Example #1
0
def MLSAG_Gen(pk, xx, index ):
    rows = len(xx)
    cols = len(pk[0])
    print("Generating MG sig of size ", rows, "x", cols)
    c= [None] * cols
    alpha = skvGen(rows)
    I = keyImageV(xx)
    L = keyMatrix(rows, cols)
    R = keyMatrix(rows, cols)
    s = keyMatrix(rows, cols)
    m = ''.join(pk[0])
    for i in range(1, cols):
        m = m + ''.join(pk[i])
    L[index] = [MiniNero.scalarmultBase(aa) for aa in alpha] #L = aG
    Hi = hashKeyVector(pk[index])
    R[index] = [MiniNero.scalarmultKey(Hi[ii], alpha[ii]) for ii in range(0, rows)] #R = aI
    oldi = index
    i = (index + 1) % cols
    c[i] = MiniNero.cn_fast_hash(m+''.join(L[oldi]) + ''.join(R[oldi]))
    
    while i != index:
        s[i] = skvGen(rows)
        L[i] = [MiniNero.addKeys1(s[i][j], c[i], pk[i][j]) for j in range(0, rows)]

        Hi = hashKeyVector(pk[i])
        R[i] = [MiniNero.addKeys2( s[i][j], Hi[j], c[i], I[j]) for j in range(0, rows)]
        oldi = i
        i = (i + 1) % cols
        c[i] = MiniNero.cn_fast_hash(m+''.join(L[oldi]) + ''.join(R[oldi]))
    print("L", L)
    print("R", R)
    s[index] = [MiniNero.sc_mulsub_keys(alpha[j], c[index], xx[j]) for j in range(0, rows)] #alpha - c * x
    return I, c[0], s
Example #2
0
def LLW_Sig(pk, xx, index):
    n = len(pk)
    print("Generating LLW sig of length ", n)
    L = [None] * n
    R = [None] * n
    c = [None] * n
    s = [PaperWallet.skGen() for i in range(0, n)]
    HP = [MiniNero.hashToPoint_ct(i) for i in pk]
    pj = ''.join(pk)
    keyimage = keyImage(xx)  #ok
    s[index] = MiniNero.mul_8(s[index])
    L[index] = MiniNero.scalarmultBase(s[index])
    R[index] = MiniNero.scalarmultKey(HP[index], s[index])  #aH
    j = (index + 1) % n
    c[j] = MiniNero.cn_fast_hash(pj + L[index] + R[index])
    while j != index:
        L[j] = MiniNero.addKeys(MiniNero.scalarmultBase(s[j]),
                                MiniNero.scalarmultKey(pk[j],
                                                       c[j]))  #Lj = sG + cxG
        R[j] = MiniNero.addKeys(MiniNero.scalarmultKey(HP[j], s[j]),
                                MiniNero.scalarmultKey(keyimage,
                                                       c[j]))  #Rj = sH + cxH
        cj = (j + 1) % n
        c[cj] = MiniNero.cn_fast_hash(pj + L[j] +
                                      R[j])  #c j+1 = H(pk + Lj + Rj
        j = cj  #increment j
    s[index] = MiniNero.sc_mulsub_keys(s[index], c[index],
                                       xx)  #si = a - c x so a = s + c x
    print("sigma = ", keyimage, c[0], s[:])
    return keyimage, c[0], s[:]
Example #3
0
def ecdhDecode(masked, receiverSk):
    rv = ecdhTuple()
    #compute shared secret
    sharedSec1 = MiniNero.cn_fast_hash(MiniNero.scalarmultKey(masked.senderPk, receiverSk))
    sharedSec2 = MiniNero.cn_fast_hash(sharedSec1)
    #encode
    rv.mask = MiniNero.sc_sub_keys(masked.mask, sharedSec1)
    rv.amount = MiniNero.sc_sub_keys(masked.amount, sharedSec1)
    return rv
Example #4
0
def ecdhEncode(unmasked, receiverPk):
    rv = ecdhTuple()
    #compute shared secret
    esk, rv.senderPk = PaperWallet.skpkGen()
    sharedSec1 = MiniNero.cn_fast_hash(MiniNero.scalarmultKey(receiverPk, esk))
    sharedSec2 = MiniNero.cn_fast_hash(sharedSec1)
    #encode
    rv.mask = MiniNero.sc_add_keys(unmasked.mask, sharedSec1)
