def create_key(lowlimit, uplimit):
if lowlimit < 0.25 or uplimit < 0.25:
return (0, 0)
if lowlimit > 0.4 or uplimit > 0.4:
return (0, 0)
Nsize = 1280
pqsize = Nsize // 2
N = 0
while (N.bit_length() != Nsize):
while True:
p = number.getStrongPrime(pqsize)
q = number.getStrongPrime(pqsize)
if abs(p - q).bit_length() > (Nsize * 0.496):
break
N = p * q
phi = (p - 1) * (q - 1)
while True:
d = number.getRandomRange(pow(2, int(Nsize * lowlimit)),
pow(2,
int(Nsize * uplimit) + 1))
if number.GCD(d, phi) != 1:
continue
e = number.inverse(d, phi)
if number.GCD(e, phi) != 1:
continue
break
return (N, e)
def keygen():
good = 0
psize = 16
while good != 1:
p, q = genBasePrimes(psize)
a = p * q
C = p % q
K = q % p
G = (q % p) % p
H = (p % q) % q
J = (C + K + G + H) + 1
t = ((p - 1) * (q - 1))
n = (((p * q) / (G + H)) * ((K / G) + (G / H)) + (p / q))
s = (t % ((p - 1) * (q - 1) * G * H * K * C))
pk = (number.getRandomRange(1, s))
g = number.GCD(pk, s)
while g != 1:
pk = (number.getRandomRange(1, s))
g = number.GCD(pk, s)
if g == 1:
break
sk = number.inverse(pk, s)
if pk != None:
if testencrypt(pk, sk, n):
good = 1
return sk, pk, n, p, q, C, K, t
def keygen():
good = 0
psize = 512
while good != 1:
# Generate base primes
p, q, a, b = genBasePrimes(psize)
C = p % q
K = q % p
G = (p % q) + (q)
H = (p % q) + (p)
# Generate the mask
M = ((K * G) * (C + K) / K) + (((p / q) + (q / p)) / (K + C))
# Generate the modulus
n = ((C * K) * (C + K) / C) + (((a / b) + (b / a)) / (K + C))
while number.isPrime(n):
n += 1
# Cloak the totient
s = ((p - 1) * (q - 1) * p)
t = ((a - 1) * (b - 1) * s * a * q)
# Generate the public key
pk = (number.getRandomRange(1, t))
g = number.GCD(pk, t)
while g != 1:
pk = (number.getRandomRange(1, t))
g = number.GCD(pk, t)
if g == 1:
break
# Generate the secret key
sk = number.inverse(pk, t)
if pk != None:
if testencrypt(pk, sk, n, M):
good = 1
return sk, pk, n, M
def __init__(self):
print("\tINICIALIZANDO VALORES DE RSA")
# 1. Dos números primos aleatorios
#self.p = number.getStrongPrime(512)
#self.q = number.getStrongPrime(512)
self.p = number.getPrime(330)
self.q = number.getPrime(330)
# 2. Se calcula n = p*q
self.n = self.p * self.q
# 3. Se calcula la función de Euler
# Phi(n) = (p-1)(q-1)
self.phi = (self.p - 1) * (self.q - 1)
# 4. Entero positivo 'e' menor que 'phi' y que sea coprimo con 'phi'
#self.e = number.getPrime(128)
self.e = self.phi - 2
g = number.GCD(self.e, self.phi)
while not g == 1:
#self.e += 1
self.e -= 1
g = number.GCD(self.e, self.phi)
# 5. Se determina 'd' que satisfaga la congruencia e*d = 1 (mod Phi(n))
self.d = number.inverse(self.e, self.phi)
def commonModAttack(e, d, n):
''' Algorithm (explained in class) to recover the primes p and q
given the key pair
'''
from math import log2
r = e * d - 1
t = 0
while not r & 1:
t += 1
r = r >> 1
numberOfAttempts = 1
while True:
g = number.getRandomInteger(int(log2(n)))
p = number.GCD(g, n)
if p > 1:
print("Hurry up to Vegas? It's your lucky day!")
