def test():
"""
randomly generate a couple prng seeds, then
test syncing up with them
"""
seeds = [random.randint(1,6257-1) for i in range(5)]
prngs = [prng(seed=i) for i in seeds]
cur_states = [get_state(p) for p in prngs]
good_states = [p.state for p in prngs]
print("good states: ",good_states)
print("recovered states: ",cur_states)
if cur_states == good_states:
return True
else:
return False
def test():
"""
randomly generate a couple prng seeds, then
test syncing up with them
"""
seeds = [random.randint(1, 6257 - 1) for i in range(5)]
prngs = [prng(seed=i) for i in seeds]
cur_states = [get_state(p) for p in prngs]
good_states = [p.state for p in prngs]
print("good states: ", good_states)
print("recovered states: ", cur_states)
if cur_states == good_states:
return True
else:
return False
def __init__(self, out):
"""
given the initial output,
init out guesser so we can guess
all remaining outputs
"""
prime = 331337
F = FiniteField(prime, 1)
C = EllipticCurve(a=F(1), b=F(1))
e = F(3) #backdoor! we'd have to pre-compute this
xs = [(i << 15) | out for i in range(16)]
print("xs:", xs)
vals = [x * x * x + C.a * x + C.b for x in xs]
print("vals:", vals)
print(time.time(), ":", "finding roots...")
# at this point, *some* vals won't be quadratic
# residues, thus invalid points. But, we must
# associate each possible preimage with its root
coords = [] # list of tuples (x,y)
for i in range(len(xs)):
try:
t = tonelli_shanks(vals[i].n, prime)
coords.append((xs[i], t[0]))
coords.append((xs[i], t[1]))
except Exception:
# not quadratic residue
pass
print("coords:", coords)
print(time.time(), ":", "making points...")
points = [Point(C, F(c[0]), F(c[1])) for c in coords]
print(time.time(), ":", "recovering states...")
states = [(e.n * T).x.n for T in points]
print("states:", states)
print(time.time(), ":", "generating candidates...")
self.candidates = [prng(seed=s) for s in states]
def __init__(self, out):
"""
given the initial output,
init out guesser so we can guess
all remaining outputs
"""
prime=331337
F = FiniteField(prime,1)
C = EllipticCurve(a=F(1),b=F(1))
e = F(3) #backdoor! we'd have to pre-compute this
xs = [(i<<15) | out for i in range(16)]
print("xs:",xs)
vals = [x*x*x + C.a * x + C.b for x in xs]
print("vals:",vals)
print(time.time(),":","finding roots...")
# at this point, *some* vals won't be quadratic
# residues, thus invalid points. But, we must
# associate each possible preimage with its root
coords = [] # list of tuples (x,y)
for i in range(len(xs)):
try:
t = tonelli_shanks(vals[i].n,prime)
coords.append( (xs[i], t[0]) )
coords.append( (xs[i], t[1]) )
except Exception:
# not quadratic residue
pass
print("coords:",coords)
print(time.time(),":","making points...")
points = [Point(C,F(c[0]),F(c[1])) for c in coords]
print(time.time(),":","recovering states...")
states = [(e.n*T).x.n for T in points]
print("states:",states)
print(time.time(),":","generating candidates...")
self.candidates = [prng(seed=s) for s in states]