5_2139F0A0 fp = finite_field.get_prime_finite_field_element_class(p, '_fp') ec = EC(fp(a), fp(b)) g = ECPoint(ec, fp(Gx), fp(Gy)) ''' p = 0x8542D69E_4C044F18_E8B92435_BF6FF7DE_45728391_5C45517D_722EDB8B_08F1DFC3 a = 0x787968B4_FA32C3FD_2417842E_73BBFEFF_2F3C848B_6831D7E0_EC65228B_3937E498 b = 0x63E4C6D3_B23B0C84_9CF84241_484BFE48_F61D59A5_B16BA06E_6E12D1DA_27C5249A n = 0x8542D69E_4C044F18_E8B92435_BF6FF7DD_29772063_0485628D_5AE74EE7_C32E79B7 Gx = 0x421DEBD6_1B62EAB6_746434EB_C3CC315E_32220B3B_ADD50BDC_4C4E6C14_7FEDD43D Gy = 0x0680512B_CBB42C07_D47349D2_153B70C4_E5D7FDFC_BFA36EA1_A85841B9_E46E09A2 fp = finite_field.get_prime_finite_field_element_class(p, '_fp') ec = EC(fp(a), fp(b)) g = ECPoint(ec, fp(Gx), fp(Gy))
def verify_msg_sign(msg, sign, K, ec):
#1. calculate challenge c' = h(msg, [r*G + c*K])
c_prime = h_msg(
msg,
EC_point.add(ec.n_times_g(sign[1]), ec.n_times_point(K, sign[0]), ec))
#2. if c' = c signature is valid
print('msg verfication successfull == ', sign[0] == c_prime)
def msg_signing(msg, ec):
k = randint(1, ec.p)
K = ec.n_times_g(k)
sign = get_msg_sign(msg, k, K, ec)
verify_msg_sign(msg, sign, K, ec)
if __name__ == '__main__':
ec = EC(2, 2, 17, EC_point(5, 1))
# ec = EC(5,3,137,EC_point(1,3))
# schnorr(ec)
# not_interactive_schnorr(ec)
msg_signing('Greetings verifier!', ec)