def setUp(self):
self.group = curvep256()
self.x0 = PrivateKey(self.group)
self.x1 = PrivateKey(self.group)
self.y0 = self.x0.public_key()
self.y1 = self.x1.public_key()
self.S, self.T = self.test_operations_basic()
def setup(self, group, clients, trustees, owner_idx):
ckeys, cpkeys = self.gen_keys(group, clients)
tkeys, tpkeys = self.gen_keys(group, trustees)
akey = PrivateKey(group)
apkey = akey.public_key()
cverdicts = []
ccommitments = []
for idx in range(clients):
if idx == owner_idx:
cverdicts.append(OwnerVerdict(akey, ckeys[idx], cpkeys, tpkeys))
else:
cverdicts.append(ClientVerdict(apkey, ckeys[idx], cpkeys, tpkeys))
ccommitments.append(cverdicts[-1].commitment())
tverdicts = []
tcommitments = []
for idx in range(trustees):
tverdicts.append(TrusteeVerdict(apkey, tkeys[idx], cpkeys, tpkeys))
tcommitments.append(tverdicts[-1].commitment())
for verdict in cverdicts:
verdict.set_commitments(ccommitments, tcommitments)
for verdict in tverdicts:
verdict.set_commitments(ccommitments, tcommitments)
return (cverdicts, tverdicts)
def setup(self, group, clients, trustees, owner_idx):
ckeys, cpkeys = self.gen_keys(group, clients)
tkeys, tpkeys = self.gen_keys(group, trustees)
akey = PrivateKey(group)
apkey = akey.public_key()
cverdicts = []
ccommitments = []
for idx in range(clients):
if idx == owner_idx:
cverdicts.append(OwnerVerdict(akey, ckeys[idx], cpkeys,
tpkeys))
else:
cverdicts.append(
ClientVerdict(apkey, ckeys[idx], cpkeys, tpkeys))
ccommitments.append(cverdicts[-1].commitment())
tverdicts = []
tcommitments = []
for idx in range(trustees):
tverdicts.append(TrusteeVerdict(apkey, tkeys[idx], cpkeys, tpkeys))
tcommitments.append(tverdicts[-1].commitment())
for verdict in cverdicts:
verdict.set_commitments(ccommitments, tcommitments)
for verdict in tverdicts:
verdict.set_commitments(ccommitments, tcommitments)
return (cverdicts, tverdicts)
def gen_keys(self, group, count):
keys = []
pkeys = []
for idx in range(count):
k = PrivateKey(group)
keys.append(k)
pkeys.append(k.public_key())
return (keys, pkeys)
def gen_keys(count):
dhkeys = []
pkeys = []
for idx in range(count):
dh = PrivateKey(global_group)
dhkeys.append(dh)
pkeys.append(dh.public_key())
return dhkeys, pkeys
def gen_keys(count):
dhkeys = []
pkeys = []
for idx in range(count):
dh = PrivateKey(global_group)
dhkeys.append(dh)
pkeys.append(dh.public_key())
return dhkeys, pkeys
def gen_keys(self, group, count):
keys = []
pkeys = []
for idx in range(count):
k = PrivateKey(group)
keys.append(k)
pkeys.append(k.public_key())
return (keys, pkeys)
def sync(self, client_set):
""" Called at the beginning of an interval to generate new trap keys
for secret sharing, and to update xornet with the new interval.
