def get_prime(): X = int(('0' * 63 + '1') * 37 + '0' * 89) factors_a = [2, 5, 11, 13, 23, 37, 53, 59] factors_b = [3, 7, 17, 19, 29, 31, 41, 47] prime_a = 1 prime_b = 1 while not isPrime(prime_a * X + prime_b): prime_a = 1 while not (prime_a < 1e64 and prime_a >= 5e63): while prime_a < 5e63: prime_a *= random.choice(factors_a) while prime_a >= 1e64: factors = factorint(prime_a) prime_a //= random.choice(list(factors.keys())) print(prime_a) prime_b = 1 counter = 0 while not isPrime(prime_a * X + prime_b) and counter <= 100: prime_b = 1 while not (prime_b < 1e89 and prime_b >= 5e88): while prime_b < 5e88: prime_b *= random.choice(factors_b) while prime_b >= 1e89: factors = factorint(prime_b) prime_b //= random.choice(list(factors.keys())) counter += 1 return prime_a * X + prime_b
def generate_params(prime_length): # Warning: this may take some time :) while True: p = getPrime(prime_length) if p % 4 == 3: if p % 3 == 2: q = (p - 1) // 2 r = (p + 1) // 12 if isPrime(q) and isPrime(r): break else: q = (p - 1) // 6 r = (p + 1) // 4 if isPrime(q) and isPrime(r): break n = p**2 order = p * q * r while True: re = getRandomRange(1, n) im = getRandomRange(1, n) g = complex_pow(Complex(re, im), 24, n) if (complex_pow(g, order, n) == Complex(1, 0) and complex_pow(g, order // p, n) != Complex(1, 0) and complex_pow(g, order // q, n) != Complex(1, 0) and complex_pow(g, order // r, n) != Complex(1, 0)): return g, order, n
def constellation_factorization(n, stars): root = iroot(stars, n) n_candidate = 1 offset = (root + 1) % 2 primes = [] while True: p = root + offset if isPrime(p): n_candidate *= p primes.append(p) p = root - offset if isPrime(p): n_candidate *= p primes.append(p) if n_candidate == n: return primes if n_candidate > n: return [] offset += 2
def pollard_brute(N): """ For one of N's prime p, 1. If (p-1) is a K-smooth number. (k is small) 2. When all (p-1)'s factor were iterated by b Then it can be factorization by pollard_pm1. """ a = 2 b = 1 factors = [] if isPrime(N) : return N try : while True: a = pow(a, b, N) p = GCD(a - 1, N) if 1 < p < N: factors.append(p) print(f"factor found: {p}") q = N // p if isPrime(q) : print(f"factor found: {q}") factors.append(q) return factors b += 1 except: return factors
def _is_safe_prime(p, probability=params.FALSE_PRIME_PROBABILITY): """ Test if the number p is a safe prime. A safe prime is one of the form p = 2q + 1, where q is also a prime. Arguments: p::long -- Any integer. probability::int -- The desired maximum probability that p or q may be composite numbers and still be declared prime by our (probabilistic) primality test. (Actual probability is lower, this is just a maximum provable bound) Returns: True if p is a safe prime False otherwise """ # Get q (p must be odd) if(p % 2 == 0): return False q = (p - 1)/2 # q first to shortcut the most common False case return (number.isPrime(q, false_positive_prob=probability) and number.isPrime(p, false_positive_prob=probability))
def generatekey(): global h, g, x, y, p, q q = num.getPrime(160) p = 0 h = 0 x = num.getRandomRange(0, q) y = 0 multi = 1 while 1: print("trying to generate a new num") while multi % 2 == 1: multi = num.getRandomNBitInteger(512 - 160) for i in range(1, 50): multi = multi + 2 * i p1 = multi * q p = p1 + 1 if num.isPrime(p) and num.size(p) == 512: break if num.isPrime(p) and num.size(p) == 512: break power = divmod(p - 1, q)[0] while not pow(h, power, p) > 1: h = num.getRandomRange(2, p - 1) g = pow(h, power, p) y = pow(g, x, p)
def check_secret(secret): assert secret.bits == 512 assert secret.p.bit_length() == secret.bits assert secret.q.bit_length() == secret.bits assert secret.e < secret.bits assert isPrime(secret.p) and isPrime(secret.q) assert GCD(secret.e, (secret.p - 1) * (secret.q - 1)) == 1
def dec_pq(c: int, p: int, q: int, e: int) -> int: if not isPrime(p) or not isPrime(q): raise ValueError("`p` and `q` must be a prime number") n = p * q phi = (p-1)*(q-1) d = inv(e, phi) return dec(c, d, n)
def validate_pk_params(self): # check primality of p if not number.isPrime(self.p): raise Exception("p is not prime.") # check length of p if not (number.size(self.p) >= 2048): raise Exception( "p of insufficient length. Should be 2048 bits or greater.") # check primality of q if not number.isPrime(self.q): raise Exception("q is not prime.") # check length of q if not (number.size(self.q) >= 256): raise Exception( "q of insufficient length. Should be 256 bits or greater.") if pow(self.g, self.q, self.p) != 1: raise Exception("g does not generate subgroup of order q.") if not (1 < self.g < self.p - 1): raise Exception("g out of range.") if not (1 < self.y < self.p - 1): raise Exception("y out of range.") if pow(self.y, self.q, self.p) != 1: raise Exception("g does not generate proper group.")
