def generate_public_key(private_key, security_level=SECURITY_LEVEL): a = modular_inverse((2, private_key * big_prime(security_level)) b = modular_inverse((3, private_key * big_prime(security_level)) return a, b def generate_keypair(security_level=SECURITY_LEVEL): private_key = generate_private_key(security_level) public_key = generate_public_key(private_key, security_level) return public_key, private_key def encapsulate_key(public_key, security_level=SECURITY_LEVEL): a, b = public_key s1 = random_integer(security_level) s2 = random_integer(security_level) e = random_integer(security_level) shared_secret = (3 * s1) + (2 * s2) + (6 * e) ciphertext = ((a * s1) + (b * s2) + e) return ciphertext, shared_secret def recover_key(ciphertext, private_key): return (ciphertext * 6) % private_key def unit_test(): from unittesting import test_key_exchange test_key_exchange("knowninverses", generate_keypair, encapsulate_key, recover_key, iterations=10000) if __name__ == "__main__": unit_test()
def generate_random_rsa_modulus(size_in_bytes): print "Generating p..." prime = big_prime(size_in_bytes) print "Generating q..." prime2 = big_prime(size_in_bytes) totient = (prime - 1) * (prime2 - 1) return prime * prime2, totient
def encrypt(m, N, r_size=32, p=None): assert p is not None ciphertext = (quicksum(N * big_prime(r_size)) + quicksum(N * big_prime(r_size))) + m assert ciphertext % N != m assert ciphertext % p == m, ciphertext % p return ciphertext
def generate_private_key(size, e=65537): p = big_prime(size) q = big_prime(size) d = modular_inverse(e, (p - 1) * (q - 1)) # while d >= p: # q = big_prime(size) # d = modular_inverse(e, (p - 1) * (q - 1)) return p, q, d, e
def generate_private_key(security_level=SECURITY_LEVEL, dimension=DIMENSION): prime_size = (security_level * dimension) + 1 p = big_prime(prime_size) q = big_prime(prime_size) elements = [] check_value = 1 for element_number in range(dimension): element = random_integer(security_level) elements.append(element) check_value *= element assert check_value < p return sorted(elements), p, q
def test_discrete_logarithm(): from crypto.utilities import big_prime print "Computing e" _e = big_prime(32) e = _e * 2 * 3 * 5 g = 3 print "Computing p" p = big_prime(40) print "Computing pow" n = pow(g, e, p) print "Computing dl" __e = discrete_logarithm(n, _e, g, p) assert __e == e
def test_encrypt_decrypt(): from math import log public_key, private_key = generate_keypair() public_key = (public_key[0] * random_integer(32), public_key[1]) for message in range(2, 256): print message message = random_integer(31) #public_key = (randomize_modulus(public_key[0], public_key), public_key[1]) ciphertext = encrypt(message, public_key) plaintext = decrypt(ciphertext, private_key) assert message == plaintext, (message, plaintext) size = lambda integer: int(log(integer, 2)) + 1 from pride.functions.timingcomparison import timing_comparison public_key, private_key = generate_keypair(p_size=256 / 8, q_size=256 / 8) print "Generating RSA modulus for comparison..." _p = big_prime(512 / 8) print "Generating second factor..." _q = big_prime(512 / 8) d = modular_inverse(65537, (_p - 1) * (_q - 1)) rsa_pub_key = (_p * _q, 65537) rsa_priv_key = (rsa_pub_key[0], d) print "Beginning timing comparison" print "Encryption time: (RSA top; summation3 bottom)" print("Modulus sizes: RSA: {}; summation3: {}".format( size(rsa_pub_key[0]), size(public_key[0]))) timing_comparison((encrypt, ( 3, rsa_pub_key, ), {}), (encrypt, ( 3, public_key, ), {}), iterations=100) print "Decryption time: (RSA top; summation3 bottom)" print("Private key size: RSA: d: {}; summation3: p: {}; d: {}".format( size(rsa_priv_key[1]), size(private_key[0]), size(private_key[1]))) timing_comparison((decrypt, (ciphertext, rsa_priv_key), {}), (decrypt, (ciphertext, private_key), {}), iterations=100) print("Ciphertext size: {}".format(size(ciphertext))) print("(sizes are in bits)") print "summation3 encrypt/decrypt unit test complete"