"""
self.interval += 1
trap_key = PrivateKey(global_group)
self.trap_secrets = [trap_key.exchange(k) for k in self.nym_keys]
self.trap_keys.append(trap_key)
self.xornet = XorNet(self.secrets, self.interval)
self.all_trap_secrets = [[] for _ in self.nym_keys]
def main():
group = verdict_1024()
from elgamal import PrivateKey, PublicKey
x0 = PrivateKey(group)
y0 = x0.public_key()
x1 = PrivateKey(group)
y1 = x1.public_key()
assert x0.exchange(y1) == y1.exchange(x0)
data = b"hello"
encrypted = y0.encrypt(data)
assert x0.decrypt(encrypted) == data
assert y0.verify(data, x0.sign(data))
def generate(cls, n):
secrets = [PrivateKey(global_group) for _ in range(n)]
keys = [key.public_key() for key in secrets]
id = lambda x: SHA256.new(long_to_bytes(pub_to_long(x))).hexdigest()
ids = [id(key) for key in keys]
privates = [Private(id, secret) for id, secret in zip(ids, secrets)]
return cls(ids, keys), privates
def main():
group = verdict_1024()
from elgamal import PrivateKey, PublicKey
x0 = PrivateKey(group)
y0 = x0.public_key()
x1 = PrivateKey(group)
y1 = x1.public_key()
assert x0.exchange(y1) == y1.exchange(x0)
data = b"hello"
encrypted = y0.encrypt(data)
assert x0.decrypt(encrypted) == data
assert y0.verify(data, x0.sign(data))
def generate(cls, n, host, port):
secrets = [PrivateKey(global_group) for _ in range(n)]
keys = [key.public_key() for key in secrets]
id = lambda x: SHA256.new(long_to_bytes(pub_to_long(x))).hexdigest()
ids = [id(key) for key in keys]
privates = [Private(id, secret) for id, secret in zip(ids, secrets)]
# TODO: This won't work for multiple access points
if n == 1:
hosts = [host]
ports = [port]
else:
hosts = [host + str(i) for i in range(n)]
ports = [port for i in range(len(ids))]
mcasts = [(MCAST_ADDR, 4747 + i) for i in range(len(ids))]
return cls(ids, keys, hosts, ports, mcasts), privates
def sync(self, client_set):
self.interval += 1
trap_key = PrivateKey(global_group)
self.trap_keys.append(trap_key)
self.xornet = XorNet(self.secrets, self.interval)
class Test(unittest.TestCase):
def setUp(self):
self.group = curvep256()
self.x0 = PrivateKey(self.group)
self.x1 = PrivateKey(self.group)
self.y0 = self.x0.public_key()
self.y1 = self.x1.public_key()
self.S, self.T = self.test_operations_basic()
def test_is_element(self):
self.assertTrue(self.group.is_element((self.group.g)))
self.assertTrue(self.group.is_element((self.x1.element)))
self.assertTrue(self.group.is_element((self.x0.element)))
for i in range(100):
self.assertTrue(self.group.is_element((self.group.random_element())))
def test_operations_basic(self):
# Values obtained from NIST Routines handbook:
# http://www.nsa.gov/ia/_files/nist-routines.pdf
x_s = string_to_long("de2444be bc8d36e6 82edd27e 0f271508 617519b3"
"221a8fa0 b77cab39 89da97c9")
y_s = string_to_long("c093ae7f f36e5380 fc01a5aa d1e66659 702de80f"
"53cec576 b6350b24 3042a256")
S = (x_s, y_s)
x_t = string_to_long("55a8b00f 8da1d44e 62f6b3b2 5316212e 39540dc8"
"61c89575 bb8cf92e 35e0986b")
y_t = string_to_long("5421c320 9c2d6c70 4835d82a c4c3dd90 f61a8a52"
"598b9e7a b656e9d8 c8b24316")
T = (x_t, y_t)
return (S, T)
def test_addition(self):
x_r = string_to_long("72b13dd4 354b6b81 745195e9 8cc5ba69 70349191"
"ac476bd4 553cf35a 545a067e")