def _is_safe_prime(p, probability=params.FALSE_PRIME_PROBABILITY): """ Test if the number p is a safe prime. A safe prime is one of the form p = 2q + 1, where q is also a prime. Arguments: p::long -- Any integer. probability::int -- The desired maximum probability that p or q may be composite numbers and still be declared prime by our (probabilistic) primality test. (Actual probability is lower, this is just a maximum provable bound) Returns: True if p is a safe prime False otherwise """ # Get q (p must be odd) if (p % 2 == 0): return False q = (p - 1) / 2 # q first to shortcut the most common False case return (number.isPrime(q, false_positive_prob=probability) and number.isPrime(p, false_positive_prob=probability))
def construct_moduli(): with open("b1") as f1, open("b2") as f2: b1 = long(f1.read()) b2 = long(f2.read()) e = long(65537) p1 = number.getPrime(500) p2 = number.getPrime(500) assert(p1 != p2) assert(number.GCD(e, p1-1) == 1) assert(number.GCD(e, p2-1) == 1) print p1 print p2 a1 = p1 - b1 % p1 a2 = p2 - b2 % p2 b0 = chinese_remainder_theorem(p1, p2, a1, a2) assert(b0 < p1 * p2) assert(number.GCD(b1 + b0, p1) == p1) assert(number.GCD(b2 + b0, p2) == p2) assert((b1 + b0) % p1 == 0) assert((b2 + b0) % p2 == 0) print b0 k = 0 while True: b = b0 + k * p1 * p2 if b >= 2**1024: raise Exception('failed to find b') q1 = (b1 + b) / p1 if not number.isPrime(q1) or number.GCD(e, q1-1) != 1: k = k + 1 continue q2 = (b1 + b) / p2 if not number.isPrime(q2) or number.GCD(e, q2-1) != 1: k = k + 1 continue n1 = b1 + b n2 = b2 + b break print b assert(p1.bit_length() > 256) assert(p2.bit_length() > 256) assert(q1.bit_length() > 256) assert(q2.bit_length() > 256) assert(n1.bit_length() == 2047) assert(n2.bit_length() == 2047) print n1 print p1 print q1 print n2 print p2 print q2 with open("moduli1", 'w') as m1, open("moduli2", 'w') as m2, open("sol_3.2.5_factorsA.hex", 'w') as factors1, open("sol_3.2.5_factorsB.hex", 'w') as factors2: m1.write(hex(n1)[2:]) m2.write(hex(n2)[2:]) factors1.write(hex(p1)[2:] + "\n" + hex(q1)[2:] + "\n") factors2.write(hex(p2)[2:] + "\n" + hex(q2)[2:] + "\n")
def pq_maker(b_1, b_2): count = 0 while True: print(count) p_1 = number.getPrime(500) p_2 = number.getPrime(500) print("a1") while not coprime(p_1-1): p_1 = number.getPrime(500) print("A") while not coprime(p_2-1): p_2 = number.getPrime(500) b_0 = getCRT(b_1, b_2, p_1, p_2) print("k") k = 0 while k < limit2: b = b_0 + k*p_1*p_2 q_1 = (b_1 * limit1 + b)/p_1 q_2 = (b_2 * limit1 + b)/p_2 if(number.isPrime(q_1) and number.isPrime(q_2) and coprime(q_1-1) and coprime(q_2-1)): return q_1, q_2, p_1, p_2 k = k + 1 if (k %10000 == 0): print(k) count = count + 1
def getPrimes(bitsize): r = random.getrandbits(bitsize) p, q = r, r while not isPrime(p): p += random.getrandbits(bitsize // 4) while not isPrime(q): q += random.getrandbits(bitsize // 8) return p, q
def auxphi(a, b, p, g, s): assert (len(a) - nbit)**2 + (len(b) - (nbit - 6))**2 == 0 assert isPrime(p) and isPrime(p/2) assert g > 1 q = p // 2 if pow(g, q, p) == 1: h = pow(g, s, p) r = pow(g, int((a+b)[:nbit - 3]), p) * pow(h, int((a+b)[nbit - 3:]), p) % p return bin(r)[2:].zfill(nbit)