def generate_keypair_for_e(size_in_bytes, e=None): if e is None: raise ValueError("e not supplied") print("Generating keypair...") while True: prime = big_prime(size_in_bytes) totient = prime - 1 while e >= prime and gcd(e, totient) != 1: prime = big_prime(size_in_bytes) try: d = modular_inverse(e, totient) except ValueError: # the prime test is probabilistic continue else: print("...done") return e, d, prime
def generate_private_key(security_level=SECURITY_LEVEL): p_size = security_level * 3 p = big_prime(p_size + 1) a_i = random_integer((security_level * 2) + 1) >> 7 # adds 1 extra bit b_i = random_integer(security_level) ab_i = (a_i * b_i) % p return a_i, b_i, ab_i, p
def generate_parameters(a_size=A_SIZE, b_size=B_SIZE, x_size=X_SIZE, y_size=Y_SIZE): a = random_integer(a_size) b = random_integer(b_size) x = random_integer(x_size) y = big_prime(y_size) return a, b, x, y
def generate_parameters(a_size=A_SIZE, b_size=B_SIZE, x_size=X_SIZE, p_size=P_SIZE): a = random_integer(a_size) b = random_integer(b_size) x = random_integer(x_size) p = big_prime(p_size) z = modular_inverse(modular_subtraction(1, a, p), p) return a, b, x, p, z
def generate_private_key(parameters=PARAMETERS): ab_size = parameters["ab_size"] while True: p = big_prime(ab_size) if p % 4 == 1: a, b = find_squares(p) break while True: q = big_prime(ab_size) if q % 4 == 1: c, d = find_squares(q) break n = p * q x = (a * c) - (b * d) y = (a * d) + (b * c) assert pow(x, 2) + pow(y, 2) == n return x, y
def factor_part1(xy, modulus_size=0, p=None, factoring_method=naive_factoring): if p is None: if modulus_size == 0: raise ValueError("modulus_size or p required") p = big_prime(modulus_size) while p <= xy: p = big_prime(modulus_size) inverse_xy = modular_inverse(xy, p) #print "Factoring: ", xy, inverse_xy, modular_inverse(inverse_xy, p), p #print "Test factoring:", inverse_xy factors = factoring_method(inverse_xy) #print "Obtained factors: ", factors _factors = [] for item in factors: _factors.extend(factoring_method(modular_inverse(item, p))) return _factors, p
def test_walk_follow_path(): a, b, x = [random_integer(32) for count in range(3)] y = big_prime(33) for point_count in range(1, 16): x1 = walk(a, b, x, y) _x1 = follow_path(a, b, x, y, 1) __x1 = follow_path2(a, b, x, y, 1) assert _x1 == x1 assert __x1 == x1
def generate_private_key(security_level=SECURITY_LEVEL): while True: modulus = big_prime(security_level + 3) ai = random_integer(security_level) try: modular_inverse(ai, modulus) except ValueError: continue else: break return ai, ((ai * ai) + (ai * ai)) % modulus, modulus
def generate_public_key(p, q_size=32): q = big_prime(q_size) N = quicksum(p * q) #assert not( N % p != 0 or quicksum(N) % p != 0) while N % p != 0 or quicksum(N) % p != 0: q = random_integer(q_size) N = quicksum(p * q) assert is_prime(q) assert N % p == 0, (N % p) assert quicksum(N) % p == 0 return N
