def distributed_Paillier_key_generation(self): self.generator = self.N + 1 self.modulus_KN = self.secure_K * self.N self.modulus_KKN = self.secure_K * self.secure_K * self.N random_state = gmpy2.random_state(int(time.time() * 100000)) self.beta = gmpy2.mpz_random(random_state, self.modulus_KN) random_state = gmpy2.random_state(int(time.time() * 100000)) self.ri = gmpy2.mpz_random(random_state, self.modulus_KKN) self.ri_delta = self.delta * self.ri self.pq_sum = self.pi + self.qi self.send_pq_sum(self.pq_sum) pq_sum_list = self.receive_pq_sum_list() self.phi = self.N + 1 - pq_sum_list[0] - pq_sum_list[1] - pq_sum_list[2] self.thetai = self.delta * self.phi * self.beta + self.N * self.delta * self.ri self.send_thetai(self.thetai) thetai_list = self.receive_thetai_list() self.theta = thetai_list[0] + thetai_list[1] + thetai_list[2] self.fi = self.N * self.Ri_sharing(self.ri_delta, self.modulus_KKN) - self.theta # verification key self.r_vk = self.gen_coprime(self.N * self.N) self.vk = gmpy2.powmod(self.r_vk, 2, self.N * self.N) self.vki = gmpy2.powmod(self.vk, self.delta * self.fi, self.N * self.N)
def generate_random(bit_size, include_negative_range, seeded, full_range): global global_random_state if not seeded or global_random_state is None: global_random_state = gmpy2.random_state() x = zero if full_range: x = gmpy2.mul_2exp(one, bit_size - 1) tmp = 0 if bit_size < 33: tmp = gmpy2.mpz_random(global_random_state, RAND_MAX) temp = (1 << bit_size) x = gmpy2.f_mod(tmp, temp) if include_negative_range: tmp = gmpy2.mul_2exp(one, bit_size - 1) x = gmpy2.sub(x, tmp) return x for i in range(bit_size - 32, 0 - 1, -32): tmp = gmpy2.mpz_random(global_random_state, RAND_MAX) tmp = gmpy2.mul_2exp(tmp, i) x = gmpy2.add(x, tmp) x = gmpy2.add(x, gmpy2.mpz_random(global_random_state, RAND_MAX)) if include_negative_range: tmp = gmpy2.mul_2exp(one, bit_size - 1) x = gmpy2.sub(x, tmp) return mpz(x)
def __init__(self,prime,prim_root,random_state): self.p=mpz(prime) self.g=mpz(prim_root) self.k1=gmpy2.mpz_random(random_state,prime) self.x1=gmpy2.powmod(self.g,self.k1,self.p) self.k11=gmpy2.mpz_random(random_state,prime) self.x11=gmpy2.powmod(self.g,self.k1,self.p)
def elliptical_curve(n, process_id): # I decided not to finish the implementation of this algo as the learning curve for implementation was steep # and not worth it. I left this code here to show that I tried though. print("Pollard p-1 Part 2: The Lenstra Boogolo") print(process_id, "ECM Called") # vars to maintain the generation loop coor_x, coor_y = 0, 0 # generate curve # TODO: Not sure if these random ranges are correct coor_x, coor_y = gmpy2.mpz_random(gmpy2.random_state(), n), gmpy2.mpz_random( gmpy2.random_state(), n) a = gmpy2.mpz_random(gmpy2.random_state(), n) # b = y^2 - ax - x^3 b = gmpy2.f_mod((coor_y * coor_y - a * coor_x - coor_x * coor_x * coor_x), n) # TODO: The wikipedia says there's checks you can do for the curve at this point by I don't want to put in the # effort, however this note is here as a reminder in case things aren't working # (while loop to check this stuff?) # is this the right check? (delta) # generate point curr_x = coor_x curr_y = coor_y # range to loop to current = 2 work_limit = random.randint(10000000, 1000000000) # loop to do the monster math # TODO: loop to do the actual ECM stuff # return value since this is broken and un finished return 1