def _generate_safe_prime(nbits, probability=params.FALSE_PRIME_PROBABILITY, task_monitor=None): """ Generate a safe prime of size nbits. A safe prime is one of the form p = 2q + 1, where q is also a prime. The prime p used for ElGamal must be a safe prime, otherwise some attacks that rely on factoring the order p - 1 of the cyclic group Z_{p}^{*} may become feasible if p - 1 does not have a large prime factor. (p = 2q + 1, means p - 1 = 2q, which has a large prime factor, namely q) Arguments: nbits::int -- Bit size of the safe prime p to generate. This private method assumes that the nbits parameter has already been checked to satisfy all necessary security conditions. probability::int -- The desired maximum probability that p or q may be composite numbers and still be declared prime by our (probabilistic) primality test. (Actual probability is lower, this is just a maximum provable bound) task_monitor::TaskMonitor -- A task monitor for the process. Returns: p::long -- A safe prime. """ found = False # We generate (probable) primes q of size (nbits - 1) # until p = 2*q + 1 is also a prime while (not found): if (task_monitor != None): task_monitor.tick() q = number.getPrime(nbits - 1) p = 2 * q + 1 if (not number.isPrime(p, probability)): continue # Are we sure about q, though? (pycrypto may allow a higher # probability of q being composite than what we might like) if (not number.isPrime(q, probability)): continue # pragma: no cover (Too rare to test for) found = True # DEBUG CHECK: The prime p must be of size n=nbits, that is, in # [2**(n-1),2**n] (and q must be of size nbits - 1) if (params.DEBUG): assert 2**(nbits - 1) < p < 2**(nbits), \ "p is not an nbits prime." assert 2**(nbits - 2) < q < 2**(nbits - 1), \ "q is not an (nbits - 1) prime" return p
def primesGen(ini=2L): if isPrime(ini): yield ini if not (ini & 0x1): #if even ini += 1 #make odd while True: if isPrime(ini): yield ini ini += 2
def _generate_safe_prime(nbits, probability=params.FALSE_PRIME_PROBABILITY, task_monitor=None): """ Generate a safe prime of size nbits. A safe prime is one of the form p = 2q + 1, where q is also a prime. The prime p used for ElGamal must be a safe prime, otherwise some attacks that rely on factoring the order p - 1 of the cyclic group Z_{p}^{*} may become feasible if p - 1 does not have a large prime factor. (p = 2q + 1, means p - 1 = 2q, which has a large prime factor, namely q) Arguments: nbits::int -- Bit size of the safe prime p to generate. This private method assumes that the nbits parameter has already been checked to satisfy all necessary security conditions. probability::int -- The desired maximum probability that p or q may be composite numbers and still be declared prime by our (probabilistic) primality test. (Actual probability is lower, this is just a maximum provable bound) task_monitor::TaskMonitor -- A task monitor for the process. Returns: p::long -- A safe prime. """ found = False # We generate (probable) primes q of size (nbits - 1) # until p = 2*q + 1 is also a prime while(not found): if(task_monitor != None): task_monitor.tick() q = number.getPrime(nbits - 1) p = 2*q + 1 if(not number.isPrime(p, probability)): continue # Are we sure about q, though? (pycrypto may allow a higher # probability of q being composite than what we might like) if(not number.isPrime(q, probability)): continue # pragma: no cover (Too rare to test for) found = True # DEBUG CHECK: The prime p must be of size n=nbits, that is, in # [2**(n-1),2**n] (and q must be of size nbits - 1) if(params.DEBUG): assert 2**(nbits - 1) < p < 2**(nbits), \ "p is not an nbits prime." assert 2**(nbits - 2) < q < 2**(nbits - 1), \ "q is not an (nbits - 1) prime" return p
def solve(): p = b'justGiveTheFlag!!' + Random.get_random_bytes(14) + b'\x0f' p = number.bytes_to_long(p) while not number.isPrime(p) or not number.isPrime((p - 1) >> 1): p = b'justGiveTheFlag!!' + Random.get_random_bytes(14) + b'\x0f' p = number.bytes_to_long(p) return p, (p - 1) >> 1, hex(p).rstrip('L')