    rv.amount = MiniNero.sc_add_keys(unmasked.amount, sharedSec1)
    return rv
Example #5
0
def ecdhDecode(masked, receiverSk):
    rv = ecdhTuple()
    #compute shared secret
    sharedSec1 = MiniNero.cn_fast_hash(
        MiniNero.scalarmultKey(masked.senderPk, receiverSk))
    sharedSec2 = MiniNero.cn_fast_hash(sharedSec1)
    #encode
    rv.mask = MiniNero.sc_sub_keys(masked.mask, sharedSec1)
    rv.amount = MiniNero.sc_sub_keys(masked.amount, sharedSec1)
    return rv
Example #6
0
def ecdhEncode(unmasked, receiverPk):    
    rv = ecdhTuple()
    #compute shared secret
    esk, rv.senderPk =  PaperWallet.skpkGen()
    sharedSec1 = MiniNero.cn_fast_hash(MiniNero.scalarmultKey(receiverPk, esk));
    sharedSec2 = MiniNero.cn_fast_hash(sharedSec1)
    #encode
    rv.mask = MiniNero.sc_add_keys(unmasked.mask, sharedSec1)
    rv.amount = MiniNero.sc_add_keys(unmasked.amount, sharedSec1)
    return rv
Example #7
0
def VerSchnorrNonLinkable(P1, P2, L1, s1, s2):
    c2 = MiniNero.cn_fast_hash(L1)
    L2 = MiniNero.addKeys(MiniNero.scalarmultBase(s2), MiniNero.scalarmultKey(P2, c2))
    c1 = MiniNero.cn_fast_hash(L2)
    L1p = MiniNero.addKeys(MiniNero.scalarmultBase(s1), MiniNero.scalarmultKey(P1, c1))
    if L1 == L1p:
        print"Verified"
        return 0
    else:
        print "Didn't verify"
        print(L1,"!=",  L1p)
        return -1
Example #8
0
def VerSchnorrNonLinkable(P1, P2, L1, s1, s2):
    c2 = MiniNero.cn_fast_hash(L1)
    L2 = MiniNero.addKeys(MiniNero.scalarmultBase(s2),
                          MiniNero.scalarmultKey(P2, c2))
    c1 = MiniNero.cn_fast_hash(L2)
    L1p = MiniNero.addKeys(MiniNero.scalarmultBase(s1),
                           MiniNero.scalarmultKey(P1, c1))
    if L1 == L1p:
        print "Verified"
        return 0
    else:
        print "Didn't verify"
        print(L1, "!=", L1p)
        return -1
Example #9
0
def MLSAG_Ver(pk, keyimage, c1, s ):
    rows = len(pk)
    cols = len(pk[0])
    print("verifying MLSAG sig of dimensions ",rows ,"x ", cols)
    L = [[None]*cols]
    R = [[None]*cols]
    pj = ''.join(pk[0])
    for i in range(1, rows):
      L.append([None] * cols)
      R.append([None] * cols)
      pj = pj + ''.join(pk[i])
    c= [None]*(cols+1) #you do an extra one, and then check the wrap around 
    HP = [[MiniNero.hashToPoint_cn(i) for i in pk[0]]]
    for j in range(1, rows):
      HP.append([MiniNero.hashToPoint_cn(i) for i in pk[j]])
    c[0] = c1
    j = 0
    while j < cols:
      tohash = pj
      for i in range(0, rows):
        L[i][j] = MiniNero.addKeys(MiniNero.scalarmultBase(s[i][j]), MiniNero.scalarmultKey(pk[i][j], c[j]))
        R[i][j] = MiniNero.addKeys(MiniNero.scalarmultKey(HP[i][j], s[i][j]), MiniNero.scalarmultKey(keyimage[i], c[j]))
        tohash = tohash + L[i][j] + R[i][j]
      j = j + 1
      c[j] = MiniNero.cn_fast_hash(tohash)

    rv = (c[0] == c[cols])
    print("c", c)
    print("sig verifies?", rv)
    
    return rv
Example #10
0
def MLSAG_Ver(pk, I, c0, s ):
    rows = len(pk)
    cols = len(pk[0])
    print("verifying MG sig of dimensions ",rows ,"x ", cols)
    c= [None] * (cols + 1)
    c[0] = c0
    L = keyMatrix(rows, cols)
    R = keyMatrix(rows, cols)
    m = ''.join(pk[0])
    for i in range(1, cols):
        m = m + ''.join(pk[i])
    i = 0
    while i < cols:
        L[i] = [MiniNero.addKeys1(s[i][j], c[i], pk[i][j]) for j in range(0, rows)]