def test_encrypt_decrypt(): from math import log public_key, private_key = generate_keypair() public_key = (public_key[0] * random_integer(32), public_key[1]) for message in range(2, 256): print message message = random_integer(31) #public_key = (randomize_modulus(public_key[0], public_key), public_key[1]) ciphertext = encrypt(message, public_key) plaintext = decrypt(ciphertext, private_key) assert message == plaintext, (message, plaintext) size = lambda integer: int(log(integer, 2)) + 1 from pride.functions.timingcomparison import timing_comparison public_key, private_key = generate_keypair(p_size=256 / 8, q_size=256 / 8) print "Generating RSA modulus for comparison..." _p = big_prime(512 / 8) print "Generating second factor..." _q = big_prime(512 / 8) d = modular_inverse(65537, (_p - 1) * (_q - 1)) rsa_pub_key = (_p * _q, 65537) rsa_priv_key = (rsa_pub_key[0], d) print "Beginning timing comparison" print "Encryption time: (RSA top; summation3 bottom)" print("Modulus sizes: RSA: {}; summation3: {}".format(size(rsa_pub_key[0]), size(public_key[0]))) timing_comparison((encrypt, (3, rsa_pub_key, ), {}), (encrypt, (3, public_key, ), {}), iterations=100) print "Decryption time: (RSA top; summation3 bottom)" print("Private key size: RSA: d: {}; summation3: p: {}; d: {}".format(size(rsa_priv_key[1]), size(private_key[0]), size(private_key[1]))) timing_comparison((decrypt, (ciphertext, rsa_priv_key), {}), (decrypt, (ciphertext, private_key), {}), iterations=100) print("Ciphertext size: {}".format(size(ciphertext))) print("(sizes are in bits)") print "summation3 encrypt/decrypt unit test complete"
def generate_random_keypair(size_in_bytes): print("Generating keypair...") while True: prime = big_prime(size_in_bytes) e = random_integer(size_in_bytes) totient = prime - 1 while e >= prime and gcd(e, totient) != 1: e = random_integer(size_in_bytes) try: d = modular_inverse(e, totient) except ValueError: # the prime test is probabilistic continue else: print("...done") return e, d, prime
#ai(bs + e) + s # what if we use a short inverse for b as well as a? #ai(bs + e) + s #ai(bx + y) + x #ai(b(s + x) + e + y) + s + x #a + b + c #sa + sb + sc + e #s + saib + saic + aie #s + ai(bs + cs + e) from crypto.utilities import random_integer, modular_inverse, big_prime P = big_prime(50) def calculate_parameter_sizes(security_level): """ usage: calculate_parameters_sizes(security_level) => short_inverse size, r size, s size, e size, P size Given a target security level, designated in bytes, return appropriate parameter sizes for instantiating the trapdoor. """ short_inverse_size = (security_level * 2) + 1 p_size = short_inverse_size + security_level + 1 return short_inverse_size, security_level, security_level, security_level, p_size def generate_private_key(short_inverse_size=17, p=P): """ usage: generate_private_key(short_inverse_size=65, p=P) => private_key Returns 1 integer, suitable for use as a private key. """ short_inverse = random_integer(short_inverse_size) a = modular_inverse(short_inverse, p)
from crypto.utilities import random_integer, modular_inverse, big_prime, secret_split SECURITY_LEVEL = 16 Q = big_prime( SECURITY_LEVEL + 1) # *should* be the biggest 256-bit prime, or smallest 257 bit prime def generate_private_key(security_level=SECURITY_LEVEL, q=Q): encryption_key = (random_integer(security_level), random_integer(security_level)) decryption_key = [modular_inverse(item, q) for item in encryption_key] return encryption_key, decryption_key def generate_public_key(private_key, security_level=SECURITY_LEVEL, q=Q): return (secret_key_encrypt(1, private_key, security_level, q), secret_key_encrypt(1, private_key, security_level, q)) def generate_keypair(security_level=SECURITY_LEVEL, q=Q): private_key = generate_private_key(security_level) public_key = generate_public_key(private_key[0]) return public_key, private_key[1] def secret_key_encrypt(m, key, security_level=SECURITY_LEVEL, q=Q): x, y = secret_split(m, security_level, 2, q) a, b = key return (a * x) % q, (b * y) % q