y_r = string_to_long("8d585cbb 2e1327d7 5241a8a1 22d7620d c33b1331"
"5aa5c9d4 6d013011 744ac264")
R = self.group.add(self.S, self.T)
self.assertEqual(R, (x_r, y_r))
def test_subtraction(self):
x_rs = string_to_long("c09ce680 b251bb1d 2aad1dbf 6129deab 837419f8"
"f1c73ea1 3e7dc64a d6be6021")
y_rs = string_to_long("1a815bf7 00bd8833 6b2f9bad 4edab172 3414a022"
"fdf6c3f4 ce30675f b1975ef3")
R_s = self.group.add(self.S, self.group.inverse(self.T))
self.assertEqual(R_s, (x_rs, y_rs))
def test_double(self):
x_rd = string_to_long("7669e690 1606ee3b a1a8eef1 e0024c33 df6c22f3"
"b17481b8 2a860ffc db6127b0")
y_rd = string_to_long("fa878162 187a54f6 c39f6ee0 072f33de 389ef3ee"
"cd03023d e10ca2c1 db61d0c7")
R_d = self.group.double(self.S)
self.assertEqual(R_d, (x_rd, y_rd))
def test_multiplication(self):
d = string_to_long("c51e4753 afdec1e6 b6c6a5b9 92f43f8d d0c7a893"
"3072708b 6522468b 2ffb06fd")
x_rm = string_to_long("51d08d5f 2d427888 2946d88d 83c97d11 e62becc3"
"cfc18bed acc89ba3 4eeca03f")
y_rm = string_to_long("75ee68eb 8bf626aa 5b673ab5 1f6e744e 06f8fcf8"
"a6c0cf30 35beca95 6a7b41d5")
R_m = self.group.multiply(self.S, d)
self.assertEqual(R_m, (x_rm, y_rm))
# Joint scalar multiply testing
e = string_to_long("d37f628e ce72a462 f0145cbe fe3f0b35 5ee8332d"
"37acdd83 a358016a ea029db7")
x_j = string_to_long("d867b467 92210092 34939221 b8046245 efcf5841"
"3daacbef f857b858 8341f6b8")
y_j = string_to_long("f2504055 c03cede1 2d22720d ad69c745 106b6607"
"ec7e50dd 35d54bd8 0f615275")
R_j = self.group.add(self.group.multiply(self.S, d), \
self.group.multiply(self.T, e))
self.assertEqual(R_j, (x_j, y_j))
def test_addition_random(self):
for i in range(50):
r1 = self.group.random_element()
r2 = self.group.random_element()
self.group.add(r1, r2)
def test_multiplication_random(self):
for i in range(50):
k = self.group.random_secret()
self.group.multiply(self.group.generator(), k)
def test_encoding(self):
g = self.group
msg1 = b"" # 0 character encoding
msg2 = b"Hello" # multiple character encoding
msg3 = b"abcdefghijklmnopqrstuvxyzab"
# Maximum number of chars: 28 + 2 zero padding + leading byte = 31
self.assertEqual(g.decode(g.encode(msg1)), msg1)
self.assertEqual(g.decode(g.encode(msg2)), msg2)
self.assertEqual(g.decode(g.encode(msg3)), msg3)
def test_ecdsa(self):
msg = b"Example of ECDSA with P-256"
g = self.group
self.assertTrue(g.verify(self.y0.element, msg, \
g.sign(self.x0.secret, msg)))
self.assertFalse(g.verify(self.y1.element, msg, \
g.sign(self.x0.secret, msg)))
def test_exchange(self):
self.assertEqual(self.x0.exchange(self.y1), self.y1.exchange(self.x0))
self.assertEqual(self.x1.exchange(self.y0), self.y0.exchange(self.x1))
def main():
t0 = time.time()
p = argparse.ArgumentParser(description="Local, insecure DC-net test")
p.add_argument("config_dir")
opts = p.parse_args()
# load the public system data
with open(os.path.join(opts.config_dir, "system.json"), "r", encoding="utf-8") as fp:
data = json.load(fp)
clients = data["clients"]
client_ids = [c["id"] for c in clients]
client_keys = [PublicKey(global_group, c["key"]) for c in clients]
trustees = data["servers"]
trustee_ids = [t["id"] for t in trustees]
trustee_keys = [PublicKey(global_group, t["key"]) for t in trustees]