        Hi = hashKeyVector(pk[i])
        R[i] = [MiniNero.addKeys2( s[i][j], Hi[j], c[i], I[j]) for j in range(0, rows)]

        oldi = i
        i = i + 1
        c[i] = MiniNero.cn_fast_hash(m+''.join(L[oldi]) + ''.join(R[oldi]))
    print("L", L)
    print("R", R) 
    print("c", c)

    return (c0 == c[cols])
Example #11
0
def VerSchnorr(hash_prefix, pub, r, c):
    #hash_prefix = binascii.hexlify(prefix)
    check1 = MiniNero.toPoint(pub) 
    comm = MiniNero.addKeys(MiniNero.scalarmultKey(pub,c), MiniNero.scalarmultBase(r))
    c2 = MiniNero.cn_fast_hash(hash_prefix + pub + comm)
    print(MiniNero.sc_sub_keys(c, c2) == "0000000000000000000000000000000000000000000000000000000000000000")
    return (MiniNero.sc_sub_keys(c, c2) == "0000000000000000000000000000000000000000000000000000000000000000")
Example #12
0
def MLSAG_Ver(pk, I, c0, s):
    rows = len(pk[0])
    cols = len(pk)
    print("verifying MG sig of dimensions ", rows, "x ", cols)
    c = [None] * (cols + 1)
    c[0] = c0
    L = keyMatrix(rows, cols)
    R = keyMatrix(rows, cols)
    m = ''.join(pk[0])
    for i in range(1, cols):
        m = m + ''.join(pk[i])
    i = 0
    while i < cols:
        L[i] = [
            MiniNero.addKeys1(s[i][j], c[i], pk[i][j]) for j in range(0, rows)
        ]

        Hi = hashKeyVector(pk[i])
        R[i] = [
            MiniNero.addKeys2(s[i][j], Hi[j], c[i], I[j])
            for j in range(0, rows)
        ]

        oldi = i
        i = i + 1
        c[i] = MiniNero.cn_fast_hash(m + ''.join(L[oldi]) + ''.join(R[oldi]))
    print("L", L)
    print("R", R)
    print("c", c)

    return (c0 == c[cols])
Example #13
0
def MLSAG_Gen(pk, xx, index):
    rows = len(xx)
    cols = len(pk)
    print("Generating MG sig of size ", rows, "x", cols)
    print("index is:", index)
    print("checking if I can actually sign")
    print(pk[index])
    print([MiniNero.scalarmultBase(x) for x in xx])
    c = [None] * cols
    alpha = skvGen(rows)
    I = keyImageV(xx)
    L = keyMatrix(rows, cols)
    R = keyMatrix(rows, cols)
    s = keyMatrix(rows, cols)
    m = ''.join(pk[0])
    for i in range(1, cols):
        m = m + ''.join(pk[i])
    L[index] = [MiniNero.scalarmultBase(aa) for aa in alpha]  #L = aG
    Hi = hashKeyVector(pk[index])
    R[index] = [
        MiniNero.scalarmultKey(Hi[ii], alpha[ii]) for ii in range(0, rows)
    ]  #R = aI
    oldi = index
    i = (index + 1) % cols
    c[i] = MiniNero.cn_fast_hash(m + ''.join(L[oldi]) + ''.join(R[oldi]))

    while i != index:
        s[i] = skvGen(rows)
        L[i] = [
            MiniNero.addKeys1(s[i][j], c[i], pk[i][j]) for j in range(0, rows)
        ]

        Hi = hashKeyVector(pk[i])
        R[i] = [
            MiniNero.addKeys2(s[i][j], Hi[j], c[i], I[j])
            for j in range(0, rows)
        ]
        oldi = i
        i = (i + 1) % cols
        c[i] = MiniNero.cn_fast_hash(m + ''.join(L[oldi]) + ''.join(R[oldi]))
    print("L", L)
    print("R", R)
    s[index] = [
        MiniNero.sc_mulsub_keys(alpha[j], c[index], xx[j])
        for j in range(0, rows)
    ]  #alpha - c * x
    return I, c[0], s
Example #14
0
def GenSchnorrNonLinkable(x, P1, P2, index):
    if index == 0:
        a = PaperWallet.skGen()
        L1 = MiniNero.scalarmultBase(a)
        s2 = PaperWallet.skGen()
        c2 = MiniNero.cn_fast_hash(L1)
        L2 = MiniNero.addKeys(MiniNero.scalarmultBase(s2), MiniNero.scalarmultKey(P2, c2))
        c1 = MiniNero.cn_fast_hash(L2)
        s1 = MiniNero.sc_mulsub_keys(a,  x, c1)
    if index == 1:
        a = PaperWallet.skGen()
        L2 = MiniNero.scalarmultBase(a)
        s1 = PaperWallet.skGen()
        c1 = MiniNero.cn_fast_hash(L2)
        L1 = MiniNero.addKeys(MiniNero.scalarmultBase(s1), MiniNero.scalarmultKey(P1, c1))
        c2 = MiniNero.cn_fast_hash(L1)
        s2 = MiniNero.sc_mulsub_keys(a,  x, c2)
    return L1, s1, s2,
Example #15
0
def deterministicVK():
    while True:
        print('.'),
        tmp = MiniNero.intToHex(rand.getrandbits(64 *
                                                 8))  # 8 bits to a byte ...
        sk = MiniNero.sc_reduce_key(MiniNero.cn_fast_hash(tmp))