def generate_private_key(size, e=65537): p = big_prime(size) d = modular_inverse(e, p - 1) return p, d
def generate_private_key(p_size=32, e=65537): p = big_prime(p_size) d = modular_inverse(e, p - 1) return (p, d)
def generate_private_key(size=32): return big_prime(size)
# == eb * (eb ^ (a - 1)) == ea * (ea ^ (b - 1)) # == eb * m == ea * n # pick a random q, e such that (p * q) + e mod g == 0, with e smaller then p by an appropriate margin # set private_key := (pq + e) / g == k # set public_key := (pq + e) mod p == e # set shared_secret := other_public_key * private_key # adversaries goal: recover any of : q, k, shared_secret # adversary has: p, g, e from crypto.utilities import random_integer, big_prime DEFAULT_SIZE = 1 Q_SIZE = DEFAULT_SIZE E_SIZE = DEFAULT_SIZE P = big_prime(E_SIZE * 2) G = 3 def random_key(p=P, q_size=Q_SIZE, e_size=E_SIZE): q = random_integer(q_size) e = random_integer(e_size) return (p * q) + e def generate_keypair(g=G, p=P, q_size=Q_SIZE, e_size=E_SIZE): key = random_key(p, q_size, e_size) while key % g: key = random_key(p, q_size, e_size) private_key = key / g public_key = key % p return public_key, private_key
#sax + sx^2 + e #sa + sx + x_ie #s(a + x) + x_ie #sz + x_ie #s + z_ix_ie #z = (a + x) # # 32 16 16 32 = 64 # generate n = a + x # generate x_i and compute z_i # from crypto.utilities import random_integer, big_prime, modular_inverse, modular_subtraction SECURITY_LEVEL = 32 P = big_prime(SECURITY_LEVEL + 1) def generate_private_key(security_level=SECURITY_LEVEL, modulus=P): x_i = random_integer(security_level / 2) z_i = random_integer((security_level / 2) + 1) >> 7 # + 1 and >> 7 extends the value by 1 bit return x_i, z_i, (z_i * x_i) % modulus def generate_public_key(private_key, modulus=P): x_i, z_i, xz_i = private_key x = modular_inverse(x_i, modulus) z = modular_inverse(z_i, modulus) a = modular_subtraction(z, x, modulus) # z - x public_key = ((a * x) + (x * 2)) % modulus
def generate_private_key(prime_count=80, key_size=16, modulus_size=33): primes = PRIMES[:] shuffle(primes, bytearray(random_bytes(len(primes)))) key = random_integer(key_size) modulus = big_prime(modulus_size) return primes[:prime_count], key, modulus
def generate_private_key(security_level=SECURITY_LEVEL): modulus = big_prime(33) a = 2 ** 256 ai = modular_inverse(a, modulus) return ai, modulus
# s1(ab) + s2(abc) # a(bs1) + a(bcs2) # a(bs1 + bcs2) # bs1 + bcs2 # s1 + cs2 # 32 33 32 = 65 # s1(ab) + s2(abc) # ab(s1 + s2c) # s1(a + b) + s2(a + b + c) # s1a + s1b + s2a + s2b + s2c # s1(a + b) + s2(a + b) + s2c # (a + b)(s1 + s2) + s2c # s1+s2 + aibis2c 32 32 32 32 P = big_prime(66) def generate_private_key(inverse_size=32, c_size=33): ai = random_integer(64) bi = random_integer(64) c = random_integer(c_size) return ai, bi, c def generate_public_key(private_key, p=P): ai, bi, c = private_key a = modular_inverse(ai, p) b = modular_inverse(bi, p) public_key = ((a * b) % p, (a * b * c) % p) return public_key def generate_keypair(inverse_size=32, c_size=33, p=P):
def decrypt(c, private_key, q_size=16): d, p = private_key p *= big_prime(q_size) return pow(c, d, p)
def generate_private_key(p_size=P_SIZE, e=65537): p = big_prime(p_size) d = modular_inverse(e, p - 1) return e, d, p
