Ejemplo n.º 1
0
def solve(A, low, high):
    A = sorted(set(A))
    N = len(A)

    G = [0] * N
    G[-1] = A[-1]
    for i in reversed(range(N-1)):
        G[i] = int(gmpy.gcd(G[i+1], A[i]))

    #print 'A:', A, ' low=%d high=%d' % (low, high)
    #print 'G:', G

    if low <= A[0]:
        x = solve1(low, A[0], 1, G[0])
        if x is not None:
            return x

    lcm = A[0]
    for i in xrange(N-1):
        x = solve1(max(low, A[i]), min(high, A[i+1]), lcm, G[i+1])
        if x is not None:
            return x
        lcm = int(gmpy.lcm(lcm, A[i+1]))
        if lcm > high:
            break

    if low <= lcm <= high:
        return lcm

    return 'NO'
def elemop(N=1000):
    r'''
    (Takes about 40ms on a first-generation Macbook Pro)
    '''
    for i in range(N):
        assert a+b == 579
        assert a-b == -333
        assert b*a == a*b == 56088
        assert b%a == 87
        assert divmod(a, b) == (0, 123)
        assert divmod(b, a) == (3, 87)
        assert -a == -123
        assert pow(a, 10) == 792594609605189126649
        assert pow(a, 7, b) == 99
        assert cmp(a, b) == -1
        assert '7' in str(c)
        assert '0' not in str(c)
        assert a.sqrt() == 11
        assert _g.lcm(a, b) == 18696
        assert _g.fac(7) == 5040
        assert _g.fib(17) == 1597
        assert _g.divm(b, a, 20) == 12
        assert _g.divm(4, 8, 20) == 3
        assert _g.divm(4, 8, 20) == 3
        assert _g.mpz(20) == 20
        assert _g.mpz(8) == 8
        assert _g.mpz(4) == 4
        assert a.invert(100) == 87
Ejemplo n.º 3
0
def elemop(N=1000):
    r'''
    (Takes about 40ms on a first-generation Macbook Pro)
    '''
    for i in range(N):
        assert a + b == 579
        assert a - b == -333
        assert b * a == a * b == 56088
        assert b % a == 87
        assert divmod(a, b) == (0, 123)
        assert divmod(b, a) == (3, 87)
        assert -a == -123
        assert pow(a, 10) == 792594609605189126649
        assert pow(a, 7, b) == 99
        assert cmp(a, b) == -1
        assert '7' in str(c)
        assert '0' not in str(c)
        assert a.sqrt() == 11
        assert _g.lcm(a, b) == 18696
        assert _g.fac(7) == 5040
        assert _g.fib(17) == 1597
        assert _g.divm(b, a, 20) == 12
        assert _g.divm(4, 8, 20) == 3
        assert _g.divm(4, 8, 20) == 3
        assert _g.mpz(20) == 20
        assert _g.mpz(8) == 8
        assert _g.mpz(4) == 4
        assert a.invert(100) == 87
Ejemplo n.º 4
0
def solve(b, n, m):
    if n <= b:
        return n
    if b == 1:
        return 1
    z = 1
    for i in xrange(b):
        z = lcm(z, m[i])
    c = sum(z / m[i] for i in xrange(b))
    if n % c != 0:
        n -= (n / c) * c
    else:
        n -= ((n - 1) / c) * c
    if n <= b:
        return n
    t = list(m)
    for i in xrange(b, n - 1):
        x = min(t)
        if x > 0:
            for j in xrange(b):
                t[j] -= x
        k = t.index(0)
        t[k] = m[k]
    x = min(t)
    k = t.index(x)
    return k + 1
Ejemplo n.º 5
0
def solve(A, low, high):
    A = sorted(set(A))
    N = len(A)

    G = [0] * N
    G[-1] = A[-1]
    for i in reversed(range(N - 1)):
        G[i] = int(gmpy.gcd(G[i + 1], A[i]))

    #print 'A:', A, ' low=%d high=%d' % (low, high)
    #print 'G:', G

    if low <= A[0]:
        x = solve1(low, A[0], 1, G[0])
        if x is not None:
            return x

    lcm = A[0]
    for i in xrange(N - 1):
        x = solve1(max(low, A[i]), min(high, A[i + 1]), lcm, G[i + 1])
        if x is not None:
            return x
        lcm = int(gmpy.lcm(lcm, A[i + 1]))
        if lcm > high:
            break