        #s = "3c817618dcbfed122a64e592bb441d73300da9123686224a84e0eab1f075117e"; for testing
        #sk = MiniNero.sc_reduce_key(s)
        vk = MiniNero.getViewMM(sk)  #note this is the sc_reduced version..
        worked = 1
        try:
            MiniNero.toPoint(vk)
        except:
            worked = 0
            print("bad vk")
        if vk == MiniNero.sc_reduce_key(
                vk) and worked == 1:  #already reduced + vk on curve
            break

    print("found keys")
    print("secret spend key:", sk)
    print("secret view key:", vk)
    vk2 = MiniNero.cn_fast_hash(MiniNero.scalarmultKey(vk, 2))
    print("secret view key2:", vk2)
    vk3 = MiniNero.cn_fast_hash(MiniNero.scalarmultKey(vk, 3))
    print("secret view key3:", vk3)

    pk = MiniNero.publicFromSecret(sk)
    print("public spend key:", pk)
    pvk = MiniNero.publicFromSecret(vk)
    print("public view key:", pvk)
    pvk2 = MiniNero.publicFromSecret(vk2)
    print("public view key2:", pvk2)
    pvk3 = MiniNero.publicFromSecret(vk3)
    print("public view key3:", pvk3)

    addr = MiniNero.getAddrMM(sk)
    print("in future this will get all addresses")
    print("receiving address", addr)
    wl = mnemonic.mn_encode(s)
    cks = MiniNero.electrumChecksum(wl)
    print(cks)
    print("mnemonic:", wl + " " + cks)
Example #16
0
def VerASNL(P1, P2, L1, s2, s):
    #Aggregate Schnorr Non-Linkable
    print("Verifying Aggregate Schnorr Non-linkable Ring Signature")
    n = len(P1)
    LHS = MiniNero.scalarmultBase(MiniNero.intToHex(0))
    RHS = MiniNero.scalarmultBase(s)
    for j in range(0, n):
        c2 = MiniNero.cn_fast_hash(L1[j])
        L2 = MiniNero.addKeys(MiniNero.scalarmultBase(s2[j]), MiniNero.scalarmultKey(P2[j], c2))
        LHS = MiniNero.addKeys(LHS, L1[j])
        c1 = MiniNero.cn_fast_hash(L2)
        RHS = MiniNero.addKeys(RHS, MiniNero.scalarmultKey(P1[j], c1))
    if LHS == RHS:
        print"Verified"
        return 0
    else:
        print "Didn't verify"
        print(LHS,"!=",  RHS)
        return -1
Example #17
0
def deterministicVK():
    while True:
        print("."),
        tmp = MiniNero.intToHex(rand.getrandbits(64 * 8))  # 8 bits to a byte ...
        sk = MiniNero.sc_reduce_key(MiniNero.cn_fast_hash(tmp))

        # s = "3c817618dcbfed122a64e592bb441d73300da9123686224a84e0eab1f075117e"; for testing
        # sk = MiniNero.sc_reduce_key(s)
        vk = MiniNero.getViewMM(sk)  # note this is the sc_reduced version..
        worked = 1
        try:
            MiniNero.toPoint(vk)
        except:
            worked = 0
            print("bad vk")
        if vk == MiniNero.sc_reduce_key(vk) and worked == 1:  # already reduced + vk on curve
            break

    print("found keys")
    print("secret spend key:", sk)
    print("secret view key:", vk)
    vk2 = MiniNero.cn_fast_hash(MiniNero.scalarmultKey(vk, 2))
    print("secret view key2:", vk2)
    vk3 = MiniNero.cn_fast_hash(MiniNero.scalarmultKey(vk, 3))
    print("secret view key3:", vk3)

    pk = MiniNero.publicFromSecret(sk)
    print("public spend key:", pk)
    pvk = MiniNero.publicFromSecret(vk)
    print("public view key:", pvk)
    pvk2 = MiniNero.publicFromSecret(vk2)
    print("public view key2:", pvk2)
    pvk3 = MiniNero.publicFromSecret(vk3)
    print("public view key3:", pvk3)