# 1 2 3 4 5 = 15 # 1 2 3 4 5 6 7 = 28 # q1 = 6; q2 = 8; # g ^ x == g * r mod p # (g ^ a) ^ b == (g ^ b) ^ a mod p # pick a random m # store it in the exponent # exponentiate to multiply exponents raise NotImplementedError() from crypto.utilities import big_prime, random_integer, quicksum G = 3 P = big_prime(32) def generate_private_key(q_size=64): private_key = random_integer(q_size) return private_key def generate_public_key(private_key, g=G, p=P): public_key = quicksum(private_key) % p return public_key def generate_keypair(q_size=64): private_key = generate_private_key(q_size) public_key = generate_public_key(private_key) return public_key, private_key
# 1 2 3 4 5 = 15 # 1 2 3 4 5 6 7 = 28 # q1 = 6; q2 = 8; # g ^ x == g * r mod p # (g ^ a) ^ b == (g ^ b) ^ a mod p # pick a random m # store it in the exponent # exponentiate to multiply exponents raise NotImplementedError() from crypto.utilities import big_prime, random_integer, quicksum G = 3 P = big_prime(32) def generate_private_key(q_size=64): private_key = random_integer(q_size) return private_key def generate_public_key(private_key, g=G, p=P): public_key = quicksum(private_key) % p return public_key def generate_keypair(q_size=64): private_key = generate_private_key(q_size) public_key = generate_public_key(private_key) return public_key, private_key def generate_secret(public_key, private_key, p=P): return (public_key * private_key) % p
def generate_public_key(e, p, q_size): encrypted_q = encrypt(big_prime(2), (e, p)) encrypted_p = encrypt(p, (e, p)) encrypted_n = encrypted_q * encrypted_p assert encrypted_n % p == 0 return encrypted_n
from math import log from crypto.utilities import random_integer, modular_inverse, big_prime, modular_subtraction N = 90539821999601667010016498433538092350601848065509335050382778168697877622963864208930434463149476126948597274673237394102007067278620641565896411613073030816577188842779580374266789048335983054644275218968175557708746520394332802669663 N2 = big_prime(33) def generate_pi(pi_size=65, n=N): pi = random_integer(pi_size) assert log(n, 2) - log(pi, 2) > 256, log(n, 2) - log(pi, 2) return pi def generate_pq(private_key, q_size=32, n=N): p = modular_inverse(private_key, n) q = random_integer(q_size) pq = (p * q) % n assert log(n, 2) - log(pq, 2) < 256 assert log(n, 2) - log(modular_inverse(pq, n), 2) < 256, (log(n, 2), log(n - modular_inverse(pq, n), 2)) return pq, q def generate_keypair(): pi = generate_pi() pq, q = generate_pq(pi) public_key = pq private_key = (pi, q) return public_key, private_key def encrypt(m, public_key, q_size=32, e_size=32, n=N, n2=N2): assert n == N e = random_integer(e_size) q = pow(m, e, n2)
# a + b # a + 2b # 2a + 3b # 3a + 5b # 5a + 8b # 8a + 13b # 13a + 21b # 21a + 34b from crypto.utilities import random_integer, big_prime SIZE = 2 POINTS = random_integer(SIZE), random_integer(SIZE) P = big_prime(33) from math import sqrt def fib_f(n): def fib_inner(n): if n == 0: return 0, 2 m = n >> 1 # q = 2*(-1)**m q = -2 if (m & 1) == 1 else 2 u, v = fib_inner(m) u, v = u * v, v * v - q if n & 1 == 1: # u, v of 2m+1 u1 = (u + v) >> 1 return u1, 2*u + u1
def generate_private_key(size, e=65537): p = big_prime(size) return p, modular_inverse(e, p - 1)
def generate_private_key(security_level=SECURITY_LEVEL): modulus = big_prime(33) a = 2**256 ai = modular_inverse(a, modulus) return ai, modulus
def random_rsa_key(size): p, q = big_prime(size), big_prime(size) n = p * q totient = (p - 1) * (q - 1) d = modular_inverse(3, totient) return n, d, p