    if low <= lcm <= high:
        return lcm

    return 'NO'
Ejemplo n.º 6
0
def atan_coefficients(NN, bits):
    ps = []
    qs = []
    temp = []
    Q = 1
    for k in range(2 * NN + 50):
        p = 1
        q = 2 * k + 1
        if lcm(Q, q) < 2**bits:
            temp.append(mpq(p, q))
            Q = lcm(Q, q)
        else:
            for a in temp:
                ps.append(int(a * Q))
                qs.append(int(Q))
            Q = q
            temp = [mpq(p, q)]
    return ps[:NN], qs[:NN]
def atan_coefficients(NN, bits):
    ps = []
    qs = []
    temp = []
    Q = 1
    for k in range(2*NN+50):
        p = 1
        q = 2*k+1
        if lcm(Q, q) < 2**bits:
            temp.append(mpq(p,q))
            Q = lcm(Q, q)
        else:
            for a in temp:
                ps.append(int(a * Q))
                qs.append(int(Q))
            Q = q
            temp = [mpq(p,q)]
    return ps[:NN], qs[:NN]
Ejemplo n.º 8
0
 def apply(self, ns, evaluation):
     'LCM[ns___Integer]'
     
     ns = ns.get_sequence()
     result = 1
     for n in ns:
         value = n.get_int_value()
         if value is None:
             return
         result = lcm(result, value)
     return Integer(result)
Ejemplo n.º 9
0
	def release(self):
		with self.lock:
			connection = self.engine.connect()
			s = select([db.commonGCDTable.c.product])
			res=connection.execute(s).first()
			if not res is None:
				temp = mpz(res[0])
			else:
				temp = mpz(1)
			lcm = gmp.lcm(temp, self.product)
			s=db.commonGCDTable.update().where(db.commonGCDTable.c.id==1).values(product=str(lcm))
			connection.execute(s)
			connection.close()
Ejemplo n.º 10
0
def gen_key(bits=1024):
    while True:
        p = get_random_prime(bits)
        q = get_random_prime(bits)
        if p != q and gmpy.gcd(p * q, (p - 1) * (q - 1)) == 1:
            break
    n = p * q
    l = int(gmpy.lcm(p - 1, q - 1))
    while True:
        g = randint(1, n**2)
        if gmpy.gcd(g, n**2) == 1:
            break
    u = gmpy.invert(L(pow(g, l, n**2), n), n)
    return (n, g), (l, u)
Ejemplo n.º 11
0
def generate_keys(bit_length):
    # Make an RSA modulus n.
    p = find_random_prime(bit_length / 2)
    while True:
        q = find_random_prime(bit_length / 2)
        if p <> q: break

    n = p * q
    nsq = n * n

    # Calculate Carmichael's function.
    lm = gmpy.lcm(p - 1, q - 1)

    # Generate a generator g in B.
    while True:
        g = rand.randint(1, long(nsq))
        if gmpy.gcd(L(pow(g, lm, nsq), n), n) == 1: break

    return {'n': n, 'g': g}, {'n': n, 'g': g, 'lm': lm}
Ejemplo n.º 12
0
def generate_keys(bit_length):
    # Make an RSA modulus n.
    p = find_random_prime(bit_length/2)
    while True:
        q = find_random_prime(bit_length/2)
        if p<>q: break

    n = p*q
    nsq = n*n

    # Calculate Carmichael's function.
    lm = gmpy.lcm(p-1, q-1)

    # Generate a generator g in B.
    while True:
        g = rand.randint(1, long(nsq))
        if gmpy.gcd(L(pow(g, lm, nsq), n), n) == 1: break

    return {'n':n, 'g': g}, {'n': n, 'g': g, 'lm': lm}
Ejemplo n.º 13
0
 def generate_keys(self):
     self.p = self.rand_prime(self.key_length/2)
     
     while True:
         self.q = self.rand_prime(self.key_length/2)
         if not (self.p == self.q):
             break
         
     self.n = self.p * self.q
     self.nsq = self.n * self.n
     self.lam = lcm(self.p-1, self.q-1)
     
     while True:
         self.g = randint(1, self.nsq)
         if gcd(Paillier.L(pow(self.g, self.lam, self.n), self.n), self.n):
             break
     
     self.public_key = {'n':self.n, 'g':self.g}
     self.private_key = {'n':self.n, 'g':self.g, 'lam':self.lam}
Ejemplo n.º 14
0
def _after_pq(public_key, secret_key):
    p = secret_key.p
    q = secret_key.q
    secret_key.n = public_key.n = n = p * q
    secret_key.n_half = public_key.n_half = n / 2
    t, secret_key.invpmq, secret_key.invqmp = gmpy.gcdext(p, q)