    addr = MiniNero.getAddrMM(sk)
    print("in future this will get all addresses")
    print("receiving address", addr)
    wl = mnemonic.mn_encode(s)
    cks = MiniNero.electrumChecksum(wl)
    print(cks)
    print("mnemonic:", wl + " " + cks)
Example #18
0
def GenSchnorrNonLinkable(x, P1, P2, index):
    if index == 0:
        a = PaperWallet.skGen()
        L1 = MiniNero.scalarmultBase(a)
        s2 = PaperWallet.skGen()
        c2 = MiniNero.cn_fast_hash(L1)
        L2 = MiniNero.addKeys(MiniNero.scalarmultBase(s2),
                              MiniNero.scalarmultKey(P2, c2))
        c1 = MiniNero.cn_fast_hash(L2)
        s1 = MiniNero.sc_mulsub_keys(a, x, c1)
    if index == 1:
        a = PaperWallet.skGen()
        L2 = MiniNero.scalarmultBase(a)
        s1 = PaperWallet.skGen()
        c1 = MiniNero.cn_fast_hash(L2)
        L1 = MiniNero.addKeys(MiniNero.scalarmultBase(s1),
                              MiniNero.scalarmultKey(P1, c1))
        c2 = MiniNero.cn_fast_hash(L1)
        s2 = MiniNero.sc_mulsub_keys(a, x, c2)
    return L1, s1, s2,
Example #19
0
def VerSchnorr(hash_prefix, pub, r, c):
    #hash_prefix = binascii.hexlify(prefix)
    check1 = MiniNero.toPoint(pub)
    comm = MiniNero.addKeys(MiniNero.scalarmultKey(pub, c),
                            MiniNero.scalarmultBase(r))
    c2 = MiniNero.cn_fast_hash(hash_prefix + pub + comm)
    print(
        MiniNero.sc_sub_keys(c, c2) ==
        "0000000000000000000000000000000000000000000000000000000000000000")
    return (MiniNero.sc_sub_keys(c, c2) ==
            "0000000000000000000000000000000000000000000000000000000000000000")
Example #20
0
def VerASNL(P1, P2, L1, s2, s):
    #Aggregate Schnorr Non-Linkable
    print("Verifying Aggregate Schnorr Non-linkable Ring Signature")
    n = len(P1)
    LHS = MiniNero.scalarmultBase(MiniNero.intToHex(0))
    RHS = MiniNero.scalarmultBase(s)
    for j in range(0, n):
        c2 = MiniNero.cn_fast_hash(L1[j])
        L2 = MiniNero.addKeys(MiniNero.scalarmultBase(s2[j]),
                              MiniNero.scalarmultKey(P2[j], c2))
        LHS = MiniNero.addKeys(LHS, L1[j])
        c1 = MiniNero.cn_fast_hash(L2)
        RHS = MiniNero.addKeys(RHS, MiniNero.scalarmultKey(P1[j], c1))
    if LHS == RHS:
        print "Verified"
        return 0
    else:
        print "Didn't verify"
        print(LHS, "!=", RHS)
        return -1
Example #21
0
def GenSchnorr(hash_prefix, pub, sec, k): 
    #modified from original algorithm to match Monero better
    #see the ag schnorr pdf for original alg.
    #Note in Monero, hash prefix is always 32 bytes..
    #hash_prefix = binascii.hexlify(prefix) 
    #k = PaperWallet.skGen() #comment for testing
    comm = MiniNero.scalarmultBase(k)
    print("comm", "hash_prefix", comm, hash_prefix)
    if MiniNero.scalarmultBase(sec) != pub:
        print"error in genSchnorr"
        return -1
    if MiniNero.sc_check(sec) == False:
        print "fail in geSchnorr"
        return -1
    c = MiniNero.sc_reduce_key(MiniNero.cn_fast_hash(hash_prefix + pub + comm))
    r = MiniNero.sc_sub_keys(k, MiniNero.sc_mul_keys(c, sec))
    #uncomment to test malleability
    c = MiniNero.sc_reduce_key(MiniNero.cn_fast_hash(hash_prefix + pub + comm))
    r = MiniNero.sc_unreduce_key(MiniNero.sc_sub_keys(k, MiniNero.sc_mul_keys(c, sec)))