def share(x, N): # P1 random_state = gmpy2.random_state(int(time.time() * 10000)) x1 = gmpy2.mpz_random(random_state, N) random_state = gmpy2.random_state(int(time.time() * 10001)) x2 = gmpy2.mpz_random(random_state, N) x3 = (x - x1 - x2) % N return [x1, x2, x3]
def mult(share_tuple, N): share_sum = (share_tuple[0] + share_tuple[1] + share_tuple[2]) % N share_sum_square = (share_sum * share_sum) % N random_state = gmpy2.random_state(int(time.time() * 10000)) share1 = gmpy2.mpz_random(random_state, N) random_state = gmpy2.random_state(int(time.time() * 10001)) share2 = gmpy2.mpz_random(random_state, N) share0 = (share_sum_square - share1 - share2) % N return [share0, share1, share2]
def enc(pub, plain): #(public key, plaintext) cipher = mpz() r = mpz_random(rand, pub.n) while (gcd(r, pub.n) != 1): r = mpz_random(rand, pub.n) cipher = powmod( mul(powmod(pub.g, plain, pub.n_sq), powmod(r, pub.n, pub.n_sq)), 1, pub.n_sq) return cipher
def generate_keys(q, p, g): # generates private key x and public key y x = gmp.mpz_random(gmp.random_state(random.randint(0, 367263292)), q) while x == 0: x = gmp.mpz_random(random.randint(0, 367263292), q) y = gmp.powmod(g, x, p) return x, y
def pick_pq(self): pq = mpz(2) random_state = gmpy2.random_state(int(time.time()*100000)) if self.PartyIndex == 1: while gmpy2.f_mod(pq, 4) != 3 or (pq - pow(2, self.KeyLength - 1) <= 0): pq = gmpy2.mpz_random(random_state, pow(2, self.KeyLength)) else: while gmpy2.f_mod(pq, 4) != 0 or (pq - pow(2, self.KeyLength - 1) <= 0): pq = gmpy2.mpz_random(random_state, pow(2, self.KeyLength)) return pq
def ranp(N): # P1 random_state = gmpy2.random_state(int(time.time() * 10000)) a11 = gmpy2.mpz_random(random_state, N) random_state = gmpy2.random_state(int(time.time() * 10001)) a12 = gmpy2.mpz_random(random_state, N) random_state = gmpy2.random_state(int(time.time() * 10002)) a13 = gmpy2.mpz_random(random_state, N) # P2 random_state = gmpy2.random_state(int(time.time() * 10000)) a21 = gmpy2.mpz_random(random_state, N) random_state = gmpy2.random_state(int(time.time() * 10001)) a22 = gmpy2.mpz_random(random_state, N) random_state = gmpy2.random_state(int(time.time() * 10002)) a23 = gmpy2.mpz_random(random_state, N) # P3 random_state = gmpy2.random_state(int(time.time() * 10000)) a31 = gmpy2.mpz_random(random_state, N) random_state = gmpy2.random_state(int(time.time() * 10001)) a32 = gmpy2.mpz_random(random_state, N) random_state = gmpy2.random_state(int(time.time() * 10002)) a33 = gmpy2.mpz_random(random_state, N) # compute sharing a1 = (a11 + a21 + a31) % N a2 = (a12 + a22 + a32) % N a3 = (a13 + a23 + a33) % N return (a1, a2, a3)