def isStrongPrime(p): nextp = p + 1 while not number.isPrime(nextp): nextp = nextp + 1 lastp = p - 1 while not number.isPrime(lastp): lastp = lastp - 1 return (p * 2 > nextp + lastp)
def test_isPrime(self): """Util.number.isPrime""" self.assertEqual( number.isPrime(-3), False) # Regression test: negative numbers should not be prime self.assertEqual( number.isPrime(-2), False) # Regression test: negative numbers should not be prime self.assertEqual( number.isPrime(1), False ) # Regression test: isPrime(1) caused some versions of PyCrypto to crash. self.assertEqual(number.isPrime(2), True) self.assertEqual(number.isPrime(3), True) self.assertEqual(number.isPrime(4), False) self.assertEqual(number.isPrime(2**1279 - 1), True) self.assertEqual( number.isPrime(-(2**1279 - 1)), False) # Regression test: negative numbers should not be prime # test some known gmp pseudo-primes taken from # http://www.trnicely.net/misc/mpzspsp.html for composite in (43 * 127 * 211, 61 * 151 * 211, 15259 * 30517, 346141 * 692281, 1007119 * 2014237, 3589477 * 7178953, 4859419 * 9718837, 2730439 * 5460877, 245127919 * 490255837, 963939391 * 1927878781, 4186358431 * 8372716861, 1576820467 * 3153640933): self.assertEqual(number.isPrime(int(composite)), False)
def gen_rsa_primes(G): urand = bytes_to_long(urandom(521//8)) while True: s = getrandbits(521) ^ urand Q = s*G if isPrime(Q.x) and isPrime(Q.y): print("ECC Private key:", hex(s)) print("RSA primes:", hex(Q.x), hex(Q.y)) print("Modulo:", hex(Q.x * Q.y)) return (Q.x, Q.y)
def auxphi(a, b, p, g, s): assert (len(a) - nbit)**2 + (len(b) - (nbit - 6))**2 == 0 assert isPrime(p) and isPrime(p / 2) assert g > 1 q = p // 2 if pow(g, q, p) == 1: h = pow(g, s, p) r = pow(g, int( (a + b)[:nbit - 3]), p) * pow(h, int( (a + b)[nbit - 3:]), p) % p return bin(r)[2:].zfill(nbit)
def __init__(self, p=None, q=None, bits=8): if not p: p = number.getPrime(bits) if not q: q = number.getPrime(bits) self.p = p if number.isPrime(p) else exit(-1) self.q = q if number.isPrime(q) else exit(-1) self.n = p * q self.phi = (p - 1) * (q - 1) self.e = self.get_e(self.phi, bits) self.d = self.get_d(self.e, self.phi)
def next_prime(s): if s % 6 == 0: s += 1 elif s % 6 != 1: s = s - s % 6 + 5 while True: if isPrime(s) == True: break s += 2 if isPrime(s) == True: break s += 4 return s
def next_level(n): nsum = sum([int(x) for x in str(n)]) hs = [] ps = [] for i in range(10): h = n * 10 + i if h % (nsum + i) == 0: hs.append(h) elif isPrime(h) and isPrime(n // nsum): ps.append(h) return hs, ps
def genKey(k): while True: r = getrandbits(k) while (r % 2): r = getrandbits(k) p = 3 * r**2 + 2 * r + 7331 q = 17 * r**2 + 18 * r + 1339 n = p * q if (isPrime(p) and isPrime(q)): return (p, q), n
def __init__(self, p=None, q=None, bits=8): if not p: p = number.getPrime(bits) # print('check p;',p) if not q: q = number.getPrime(bits) #print('check q;',q) self.p = p if number.isPrime(p) else exit(-1) self.q = q if number.isPrime(q) else exit(-1) self.n = p * q # Their product n = p * q is calculated, which is called the modulus. self.phi = (p - 1) * (q - 1) # The value of the Euler function of the number n is calculated: self.e = self.get_e(self.phi, bits) # An integer is selected that is relatively prime with the value of the function phi (n) self.d = self.get_d(self.e, self.phi) # The number d is calculated, which is multiplicatively inverse to the number e modulo phi (n)