    return r, c
Example #22
0
def GenSchnorr(hash_prefix, pub, sec, k):
    #modified from original algorithm to match ByteRub better
    #see the ag schnorr pdf for original alg.
    #Note in ByteRub, hash prefix is always 32 bytes..
    #hash_prefix = binascii.hexlify(prefix)
    #k = PaperWallet.skGen() #comment for testing
    comm = MiniNero.scalarmultBase(k)
    print("comm", "hash_prefix", comm, hash_prefix)
    if MiniNero.scalarmultBase(sec) != pub:
        print "error in genSchnorr"
        return -1
    if MiniNero.sc_check(sec) == False:
        print "fail in geSchnorr"
        return -1
    c = MiniNero.sc_reduce_key(MiniNero.cn_fast_hash(hash_prefix + pub + comm))
    r = MiniNero.sc_sub_keys(k, MiniNero.sc_mul_keys(c, sec))
    #uncomment to test malleability
    c = MiniNero.sc_reduce_key(MiniNero.cn_fast_hash(hash_prefix + pub + comm))
    r = MiniNero.sc_unreduce_key(
        MiniNero.sc_sub_keys(k, MiniNero.sc_mul_keys(c, sec)))

    return r, c
Example #23
0
def MLSAG_Sign(pk, xx, index):
    rows = len(xx)
    cols = len(pk[0])
    print("Generating MLSAG sig of dimensions ",rows ,"x ", cols)
    L = [[None] * cols] #list of keyvectors? except it's indexed by cols... it's kind of internal actually
    R = [[None] * cols]
    s = [[PaperWallet.skGen() for i in range(0, cols)] ] #first index is rows, second is cols, wonder if I should switch that..
    HP = [[MiniNero.hashToPoint_cn(i) for i in pk[0]]]

    pj = ''.join(pk[0])  
    for i in range(1, rows):
      L.append([None] * cols)
      R.append([None] * cols)
      s.append([PaperWallet.skGen() for j in range(0, cols)])
      HP.append([MiniNero.hashToPoint_cn(j) for j in pk[i]]) 
      pj = pj + ''.join(pk[i])

    c= [None] * cols #1-dimensional
    keyimage = keyImage(xx, rows) #ok
    for i in range(0, rows):
      L[i][index] = MiniNero.scalarmultBase(s[i][index]) #aG
      R[i][index] = MiniNero.scalarmultKey(HP[i][index], s[i][index]) #aH
    j = (index + 1) % cols
    tohash = pj
    for i in range(0, rows):
      tohash = tohash + L[i][index] + R[i][index]
    c[j] = MiniNero.cn_fast_hash(tohash)
    while j != index:
      tohash = pj
      for i in range(0, rows):
        L[i][j] = MiniNero.addKeys(MiniNero.scalarmultBase(s[i][j]), MiniNero.scalarmultKey(pk[i][j], c[j])) #Lj = sG + cxG
        R[i][j] = MiniNero.addKeys(MiniNero.scalarmultKey(HP[i][j], s[i][j]), MiniNero.scalarmultKey(keyimage[i], c[j])) #Rj = sH + cxH
        tohash = tohash + L[i][j] + R[i][j]
      j = (j + 1) % cols
      c[j] = MiniNero.cn_fast_hash(tohash)
    for i in range(0, rows):
      s[i][index] = MiniNero.sc_mulsub_keys(s[i][index], c[index], xx[i]) #si = a - c x so a = s + c x
    return keyimage, c[0], s
Example #24
0
def LLW_Sig(pk, xx, index ):
    n = len(pk)
    print("Generating LLW sig of length ", n)
    L = [None] * n
    R = [None] * n
    c= [None] * n
    s = [PaperWallet.skGen() for i in range(0, n)] 
    HP = [MiniNero.hashToPoint_ct(i) for i in pk]
    pj = ''.join(pk)
    keyimage = keyImage(xx) #ok
    s[index] = MiniNero.mul_8(s[index])
    L[index] = MiniNero.scalarmultBase(s[index])
    R[index] = MiniNero.scalarmultKey(HP[index], s[index]) #aH
    j = (index + 1) % n
    c[j] = MiniNero.cn_fast_hash(pj+L[index]+R[index])
    while j != index:
        L[j] = MiniNero.addKeys(MiniNero.scalarmultBase(s[j]), MiniNero.scalarmultKey(pk[j], c[j])) #Lj = sG + cxG
        R[j] = MiniNero.addKeys(MiniNero.scalarmultKey(HP[j], s[j]), MiniNero.scalarmultKey(keyimage, c[j])) #Rj = sH + cxH
        cj = (j + 1) % n
        c[cj] = MiniNero.cn_fast_hash(pj + L[j] + R[j]) #c j+1 = H(pk + Lj + Rj
        j = cj #increment j
    s[index] = MiniNero.sc_mulsub_keys(s[index], c[index], xx) #si = a - c x so a = s + c x
    print("sigma = ", keyimage, c[0], s[:])
    return keyimage, c[0], s[:]
Example #25
0
def LLW_Ver(pk, keyimage, c1, s):
    n= len(pk) #ok
    print("verifying LLW sig of length", n)
    L = [None]*n
    R = [None]*n
    c= [None]*(n+1)
    pj = ''.join(pk)
    HP = [MiniNero.hashToPoint_ct(i) for i in pk]
    c[0] = c1
    j = 0
    while j < n:
        L[j] = MiniNero.addKeys(MiniNero.scalarmultBase(s[j]), MiniNero.scalarmultKey(pk[j], c[j]))
        R[j] = MiniNero.addKeys(MiniNero.scalarmultKey(HP[j], s[j]), MiniNero.scalarmultKey(keyimage, c[j]))
        cj = j + 1
        c[cj] = MiniNero.cn_fast_hash(pj + L[j] + R[j])
        j = cj
    rv = (c[0] == c[n])
    print("sig verifies complete", rv)
    print("c", c)
    print("L", L)
    print("R", R)
    return rv
Example #26
0
def LLW_Ver(pk, keyimage, c1, s):
    n = len(pk)  #ok
    print("verifying LLW sig of length", n)
    L = [None] * n
    R = [None] * n
    c = [None] * (n + 1)
    pj = ''.join(pk)
    HP = [MiniNero.hashToPoint_ct(i) for i in pk]
    c[0] = c1
    j = 0
    while j < n:
        L[j] = MiniNero.addKeys(MiniNero.scalarmultBase(s[j]),
                                MiniNero.scalarmultKey(pk[j], c[j]))
        R[j] = MiniNero.addKeys(MiniNero.scalarmultKey(HP[j], s[j]),
                                MiniNero.scalarmultKey(keyimage, c[j]))
        cj = j + 1
        c[cj] = MiniNero.cn_fast_hash(pj + L[j] + R[j])
        j = cj
    rv = (c[0] == c[n])
    print("sig verifies complete", rv)
    print("c", c)
    print("L", L)
    print("R", R)
    return rv
Example #27
0
#you += hash(pubkey || index) to both the private scalar and public point
#<tacotime> [02:35:38] so to get priv_i and pub_i
#<tacotime> [02:36:06] priv_i = (priv + hash) mod N
#<tacotime> [02:37:17] pub_i = (pub + scalarbasemult(hash))
import MiniNero
import PaperWallet