def PRandFld(modulus): # P1 random_state = gmpy2.random_state(int(time.time() * 10000)) a1 = gmpy2.mpz_random(random_state, int(modulus/3)) # P2 random_state = gmpy2.random_state(int(time.time() * 10000)) a2 = gmpy2.mpz_random(random_state, int(modulus/3)) # P3 random_state = gmpy2.random_state(int(time.time() * 10000)) a3 = gmpy2.mpz_random(random_state, int(modulus/3)) return (a1, a2, a3)
def encrypt(pub, plain): one = gmpy2.mpz(1) state = gmpy2.random_state(int_time()) r = gmpy2.mpz_random(state, pub.n) while gmpy2.gcd(r, pub.n) != one: state = gmpy2.random_state(int_time()) r = gmpy2.mpz_random(state, pub.n) x = gmpy2.powmod(r, pub.n, pub.n_sq) cipher = gmpy2.f_mod(gmpy2.mul(gmpy2.powmod(pub.g, plain, pub.n_sq), x), pub.n_sq) return cipher
def generate_secret_key(self): tmp = mpz() self.sk = gmpy2.mul_2exp(1, eta - 1) random_state = gmpy2.random_state(mpz(time.time())) i = eta - 32 while i >= 0: tmp = gmpy2.mpz_random(random_state, RAND_MAX) tmp = gmpy2.mul_2exp(tmp, i) self.sk += tmp i -= 32 self.sk += gmpy2.mpz_random(random_state, RAND_MAX) self.sk = mpz(self.sk * 2 + 1)
def solver(): (e, d, N) = rsa_init(e=3) original_message = "A" * 20 enc = encrypt(original_message, e, N) msg = mpz(a2h(original_message), base=16) s = mpz_random(rstate, N) while s < 2: s = mpz_random(rstate, N) new_enc = t_mod(pow(s, e, N) * enc, N) assert new_enc != enc dec = decrypt(new_enc, d, N) assert msg == t_mod(dec * invert(s, N), N) return
def process_f(N): while True: j = gmpy2.mpz_random(random_state, int(lg(N))) + 1 r = gmpy2.mpz_random(random_state, 2**j) q = 2**j + r if q > N: continue p, alpha = prime_power(q) if not p: continue l = gmpy2.mpfr_random(random_state) if l < delta_n(N, p, alpha) * 2**int(lg(q)): return p, alpha
def gen_keys(): rs = gmpy2.random_state(hash(gmpy2.random_state())) P = gmpy2.mpz_urandomb(rs, mpz('128')) P = gmpy2.next_prime(P) Q = gmpy2.mpz_urandomb(rs, mpz('128')) Q = gmpy2.next_prime(Q) N = P*Q Fi = (P-1)*(Q-1) Pkey = gmpy2.mpz_random(rs, Fi) while not (gmpy2.gcd(Fi, Pkey) == 1): Pkey = gmpy2.mpz_random(rs, Fi) Skey = gmpy2.invert(Pkey, Fi) assert gmpy2.t_mod(Skey*Pkey,Fi) == 1 return Pkey, Skey, N
def new_prime(n_bits=1024): """ is_prime: Miller-Rabin's test (default=25 times) """ upper_bound = gmpy2.mpz(2**n_bits) state = gmpy2.random_state(int_time()) rand_num = gmpy2.mpz_random(state, upper_bound) rand_num = gmpy2.bit_set(rand_num, n_bits - 1) while not gmpy2.is_prime(rand_num): state = gmpy2.random_state(int_time()) rand_num = gmpy2.mpz_random(state, upper_bound) rand_num = gmpy2.bit_set(rand_num, n_bits - 1) return rand_num
def _generate_random_number(self): """ :return: random number """ rstate = random_state() r = randint(40, 100) return f_mod(mpz_random(rstate, 2 << r).bit_set(0).bit_set(r), self.N)
def generate_sparse_matrix(u_1, modified_secret_key, x_p): global global_random_state seed = mpz(time.time()) global_random_state = gmpy2.random_state(seed) Theta_vector = [0 for _ in range(Theta)] for i in range(1, Theta): Theta_vector[i] = generate_random(kappa + 1, False, True, False) modified_secret_key[0] = True for i in range(1, Theta): modified_secret_key[i] = False count = theta - 1 gmpy2.random_state() while count > 0: index = gmpy2.mpz_random(global_random_state, RAND_MAX) % Theta if not modified_secret_key[index]: modified_secret_key[index] = True count -= 1 sum_ = zero temp = gmpy2.mul_2exp(one, kappa + 1) for i in range(1, Theta): if modified_secret_key[i]: sum_ = gmpy2.add(sum_, Theta_vector[i]) sum_ %= temp u_1 = gmpy2.sub(x_p, sum_) if u_1 < zero: u_1 = gmpy2.add(temp, u_1) return mpz(seed), mpz(u_1)