def genPrimes(size): base = random.getrandbits(size // 2) << size // 2 base = base | (1 << 1023) | (1 << 1022) | 1 while True: temp = base | random.getrandbits(size // 4) if isPrime(temp): p = temp break while True: temp = base | random.getrandbits(size // 4) if isPrime(temp): q = temp break return (p, q)
def test_isPrime(self): """Util.number.isPrime""" self.assertEqual(number.isPrime(2), True) self.assertEqual(number.isPrime(3), True) self.assertEqual(number.isPrime(4), False) self.assertEqual(number.isPrime(2L**1279-1), True) # test some known gmp pseudo-primes taken from # http://www.trnicely.net/misc/mpzspsp.html for composite in (43 * 127 * 211, 61 * 151 * 211, 15259 * 30517, 346141L * 692281L, 1007119L * 2014237L, 3589477L * 7178953L, 4859419L * 9718837L, 2730439L * 5460877L, 245127919L * 490255837L, 963939391L * 1927878781L, 4186358431L * 8372716861L, 1576820467L * 3153640933L): self.assertEqual(number.isPrime(long(composite)), False)
def generate_p_and_q(bits): p = 2 q = 2 while True: p = number.getRandomNBitInteger(bits) if number.isPrime(p): break while True: q = number.getRandomNBitInteger(bits) if number.isPrime(q): break return p, q
def validate(p, q, g): p_length = p.bit_length() if (p_length % 64) != 0: print "p's bit length not a mulitple of 64" return False if not (p_length >= 512 and p_length <= 1024): print "p's bit length is not between 512 and 1024" return False if not number.isPrime(p): print "p not prime" return False try: _number_new.exact_div(p - 1, q) except ValueError: print "q is not a prime factor of p" return False # g = u^{(p-1)/q} u = power_mod(g, 1 / _number_new.exact_div(p - 1, q), p) print u if not (u > 0 and u < p): print "g is invalid" return False return True
def generate_large_num2(): # Generate another large number using pythons in built random function. Checks if it's prime. LargeNum = random.getrandbits(BLOCK_SIZE) if RandGen.isPrime(LargeNum) == True: tkMessageBox.showinfo("Large Number Generator 2", str(LargeNum) + " is a prime number.") else: generate_large_num2()
def GetElgamalParamqp(bits = 100): while 1: q = bignum(getPrime(bits-1, Random.new().read)) p = 2*q+1 if number.isPrime(p, randfunc=Random.new().read): break return q,p
def find_generator_and_safe_prime(bits, gen_max_bits = False): stdout.write('Trying to find prime p ') while(1): stdout.write('.') q = number.getPrime(bits-1) # zeby pomnozona przez 2 byla na pewno mniejsza od p, (+1 pomijam, zakladam ze nie przekroczy) p = (q << 1) + 1 if number.isPrime(p): print '\n' + str(number.size(p)) + ' bits prime p found' p_sub_1 = p - 1 stdout.write('Trying to find generator g ') while(1): if gen_max_bits: # generator moze miec dowolna liczbe bitow g = number.getRandomNBitInteger(bits) if g >= p: continue else: g = number.getRandomRange(2, p) if pow(g, 2, p) == 1 or pow(g, q, p) == 1: stdout.write('.') continue print '\n' + str(number.size(g)) + ' bits generator g found' return p, g
def epicfail(n): x = 0 mode = 'epicfail' while n: if n % 10000 == 0: print("progress: ", n) if mode == 'epicfail': if isPrime(n): x += 1 mode = 'bill' else: mode = 'such' elif mode == 'bill': y = brotherman(n) if y % 3 == 0: x += 1 mode = 'such' else: mode = 'epicfail' x += y elif mode == 'such': y = dootdoot_5(n) if y % 7 == 0: x += 1 mode = 'bill' else: mode = 'epicfail' x += y n -= 1 return x
def generate_large_num(): # Generate a very large number for cryptographic purposes. Checks the number afterwards if it's prime or not. Recursively calls until it is prime. LargeNum = RandGen.getPrime(BLOCK_SIZE) if RandGen.isPrime(LargeNum) == True: tkMessageBox.showinfo("Large Number Generator", str(LargeNum) + " is a prime number.") else: generate_large_num()