sk, vk, pk, pvk, addr, wl, cks = PaperWallet.keysBoth()

print("making keychain")
for i in range(1, 600):
    index = MiniNero.intToHex(i)
    has = MiniNero.cn_fast_hash(pk + index)
    sk1 = MiniNero.sc_add_keys(sk, has)
    pk1 = MiniNero.addKeys(pk, MiniNero.scalarmultBase(has))
    pk1_check =  MiniNero.publicFromSecret(sk1)
    print("Check", pk1== pk1_check)
    print(sk1)
    #print("i, sk, pk", i, sk1, pk1)
Example #28
0
def ecdhRetrieve(x, pk):
    sspub = MiniNero.scalarmultKey(pk, x)
    ss1 = MiniNero.cn_fast_hash(sspub)
    ss2 = MiniNero.cn_fast_hash(ss1)
    return ss1, ss2
Example #29
0
def cnHashOfFile(filepath):
    #c.f. github.com/ShenNoether/btcProof sha256OfFile
    bin_data = open(filepath, 'rb').read()
    hex_data = binascii.hexlify(bin_data)
    print(hex_data)
    return MiniNero.cn_fast_hash(hex_data)
Example #30
0
        print(aG)
        print(MiniNero.scalarmultKey(aG, a))
    if sys.argv[1] == "add":
        #once it's good
        A = PaperWallet.pkGen()
        A = "75819750158570adc58ad6f932c3704661d6cd8eafd3a14818293a17790fbf71"
        B = PaperWallet.pkGen()
        B = "5fbc56c82c6e40596c673e301b63e100f08b97723ead425ed38f2b55c7a6454f"
        AB = MiniNero.addKeys(A, B)
        Translator.hexToC(A)
        Translator.hexToC(B)
        print(AB)
        AAB = MiniNero.addKeys(AB, A)
        print("AAB", AAB)
        print("hash")
        print(MiniNero.sc_reduce_key(MiniNero.cn_fast_hash(A)))
        aAbB = MiniNero.addKeys(MiniNero.scalarmultKey(A, A), MiniNero.scalarmultKey(B, B))
        print("testing addKeys3")
        print(aAbB)