def mult_share(share_tuple_1, share_tuple_2, N): if not isinstance(share_tuple_1, list): share_1 = share_tuple_1 else: share_1 = (share_tuple_1[0] + share_tuple_1[1] + share_tuple_1[2]) % N if not isinstance(share_tuple_2, list): share_2 = share_tuple_2 else: share_2 = (share_tuple_2[0] + share_tuple_2[1] + share_tuple_2[2]) % N share_mult = (share_1 * share_2) % N random_state = gmpy2.random_state(int(time.time() * 10000)) share1 = gmpy2.mpz_random(random_state, N) random_state = gmpy2.random_state(int(time.time() * 10001)) share2 = gmpy2.mpz_random(random_state, N) share0 = (share_mult - share1 - share2) % N return [share0, share1, share2]
def step_2(): a = gmpy2.mpz_random(rstate, N) A = powmod(g, a, N) Client['A'] = A Client['a'] = a Client['M'] = M return (M, A)
def algorithmRabin_Miller(n, s): random_state = gmpy2.random_state(int(round(time() * 1000))) for j in range (1, s+1): a = gmpy2.mpz_random(random_state, n) if algorithmWitness(a, n) == 1: return 1 return 0
def step_3(M, A): Server['M'] = M Server['A'] = A b = gmpy2.mpz_random(rstate, N) B = (k * Server['v']) + powmod(g, b, N) Server['b'] = b Server['B'] = B return (Server['salt'], B)
def generate_keys(prime=PRIME): while True: e = gmpy2.mpz_random(state, prime - 2) if gmpy2.gcd(e, prime - 1) == 1 and e > 2: break d = gmpy2.invert(e, prime - 1) # return encryption and decryption keys return e, d
def genKeys(p, q, g, B=None): priv = None if B is None: d = mpz_random(rstate, q - 1) + 1 priv = d B = pow(g, d, p) pub = (p, q, g, B) return (pub, priv)
def genP(L, q): minK = (pow(2, L - 1) + (q - 1)) // q maxK = (pow(2, L) - 1) // q while True: k = mpz_random(rstate, maxK - minK) + minK p = k * q + 1 if is_prime(p): return (k, p)
def KeyGen(self): p = self.PP['p'] g = self.PP['g'] state = self.random_state x = gmpy2.mpz_random(state, 999) g_x = g**x return {'pk': g_x, 'sk': x}
def KeyGen(self, PP): p = PP['p'] g = PP['g'] state = self.random_state x = gmpy2.mpz_random(state, random_SIZE) g_x = g**x return {'pk': g_x, 'sk': x}
def primoRelativo(self, phi): x = 0 mdc = 0 seed = gmpy2.random_state(int(datetime.now().microsecond)) while mdc != 1: x = gmpy2.mpz_random(seed,phi ) + 1 mdc = self.euclides(x, phi) return x
def gen_keys(): rs = gmpy2.random_state(hash(gmpy2.random_state())) P = gmpy2.mpz_urandomb(rs, mpz('256')) P = gmpy2.next_prime(P) Q = gmpy2.mpz_urandomb(rs, mpz('256')) Q = gmpy2.next_prime(Q) N = P*Q Fi = (P-1)*(Q-1) Pkey = gmpy2.mpz_random(rs, Fi) while not (gmpy2.gcd(Fi, Pkey) == 1): Pkey = gmpy2.mpz_random(rs, Fi) Skey = gmpy2.invert(Pkey, Fi) print('Публичный ключ: ') print(Pkey) print('Приватный ключ:') print(Skey) print('N:') print(N)