def validate_dsa_key_pair(public_key, private_key): """ Validates a pair of dsa keys """ # FIXME: Make this function validate private key too # Construct DSA key keystring = binascii.a2b_base64(public_key.split(" ")[1]) keyparts = [] while len(keystring) > 4: length = struct.unpack(">I", keystring[:4])[0] keyparts.append(keystring[4 : 4 + length]) keystring = keystring[4 + length :] if keyparts[0] == "ssh-dss": tup = [bytes_to_long(keyparts[x]) for x in (4, 3, 1, 2)] else: return False key = DSA.construct(tup) # Validate DSA key fmt_error = not isPrime(key.p) fmt_error |= ((key.p - 1) % key.q) != 0 fmt_error |= key.g <= 1 or key.g >= key.p fmt_error |= pow(key.g, key.q, key.p) != 1 fmt_error |= key.y <= 0 or key.y >= key.p # The following piece of code is currently useless, because 'x' attribute is the private key # if hasattr(key, 'x'): # fmt_error |= key.x<=0 or key.x>=key.q # fmt_error |= pow(key.g, key.x, key.p)!=key.y return not fmt_error
def worker(needed_count, minimal_diameter): while True: p = getPrime(1024) primes = [p] q = p + 2 count = 1 # print('...') while True: if isPrime(q): primes.append(q) count += 1 if q - p > minimal_diameter.value: # already worse than before break if count == needed_count: if q - p < minimal_diameter.value: minimal_diameter.value = q - p print('New minimal diameter =', minimal_diameter.value) print(primes) n = 1 for p in primes: n *= p print('n =', n) print() break q += 2
def gen_key(bits): """ 鍵生成 :param bits: 鍵の長さ :return: 公開鍵: (p: 素数, g: Zp*の原始元, y: g^x(mod p)), 秘密鍵: x """ # 素数p while True: q = number.getPrime(bits - 1) p = 2 * q + 1 if number.isPrime(p): break # 原始元g while True: g = number.getRandomRange(3, p) # 原始元判定 if pow(g, 2, p) == 1: continue if pow(g, q, p) == 1: continue break # 秘密値x x = number.getRandomRange(2, p - 1) # 公開値y y = pow(g, x, p) return (p, g, y), x
def get_next_prime(possible_prime): # Find the next number given a prime number, and return it if RandGen.isPrime(possible_prime) == True: return possible_prime else: possible_prime = get_next_prime(possible_prime + 2) return possible_prime
def generate(bits, randfunc, progress_func=None): obj = ElGamalobj() if progress_func: progress_func('p\n') while 1: q = bignum(getPrime(bits - 1, randfunc)) obj.p = 2 * q + 1 if number.isPrime(obj.p, randfunc=randfunc): break if progress_func: progress_func('g\n') while 1: obj.g = number.getRandomRange(3, obj.p, randfunc) safe = 1 if pow(obj.g, 2, obj.p) == 1: safe = 0 if safe and pow(obj.g, q, obj.p) == 1: safe = 0 if safe and divmod(obj.p - 1, obj.g)[1] == 0: safe = 0 ginv = number.inverse(obj.g, obj.p) if safe and divmod(obj.p - 1, ginv)[1] == 0: safe = 0 if safe: break if progress_func: progress_func('x\n') obj.x = number.getRandomRange(2, obj.p - 1, randfunc) if progress_func: progress_func('y\n') obj.y = pow(obj.g, obj.x, obj.p) return obj
def DSAGenParameter(): print "Génération des paramètres" # On génère Q print "Génération de Q" q = number.getPrime(160) print "Q généré" # On génère P print "Génération de P" while True: r = number.getRandomInteger(480) p = (q*r)+1 if number.isPrime(p): break print "P généré" # On génère G print "Génération de G" while True: y = number.getRandomRange(0, p) g = pow(y, (p-1)/q, p) if g != 1: break print "G généré" print "Paramètres générés" return p, q, y, g
def canbe_written( odd_composite): # odd_composite = prime + 2*square for double_square in (2*n*n for n in count(1)): prime = odd_composite - double_square if prime < 0: break # consider `1' as a prime too if number.isPrime( long(prime) ): return True return False