    if sys.argv[1] == "rs":
        #once it's good
        sk = MiniNero.randomScalar()
    if sys.argv[1] == "mn":
        #checking decoding mnemonic
        #seed = "code elope foiled knapsack abyss fishing wayside also joining auburn robot sonic inquest obnoxious pact gave smash itches fierce darted owed queen pool fruit auburn"
        seed = "down hairy tattoo ointment austere lush fossil symptoms vary sonic ultimate onslaught pioneer aerial kept linen unnoticed ahead weavers injury buzzer inquest justice nightly symptoms"
        seed = "unzip festival cease fences value anchor waking tomorrow ritual hookup guarded antics cease"
        sk = MiniNero.recoverSK(seed)
        print("sk", sk)
        print("addr my monero", MiniNero.getAddr(sk))
Example #31
0
def ecdhGen(P):
    ephembytes, ephempub = PaperWallet.skpkGen()
    sspub = MiniNero.scalarmultKey(P, ephembytes)  # (receiver pub) * (sender ecdh sk)
    ss1 = MiniNero.cn_fast_hash(sspub)
    ss2 = MiniNero.cn_fast_hash(ss1)
    return ephembytes, ephempub, ss1, ss2
Example #32
0
#you += hash(pubkey || index) to both the private scalar and public point
#<tacotime> [02:35:38] so to get priv_i and pub_i
#<tacotime> [02:36:06] priv_i = (priv + hash) mod N
#<tacotime> [02:37:17] pub_i = (pub + scalarbasemult(hash))
import MiniNero
import PaperWallet

sk, vk, pk, pvk, addr, wl, cks = PaperWallet.keysBoth()

print("making keychain")
for i in range(1, 600):
    index = MiniNero.intToHex(i)
    has = MiniNero.cn_fast_hash(pk + index)
    sk1 = MiniNero.sc_add_keys(sk, has)
    pk1 = MiniNero.addKeys(pk, MiniNero.scalarmultBase(has))
    pk1_check = MiniNero.publicFromSecret(sk1)
    print("Check", pk1 == pk1_check)
    print(sk1)
    #print("i, sk, pk", i, sk1, pk1)
Example #33
0
def ecdhRetrieve(x, pk):
  sspub = MiniNero.scalarmultKey(pk, x)
  ss1 = MiniNero.cn_fast_hash(sspub)
  ss2 = MiniNero.cn_fast_hash(ss1)
  return ss1, ss2
Example #34
0
def ecdhGen(P):
  ephembytes, ephempub = PaperWallet.skpkGen() 
  sspub = MiniNero.scalarmultKey(P, ephembytes) #(receiver pub) * (sender ecdh sk)
  ss1 = MiniNero.cn_fast_hash(sspub)
  ss2 = MiniNero.cn_fast_hash(ss1)
  return ephembytes, ephempub, ss1, ss2
Example #35
0
        print(aG)
        print(MiniNero.scalarmultKey(aG, a))
    if sys.argv[1] == "add":
        #once it's good
        A = PaperWallet.pkGen()
        A = "75819750158570adc58ad6f932c3704661d6cd8eafd3a14818293a17790fbf71"
        B = PaperWallet.pkGen()
        B = "5fbc56c82c6e40596c673e301b63e100f08b97723ead425ed38f2b55c7a6454f"
        AB = MiniNero.addKeys(A, B)
        Translator.hexToC(A)
        Translator.hexToC(B)
        print(AB)
        AAB = MiniNero.addKeys(AB, A)
        print("AAB", AAB)
        print("hash")
        print(MiniNero.sc_reduce_key(MiniNero.cn_fast_hash(A)))
        aAbB = MiniNero.addKeys(MiniNero.scalarmultKey(A, A),
                                MiniNero.scalarmultKey(B, B))
        print("testing addKeys3")
        print(aAbB)

    if sys.argv[1] == "rs":
        #once it's good
        sk = MiniNero.randomScalar()
    if sys.argv[1] == "mn":
        #checking decoding mnemonic
        #seed = "code elope foiled knapsack abyss fishing wayside also joining auburn robot sonic inquest obnoxious pact gave smash itches fierce darted owed queen pool fruit auburn"
        seed = "down hairy tattoo ointment austere lush fossil symptoms vary sonic ultimate onslaught pioneer aerial kept linen unnoticed ahead weavers injury buzzer inquest justice nightly symptoms"
        seed = "unzip festival cease fences value anchor waking tomorrow ritual hookup guarded antics cease"
        sk = MiniNero.recoverSK(seed)
        print("sk", sk)