    secret_key.nsq = public_key.nsq = nsq = n * n

    secret_key.qsq = qsq = q * q
    secret_key.psq = psq = p * p

    t, secret_key.invpsqmqsq, secret_key.invqsqmpsq = gmpy.gcdext(psq, qsq)

    secret_key.ordpsq = p * p - p
    secret_key.ordqsq = q * q - q

    # Calculate Carmichael's function.
    secret_key.lm = lm = gmpy.lcm(p - 1, q - 1)
Ejemplo n.º 15
0
    def generate_keys(self):
        self.p = self.rand_prime(self.key_length / 2)

        while True:
            self.q = self.rand_prime(self.key_length / 2)
            if not (self.p == self.q):
                break

        self.n = self.p * self.q
        self.nsq = self.n * self.n
        self.lam = lcm(self.p - 1, self.q - 1)

        while True:
            self.g = randint(1, self.nsq)
            if gcd(Paillier.L(pow(self.g, self.lam, self.n), self.n), self.n):
                break

        self.public_key = {'n': self.n, 'g': self.g}
        self.private_key = {'n': self.n, 'g': self.g, 'lam': self.lam}
Ejemplo n.º 16
0
def generate_keys_gmp(bit_length, generate=generate_g_fast):
    """Generating paillier public and secret keys

    @type bit_length: int

    @type generate: callable
    @param generate: a callable which returns a generator g in B

    @rtype: tuple(PublicKey, SecretKey)
    """

    secret_key = SecretKeyGMP(bit_length)
    public_key = PublicKeyGMP(bit_length)

    secret_key.p = p = find_random_prime(bit_length / 2)
    while 1:
        secret_key.q = q = find_random_prime(bit_length / 2)
        if p != q:
            break

    secret_key.n = public_key.n = n = p * q
    secret_key.n_half = public_key.n_half = n / 2
    t, secret_key.invpmq, secret_key.invqmp = gmpy.gcdext(p, q)

    secret_key.nsq = public_key.nsq = nsq = n * n

    secret_key.qsq = qsq = q * q
    secret_key.psq = psq = p * p

    t, secret_key.invpsqmqsq, secret_key.invqsqmpsq = gmpy.gcdext(psq, qsq)

    secret_key.ordpsq = p * p - p
    secret_key.ordqsq = q * q - q

    # Calculate Carmichael's function.
    secret_key.lm = lm = gmpy.lcm(p - 1, q - 1)

    # Generate a generator g in B.
    public_key.g = secret_key.g = g = generate(secret_key)

    secret_key.denominv = gmpy.invert(L(crt_pow(g, lm, secret_key), n), n)
    return public_key, secret_key
Ejemplo n.º 17
0
Archivo: sol.py Proyecto: zeze-zeze/CTF
# python2
# coding=utf-8
import gmpy
from Crypto.Util import number
from pwn import *


def L(a, b):
    return (a - 1) // b


n = 99157116611790833573985267443453374677300242114595736901854871276546481648883
g = 99157116611790833573985267443453374677300242114595736901854871276546481648884
c = 2433283484328067719826123652791700922735828879195114568755579061061723786565164234075183183699826399799223318790711772573290060335232568738641793425546869

p = 310013024566643256138761337388255591613
q = 319848228152346890121384041219876391791

lam = gmpy.lcm(p - 1, q - 1)
u = number.inverse(L(pow(g, lam, pow(n, 2)), n), n)

m = (L(pow(c, lam, pow(n, 2)), n) * u) % n
flag = unhex(hex(m)[2:])

print flag
Ejemplo n.º 18
0
# thefile = open('remlistfactored.txt', 'w')
# for item in gcdarraywithoutones:
#  thefile.write("%s\n" % item)


psandqs =[]
#print len(gcdarraywithoutones)
#print len(indexofgcd)
for indexofindex in range(len(indexofgcd)):
	modulfound= testdata[indexofgcd[indexofindex]]
	psandqs.append( modulfound/ gcdarraywithoutones[indexofindex]) 
privkeys=[]
RSAkeys =[]
constructKeys=[]
for i in range(len(psandqs)):
	totient= gmpy.lcm(psandqs[i]-1,gcdarraywithoutones[i]-1)
	privkeys.append(gmpy.invert(exp,totient))

# thefile = open('privkeys.txt', 'w')
# for item in privkeys:
#  thefile.write("%s\n" % item)

for indexofindex in range(len(indexofgcd)):
	constructKeys.append([long(testdata[indexofgcd[indexofindex]]),long(exp),long(privkeys[indexofindex])])

for key in constructKeys:
	RSAkeys.append(RSA.construct(key))

for key in RSAkeys:
	try:
		result=	pbp.decrypt(key, open('1.2.4_ciphertext.enc.asc').read())