def getPrimes(start = 2L): if start <= 2: yield 2L start = 3L n = long(start) while True: if number.isPrime(n): yield n n += 2
def _choose_p_from(self, q): i = 2 while True: p = i*q + 1 # TODO: implement Miller-Rabin if number.isPrime(p): break i += 1 return p
def findNthPrime( n ): currentCount = 1 currentNumber = long( 2 ) while currentCount < n: currentNumber += 1 if isPrime( currentNumber ): currentCount += 1 return currentNumber
def validate_cryptosystem(self): from Crypto.Util.number import isPrime pk = self.public_key if pow(pk.g, pk.q, pk.p) != 1: m = "g is not a generator, or q is not its order!" raise AssertionError(m) if not isPrime(pk.p): m = "modulus not prime!" raise AssertionError(m) if not isPrime(pk.q): m = "subgroup order not prime!" raise AssertionError(m) if 2*pk.q + 1 != pk.p: m = "modulus not in the form 2*(prime subgroup order) + 2" raise AssertionError(m) return 1
def getNextPrime( lowerBound ): ''' Lower bound not included ''' nextPrime = 0 lowerBound = long( lowerBound ) while nextPrime == 0: lowerBound += 1 if isPrime( lowerBound ): nextPrime = lowerBound return nextPrime
def GetPrimes(spub, spriv): p1 = GenPrimeWithOracle(spriv, k/2, e) while True: s0 = getRandomNBitInteger(o - m - 1) s = int_add(s0, spub) t = pi_sit_x(o, s) r2 = getRandomNBitInteger(k-o) nc = int_add(t, r2) q1 = nc / p1 if isPrime(q1): return (p1, q1)
def generate(bits, randfunc, progress_func=None): """generate(bits:int, randfunc:callable, progress_func:callable) Generate an ElGamal key of length 'bits', using 'randfunc' to get random data and 'progress_func', if present, to display the progress of the key generation. """ obj=ElGamalobj() # Generate a safe prime p # See Algorithm 4.86 in Handbook of Applied Cryptography if progress_func: progress_func('p\n') while 1: q = bignum(getPrime(bits-1, randfunc)) obj.p = 2*q+1 if number.isPrime(obj.p, randfunc=randfunc): break # Generate generator g # See Algorithm 4.80 in Handbook of Applied Cryptography # Note that the order of the group is n=p-1=2q, where q is prime if progress_func: progress_func('g\n') while 1: # We must avoid g=2 because of Bleichenbacher's attack described # in "Generating ElGamal signatures without knowning the secret key", # 1996 # obj.g = number.getRandomRange(3, obj.p, randfunc) safe = 1 if pow(obj.g, 2, obj.p)==1: safe=0 if safe and pow(obj.g, q, obj.p)==1: safe=0 # Discard g if it divides p-1 because of the attack described # in Note 11.67 (iii) in HAC if safe and divmod(obj.p-1, obj.g)[1]==0: safe=0 # g^{-1} must not divide p-1 because of Khadir's attack # described in "Conditions of the generator for forging ElGamal # signature", 2011 ginv = number.inverse(obj.g, obj.p) if safe and divmod(obj.p-1, ginv)[1]==0: safe=0 if safe: break # Generate private key x if progress_func: progress_func('x\n') obj.x=number.getRandomRange(2, obj.p-1, randfunc) # Generate public key y if progress_func: progress_func('y\n') obj.y = pow(obj.g, obj.x, obj.p) return obj
def verify(self, t=None): # Specified in SEC1 3.1.1.2.1 if t is not None: log2_ceil = math.ceil(math.log(self.p, 2)) if 80 < t < 256: if log2_ceil != 2 * t: return False elif t == 80: if log2_ceil != 192: return False elif t == 256: if log2_ceil != 521: return False # verify P is prime if not number.isPrime(self.p): return False # verify attributes are in the range [0, p-1] if self.a >= self.p: return False if self.b >= self.p: return False if self.G.x >= self.p: return False if self.G.y >= self.p: return False # check curve parameters if (4 * pow(self.a, 3, self.p) + 27 * pow( self.b, 2, self.p)) % self.p == 0: return False if not self.G.verify(): return False # verify N is prime if not number.isPrime(self.n): return False return True