shift = security_level * 8 r_size = security_level * 15 a_shift = security_level * 14 * 8 s_size = security_level * 3 e_shift = ((security_level * 18) * 8) - (padding * 8) mask = (2**(security_level * 8)) - 1 return q_size, inverse_size, shift, r_size, a_shift, s_size, e_shift, mask Q_SIZE, INVERSE_SIZE, SHIFT, R_SIZE, A_SHIFT, S_SIZE, E_SHIFT, MASK = generate_parameter_sizes( SECURITY_LEVEL, PADDING) PRIME_SIZE = 8 PRIME_COUNT = Q_SIZE / PRIME_SIZE Q_ps = [big_prime(PRIME_SIZE) for count in range(PRIME_COUNT + PADDING)] Q = product(Q_ps) def generate_private_key(inverse_size=INVERSE_SIZE, r_size=R_SIZE, q=Q, shift=SHIFT): while True: inverse = random_integer(inverse_size) << shift r = random_integer(r_size) try: modular_inverse(inverse, q + r) except ValueError: continue else:
from crypto.utilities import random_integer, modular_inverse, big_prime N = big_prime(100)# 225241569627851595350838763681785906724428697290141769801417622676568654297666710841212749141365354701580553980093849901004039773586835061419475389683261733366356402019584392943366827909987225051679644735050009473774055785709735868550935917252113327365761454283845798784266844015580824147815866496951983755425002748038076897447553238870256861001436001898169 def generate_key(p_size=33, k_size=64, n=N): p0 = random_integer(p_size) k = random_integer(k_size) return (p0, k, modular_inverse(k, n)) # pm1 + e1 + pm2 + e2 # p(m1 + m2) + (e1 + e2) # pm2 + e2 def encrypt(m, key, r_size=31, n=N): p0, k, ki = key ciphertext = (p0 * m) + random_integer(r_size) # 33 + 32 + 32 = 97 ciphertext = (ciphertext * k) % n return ciphertext def decrypt(ciphertext, key, n=N): p0, k, ki = key ciphertext = (ciphertext * ki) % n e = ciphertext % p0 p0m = ciphertext - e return p0m / p0 def test_encrypt_decrypt(): from unittesting import test_symmetric_encrypt_decrypt test_symmetric_encrypt_decrypt("modular3", generate_key, encrypt, decrypt, iterations=10000) if __name__ == "__main__":
def generate_key(security_level=SECURITY_LEVEL): k = big_prime(security_level) return k
from crypto.utilities import random_integer, big_prime, modular_inverse, modular_subtraction SIZE = 32 P = big_prime(SIZE + 1) def generate_key(size=SIZE, p=P): a = random_integer(size) b = random_integer(size) d = modular_inverse(modular_subtraction(b ** 2, a ** 2, p), p) return a, b, d def generate_points(key, size=SIZE, p=P): a, b, d = key x, y = random_integer(size), random_integer(size) point1 = ((a * x) + (b * y)) % p point2 = ((a * y) + (b * x)) % p return point1, point2, x, y def recover_xy(p1, p2, key, p=P): a, b, d = key x = (((b * p2) - (a * p1)) * d) % p y = (((b * p1) - (a * p2)) * d) % p # b(ay + bx) - a(ax + by) # aby + bbx - aax - aby # bbx - aax # x(aa - bb) # b(ray + rbx) - a(zax + zby) # bray + brbx - azax - azby
# sx + aie # 64 32 96 32 128 128 + 32 == 160 from crypto.utilities import random_integer, modular_inverse, big_prime SECURITY_LEVEL = 32 P = big_prime(129) def generate_private_key(security_level=SECURITY_LEVEL, modulus=P): ai = random_integer((security_level * 3) + 1) >> 7 # + 1 byte and >> 7 to make it 1 bit larger return ai def generate_public_key(private_key, security_level=SECURITY_LEVEL, modulus=P): ai = private_key a = modular_inverse(ai, modulus) x = random_integer(security_level) return (a * x) % modulus def generate_keypair(security_level=SECURITY_LEVEL, modulus=P): private_key = generate_private_key(security_level, modulus) public_key = generate_public_key(private_key, security_level, modulus) return public_key, private_key def encapsulate_key(public_key, security_level=SECURITY_LEVEL, modulus=P): s1 = random_integer(security_level * 2) e = random_integer(security_level)