# and session data
with open(os.path.join(opts.config_dir, "session.json"), "r", encoding="utf-8") as fp:
data = json.load(fp)
session_id = data["session-id"]
nym_keys = [PublicKey(global_group, c["dhkey"]) for c in data["clients"]]
# load the post-shuffle slots
with open(os.path.join(opts.config_dir, "shuffle.json"), "r", encoding="utf-8") as fp:
data = json.load(fp)
slot_keys = [PublicKey(global_group, e) for e in data["slots"]]
# start multiple clients in the same process
# load private keys from individual files
clients = []
for iden in client_ids:
with open(os.path.join(opts.config_dir, "{}.json".format(iden)), "r", encoding="utf-8") as fp:
data = json.load(fp)
private_key = PrivateKey(global_group, data["private_key"])
with open(os.path.join(opts.config_dir, "{}-{}.json".format(iden, session_id)), "r", encoding="utf-8") as fp:
data = json.load(fp)
nym_private_key = PrivateKey(global_group, data["private_key"])
client = dcnet.Client(private_key, trustee_keys, NullCertifier(), NullEncoder())
client.add_own_nym(nym_private_key)
client.add_nyms(slot_keys)
clients.append(client)
# same with trustees
trustees = []
for iden in trustee_ids:
with open(os.path.join(opts.config_dir, "{}.json".format(iden)), "r", encoding="utf-8") as fp:
data = json.load(fp)
private_key = PrivateKey(global_group, data["private_key"])
trustee = dcnet.Trustee(private_key, client_keys)
trustee.add_nyms(slot_keys)
trustees.append(trustee)
# start a single relay
relay = dcnet.Relay(len(trustees), NullAccumulator(), NullDecoder())
relay.add_nyms(len(clients))
relay.sync(None)
trap_keys = []
for trustee in trustees:
trustee.sync(None)
trap_keys.append(trustee.trap_keys[-1].public_key())
for client in clients:
client.sync(None, trap_keys)
cleartexts = []
for i in range(1):
relay.decode_start()
for idx in range(len(trustees)):
trustee = trustees[idx]
ciphertext = trustee.produce_ciphertext()
relay.decode_trustee(ciphertext)
for idx in range(len(clients)):
client = clients[idx]
ciphertext = client.produce_ciphertexts()
relay.decode_client(ciphertext)
cleartexts.append(relay.decode_cell())
print(cleartexts)
print(time.time() - t0)
t0 = time.time()
cleartexts = []
for i in range(len(clients)):
relay.decode_start()
for idx in range(len(trustees)):
trustee = trustees[idx]
ciphertext = trustee.produce_ciphertext()
relay.decode_trustee(ciphertext)
for i, client in enumerate(clients):
ciphertext = client.produce_ciphertexts()
cleartext = long_to_bytes(0)
if i == 0:
cleartext = bytes("Hello", "UTF-8")
ciphertext = long_to_bytes(
bytes_to_long(ciphertext) ^ bytes_to_long(cleartext))
relay.decode_client(ciphertext)
cleartexts.append(relay.decode_cell())
print(cleartexts)
print(time.time() - t0)
import argparse
import json
import os
import random
import shutil
from Crypto.Hash import SHA256
from Crypto.Util.number import long_to_bytes, bytes_to_long
from elgamal import PublicKey, PrivateKey
from dcnet import global_group
long_to_pub = lambda x: PublicKey(global_group, x)
pub_to_long = lambda x: x.element
long_to_priv = lambda x: PrivateKey(global_group, x)
priv_to_long = lambda x: x.secret
MCAST_ADDR = "224.0.0.251"
class Relay:
HOST = "host"
PORT = "port"
def __init__(self, host, port):
self.host = host
self.port = port
def save(self):
return {