return p, div(n, p)[0]
x = modexp(g, r, n)
x2 = modprod(x, x, n)
while x2 != 1:
x = x2
x2 = modprod(x, x, n)
p = number.GCD(x - 1, n)
if p > 1:
print("Success after {} attempts".format(numberOfAttempts))
return p, div(n, p)[0]
numberOfAttempts += 1
def keygen():
good = 0
psize = 512
while good != 1:
# Generate base primes
p, q, a, b = genBasePrimes(psize)
# Generate cloaking paramers
C = (p % q)
K = (q % p) + 1
#K = (q % p) + 1
G = (p % q) + (q)
H = (p % q) + (p)
U = (a % b) + a
V = (b % a) + b
J = (C + K + G + H + U + V)
# Generate the cloaking mask
M = J * U * G
# Generate the modulus
n = a * b
# Generate the totient
t = ((J - 1) * (U - 1) * (a - 1) * (b - 1) * (G - 1))
# Generate the public key
pk = (number.getRandomRange(1, t))
g = number.GCD(pk, t)
while g != 1:
pk = (number.getRandomRange(1, t))
g = number.GCD(pk, t)
if g == 1:
break
# Generate the secret key
sk = number.inverse(pk, t)
if pk != None:
if testencrypt(pk, sk, M):
good = 1
return sk, pk, n, M
def keygen():
good = 0
psize = 1024
while good != 1:
# Generate base primes
p, q, a, b = genBasePrimes(psize)
# Generate cloaking values
C = (p % q)
K = (q % p)
G = (p % q) + (q)
H = (p % q) + (p)
# Generate the cloaking mask
M = ((K * G) * (C + K) / K) + (((p / q) + (q / p)) / (K + C))
# Generate the modulus
n = a * b
# Cloak the totient
t = ((p - 1) * (q - 1) * p * (a - 1) * (b - 1))
# Generate the public key
pk = (number.getRandomRange(1, t))
g = number.GCD(pk, t)
while g != 1:
pk = (number.getRandomRange(1, t))
g = number.GCD(pk, t)
if g == 1:
break
# Generate the secret key
sk = number.inverse(pk, t)
if pk != None:
if testencrypt(pk, sk, M):
good = 1
return sk, pk, n, M
def keygen():
good = 0
psize = 16
while good != 1:
# Generate base primes
p, q, a, b = genBasePrimes(psize)
# Generate the cloaking nulus
M = p * q
# Generate the nulus
n = a * b
t = ((p - 1) * (q - 1) * p * (a - 1) * (b - 1))
# Generate the public key
pk = (number.getRandomRange(1, t))
g = number.GCD(pk, t)
while g != 1:
pk = (number.getRandomRange(1, t))
g = number.GCD(pk, t)
if g == 1:
break
# Generate the secret key
sk = number.inverse(pk, t)
if pk != None:
if testencrypt(pk, sk, M):
good = 1
return sk, pk, n, p, q, C, K, t, M, a, b, U, V
def keygen():
good = 0
psize = 128
while good != 1:
# Generate base primes
p, q, a, b = genBasePrimes(psize)
M = p * q
# Generate the modulus
n = a * b
# Cloak the totient
t = ((p - 1) * (q - 1) * (a - 1) * (b - 1))
# Generate the public key
pk = (number.getRandomRange(1, t))
g = number.GCD(pk, t)
while g != 1:
pk = (number.getRandomRange(1, t))
g = number.GCD(pk, t)
if g == 1:
break
# Generate the secret key
sk = number.inverse(pk, t)
if pk != None:
if testencrypt(pk, sk, M):
good = 1
return sk, pk, n, M
def keygen_rsa(log_N, log_d=None):
f = lambda n: ''.join([chr(random.getrandbits(8)) for i in range(n)])
p = number.getPrime(log_N / 2, randfunc=f)
q = number.getPrime(log_N / 2, randfunc=f)
N = p * q
phi = (p - 1) * (q - 1)
if (log_d == None):
while (True):
e = number.getRandomRange(0, N, randfunc=f)
if (number.GCD(e, phi) == 1):
d = number.inverse(e, phi)
break
else:
while (True):
d = number.getRandomRange(0, 2**log_d, randfunc=f)
if (number.GCD(d, phi) == 1):