def test_isPrime(self): """Util.number.isPrime""" self.assertEqual(number.isPrime(-3), False) # Regression test: negative numbers should not be prime self.assertEqual(number.isPrime(-2), False) # Regression test: negative numbers should not be prime self.assertEqual(number.isPrime(1), False) # Regression test: isPrime(1) caused some versions of PyCrypto to crash. self.assertEqual(number.isPrime(2), True) self.assertEqual(number.isPrime(3), True) self.assertEqual(number.isPrime(4), False) self.assertEqual(number.isPrime(2**1279-1), True) self.assertEqual(number.isPrime(-(2**1279-1)), False) # Regression test: negative numbers should not be prime # test some known gmp pseudo-primes taken from # http://www.trnicely.net/misc/mpzspsp.html for composite in (43 * 127 * 211, 61 * 151 * 211, 15259 * 30517, 346141 * 692281, 1007119 * 2014237, 3589477 * 7178953, 4859419 * 9718837, 2730439 * 5460877, 245127919 * 490255837, 963939391 * 1927878781, 4186358431 * 8372716861, 1576820467 * 3153640933): self.assertEqual(number.isPrime(int(composite)), False)
def pair(s): safe_prime = 0 while(True): p = num.getPrime(s) safe_prime = 2*p+1 if(num.isPrime(safe_prime)): break while(True): a = random.randint(2, safe_prime-1) if((safe_prime-1)%a != 1): break return safe_prime, a
def get_primes_and_pp(number_from, number_to): result = 0 print('======================================') print(number_from) print(number_to) print('======================================') while number_from <= number_to: if(sympy.perfect_power(number_from)): result += 1 if(isPrime(number_from)): result += 1 number_from += 1 return result
def factorsGenerator(n): primes = primesGen() lim = int(sqrt(n))+1 for p in takewhile(lambda x: x <= lim, primes): power = 0 while n % p == 0: power += 1 n //= p if power > 0: yield (p, power) if isPrime(n): break yield (n,1)
def _generate(self, bits): if bits < 160: raise ValueError('Key is too short!') while True: seed, self.q = self._generate_q() n = divmod(bits - 1, 160)[0] counter, offset, v = 0, 2, {} b = self.q >> 5 & 15 two_power_b = pow(2L, b) two_power_bits_minus_one = pow(2L, bits - 1) while counter < 4096: for k in range(0, n+1): v[k] = bytes_to_long(SHA.new( seed + str(offset) + str(k)).digest()) w = v[n] % two_power_b for k in range(n - 1, -1, -1): w = (w << 160L) + v[k] x = w + two_power_bits_minus_one c = x % (2 * self.q) self.p = x - (c - 1) if two_power_bits_minus_one <= self.p and isPrime(self.p): break counter += 1 offset += n + 1 if counter < 4069: break power = divmod(self.p - 1, self.q)[0] while True: h = bytes_to_long(os.urandom(bits)) % (self.p - 1) self.g = pow(h, power, self.p) if 1 < h < self.p - 1 and self.g > 1: break while True: self.x = bytes_to_long(os.urandom(20)) if 0 < self.x < self.q: break self.y = pow(self.g, self.x, self.p)
def GenPrimeWithOracle(spriv, L, e): ''' Generate p ''' T = L/2 + 64 T1 = L - T PRF = random.Random() PRF.seed(spriv) while True: u = PRF.randint(2**(T-1), 2**T) l = getRandomNBitInteger(T1) p1 = int_add(u, l) if isPrime(p1): return p1
def _generate_prime(bits, randpool): "primtive attempt at prime generation" hbyte_mask = pow(2, bits % 8) - 1 while True: # loop catches the case where we increment n into a higher bit-range x = randpool.get_bytes((bits+7) // 8) if hbyte_mask > 0: x = chr(ord(x[0]) & hbyte_mask) + x[1:] n = util.inflate_long(x, 1) n |= 1 n |= (1 << (bits - 1)) while not number.isPrime(n): n += 2 if util.bit_length(n) == bits: return n