def process_f_with_multiplicative_group(N): while True: j = gmpy2.mpz_random(random_state, int(lg(N))) + 1 r = gmpy2.mpz_random(random_state, 2**j) if j < threshold_bits: # For small numbers, run the old process_f # Multiplicative group hint can be computed later r = gmpy2.mpz_random(random_state, 2**j) q = 2**j + r if q > N: continue p, alpha = prime_power(q) if not p: continue l = gmpy2.mpfr_random(random_state) if l < delta_n(N, p, alpha) * 2**int(lg(q)): return p, alpha, {} else: # Generate a random factored number between (2 ** j - 1) and (2 ** (j + 1) - 2) # This is so that we get the multiplicative group of q x, xf = process_r(2**(j + 1) - 2) q = x + 1 if q > N: continue p, alpha = prime_power(q) if not p: continue l = gmpy2.mpfr_random(random_state) if l < delta_n(N, p, alpha) * 2**int(lg(q)): if alpha == 1: phi_hint = xf else: # This is a special case: in this case xf isn't the multiplicative group # But luckily since p^alpha - 1 = (p - 1) * (1 + p + ... + p^(alpha - 1)) # we will still have all the factors to get the factorisation of p - 1 phi_hint = [] remaining_x = x for f in xf: if remaining_x % f == 0: phi_hint.append(f) remaining_x /= f if remaining_x == 1: break return p, alpha, {p: phi_hint}
def generate_keypair(seed: int): rand_state = seed # m = bytes_to_long(input.encode('utf-8')) p, q = generate_prime(bit_count, rand_state), generate_prime(bit_count, rand_state) flag = good_pair(p, q) while not flag: p, q = generate_prime(bit_count, rand_state), generate_prime( bit_count, rand_state) flag = good_pair(p, q) n = gmpy2.mul(p, q) phi = gmpy2.mul(p - 1, q - 1) # print("p:", p) # print("q:", q) print("n:", n) # print("phi:", phi) e = gmpy2.mpz_random(rand_state, phi) while e <= 1 or gmpy2.gcd(e, phi) != 1: e = gmpy2.mpz_random(rand_state, phi) assert (e > 1) assert (gmpy2.gcd(e, phi) == 1) d = gmpy2.invert(e, phi) assert (d != 1) assert (gmpy2.t_mod(e * d, phi) == 1) # print("PK(e):", e) # print("SK(d):", d) return { 'public': { 'n': n, 'e': e, }, 'private': { 'n': n, 'd': d, } }
def aby_prng(Len): """Generates a random mpz with bitlength Len.""" global global_random_state if global_random_state is None: global_random_state = gmpy2.random_state(int(time.time())) result = mpz(0) for i in range(Len): if gmpy2.mpz_random(global_random_state, 2) == 1: result += gmpy2.exp2(i) return mpz(result)
def get_random_int(n): i = random.randint(0,2**30) # better random nunber generator return gmpy2.mpz_random(gmpy2.random_state(i), n)
def randg(n): y = gmpy2.mpz_random(rs, n) while gmpy2.gcd(y, n) != 1: y = gmpy2.mpz_random(rs, n) return y
def RandomInteger(Min = rand_min, Max = rand_max): return Min + gmpy2.mpz_random(random_state, Max - Min + 1)
def get_prime(length): a = gmpy2.mpz_random(rstate,2<<length).bit_set(0).bit_set(length) while not gmpy2.is_prime(a): a = a+2 return a
def gerarPrimo(self, limInf, limSup): seed = gmpy2.random_state(int(datetime.now().microsecond)) primo = gmpy2.mpz_random(seed,(limSup - limInf + 1)) + limInf while not gmpy2.is_prime(primo): primo = gmpy2.mpz_random(seed,(limSup - limInf + 1)) + limInf return primo