e = number.inverse(d, phi)
break
return p, q, N, e, d
def getUnblindedSecret(secret, seed):
r = seed
while number.GCD(seed, AUTH_PUBLIC_KEY_N) != 1:
r += 1
assert number.GCD(r, AUTH_PUBLIC_KEY_N) == 1
r_inv = number.inverse(r, AUTH_PUBLIC_KEY_N)
assert r * r_inv % AUTH_PUBLIC_KEY_N == 1
unblindedSecret = (r_inv * secret) % AUTH_PUBLIC_KEY_N
return hex(unblindedSecret)
def encrypt(ptxt, f, h, q, g):
k = (number.getRandomRange(1, (f - 1)))
tmp = number.GCD(k, f)
while tmp != 1:
k = (number.getRandomRange(1, (f - 1)))
tmp = number.GCD(k, f)
if tmp == 1:
break
p = g**k
s = h**k
return (ptxt * s), p
def keygen(psize=8):
q, f = genBasePrimes(psize)
g = (number.getRandomRange(1, (f - 1)))
a = (number.getRandomRange(1, (f - 1)))
tmp = number.GCD(a, q)
while tmp != 1:
a = (number.getRandomRange(1, (f - 1)))
tmp = number.GCD(a, q)
if tmp == 1:
break
h = g**a
return f, h, q, g, a
def gen_keys():
p = pycrypto.getPrime(PRIME_SIZE)
q = pycrypto.getPrime(PRIME_SIZE)
n = p * q
l = ((p - 1) * (q - 1)) // pycrypto.GCD(p - 1, q - 1)
while True:
g = pycrypto.getRandomInteger(PRIME_SIZE * 4) % (n * n)
if pycrypto.GCD(g, n) == 1:
c = (pow(g, l, n * n) - 1) // n
if pycrypto.GCD(c, n) == 1:
mu = pycrypto.inverse(c, n)
break
return PublicKey(n, g), PrivateKey(l, mu)
def login(w, N):
x = int(random.uniform(1, 2**20)) # getting a random x uniformly
while number.GCD(x, N) != 1:
x = int(random.uniform(1, 2**20)) # if gcd(x,N) is not 1, get anothe x
y = (x**2) % N # computing y
print("x: " + str(x))
print("y: " + str(y))
client_socket.send(str(y).encode()) # sending y
b = client_socket.recv(1024).decode() # receiving b
print("b: " + b)
z = 0
if int(b) == 0: # computing z
z = x
elif int(b) == 1:
z = w * x
print("z: " + str(z))
client_socket.send(str(z).encode()) # sending z
access = client_socket.recv(1024).decode() # getting access status
return access
def is_pairwise_coprime(l):
# l is list of integers
for i in range(len(l)):
for j in range(i + 1, len(l)):
if number.GCD(l[i], l[j]) != 1:
return False
return True
def get_e(phi, bits=192):
# (e*d) mod fi == 1
while True:
result = randrange(2,255)
modulus = number.GCD(result, phi)
if modulus == 1:
return result
def get_e(phi, bits=192):
# (e*d) mod fi == 1
while True:
result = randrange(2,255)
modulus = number.GCD(result, phi) #greatest common devisor #long Return the GCD of x and y.
if modulus == 1:
return result
def gen_key_pair(self, bit_length):
if (bit_length % 2 != 0):
raise ValueError("Bit length must be a multiple of 2")
if (bit_length < 8):
raise ValueError("Bit length must be at least 8 bits")
bits_pq = bit_length / 2
self.n = 0
while (self.n.bit_length() != bit_length):
self._gen_primes(bits_pq)
self.n = self.p * self.q
self.phi_n = (self.p - 1) * (self.q - 1)
self.e = 0
while ((self.e <= 3) | (self.e >= self.phi_n) |
(number.GCD(self.e, self.phi_n) != 1)):
self.e = number.getRandomInteger(self.phi_n.bit_length())
self.d = number.inverse(self.e, self.phi_n)
self.block_size = len(str(self.n))
#Initializing the CRT values
self._init_crt()
def encrypt(pk, msg):
while True:
r = pycrypto.getRandomInteger(PRIME_SIZE * 2)
if pycrypto.GCD(r, pk.n) == 1:
break
return ((pow(pk.g, msg, pk.n * pk.n) * pow(r, pk.n, pk.n * pk.n)) %
(pk.n * pk.n), r)
def paillier_keygen():
# Returns (pk, sk)
p = number.getStrongPrime(512)
q = number.getStrongPrime(512)
n = p * q
lam = (p - 1) * (q - 1) / 2
while True:
g = random.randrange(n**2)
if number.GCD(g, n) != 1:
continue
mu_inv = L(pow(g, lam, n**2), n)
if number.GCD(mu_inv, n) != 1:
continue
mu = number.inverse(mu_inv, n)
break
return (n, g), (lam, mu)
def egGen(p, a, x, m):
while 1:
k = random.randint(1, p - 2)
if num.GCD(k, p - 1) == 1: break
r = pow(a, k, p)
l = num.inverse(k, p - 1)
s = l * (m - x * r) % (p - 1)
return r, s
def getBlindedSecret(secret, seed):
hashedSecret = int(SHA512.SHA512Hash(bytes(secret, 'utf-8')).hexdigest(), 16)
r = seed
while number.GCD(seed, AUTH_PUBLIC_KEY_N) != 1:
r += 1
blindedSecret = ((r ** AUTH_PUBLIC_KEY_E) * hashedSecret) % AUTH_PUBLIC_KEY_N
return hex(blindedSecret)
def get_e(phi):
e = 0
check = True
while (check):
temp = random.randint(2, phi)
if (num.GCD(temp, phi) == 1):
check = False
e = temp
return e
def generateElGamalSignature(z, msg):
while 1:
k = random.randint(1, sys_param_p - 2)
if num.GCD(k, sys_param_p - 1) == 1:
break
r = pow(sys_param_a, k, sys_param_p)
l = num.inverse(k, sys_param_p - 1)
s = ",".join([str(l * (ord(m) - z * r) % (sys_param_p - 1)) for m in msg])
return r, s
def keygen():
good = 0
psize = 64
rounds = 10
while good != 1:
p, q, l, m = genBasePrimes(psize)
n, M, t, C, K, U, V = genCloakingVals(p, q, l, m, rounds)
pk = (number.getRandomRange(1, t))
g = number.GCD(pk, t)
while g != 1:
pk = (number.getRandomRange(1, t))
g = number.GCD(pk, t)
if g == 1:
break
sk = number.inverse(pk, t)
if pk != None:
if testencrypt(pk, sk, n, M):
good = 1
return sk, pk, n, p, q, l, m, t, C, K, U, V, M
def sign(m, sk, pk, p, g):
while True:
k = getRandomRange(1, p - 1)
if number.GCD(k, p - 1) == 1:
break
r = pow(g, k, p)
s = (m - sk * r) % (p - 1)
while s < 0:
s += (p - 1)
s = (s * inverse(k, p - 1)) % (p - 1)
return r, s
def rsakeys(numberofbits=30):
p = number.getPrime(numberofbits)
q = number.getPrime(numberofbits)
n = p * q
phi = (p - 1) * (q - 1)
e = 3
while number.GCD(e, phi) > 1:
e += 2
d = number.inverse(e, phi)
print(p, q)
return e, d, n
def test_getStrongPrime(self):
"""Util.number.getStrongPrime"""
self.assertRaises(ValueError, number.getStrongPrime, 256)
self.assertRaises(ValueError, number.getStrongPrime, 513)
bits = 512
x = number.getStrongPrime(bits)
self.assertNotEqual(x % 2, 0)
self.assertEqual(x > (1 << bits - 1) - 1, 1)
self.assertEqual(x < (1 << bits), 1)
e = 2**16 + 1
x = number.getStrongPrime(bits, e)
self.assertEqual(number.GCD(x - 1, e), 1)
self.assertNotEqual(x % 2, 0)
self.assertEqual(x > (1 << bits - 1) - 1, 1)
self.assertEqual(x < (1 << bits), 1)
e = 2**16 + 2
x = number.getStrongPrime(bits, e)
self.assertEqual(number.GCD((x - 1) >> 1, e), 1)
self.assertNotEqual(x % 2, 0)
self.assertEqual(x > (1 << bits - 1) - 1, 1)
self.assertEqual(x < (1 << bits), 1)
def generate_keys(e):
while True:
p = number.getPrime(rand.randint(1, 2048))
q = number.getPrime(rand.randint(1, 2048))
phi = (p - 1) * (q - 1)
if e < phi and number.GCD(e, phi) == 1:
break
d = modular_inverse(e, phi)
if not d:
raise Exception('Multiplicative inverse not found')
n = p * q
return (n, e), d
