def __init__(self): self.p = gensafeprime.generate( 512) #512 bit primes for speed/recursion depth self.q = gensafeprime.generate(512) self.n = self.p * self.q self.e, self.d = generate_key_pair(self.p, self.q) self.plaintext = "hi mom"
def generate_keys(): e = 3 p = gensafeprime.generate(1024) q = gensafeprime.generate(1024) n = p*q et = (p-1)*(q-1) d = Crypto.Util.number.inverse(e,et) return(d,e,n)
def main(): p = gensafeprime.generate(100) q = gensafeprime.generate(100) n = p*q e,d = generate_key_pair(p, q) m = "hello my friend!!" ct = rsa_encrypt(m, e, n) md = rsa_decrypt(ct, d, n) print md
def __init__(self): self.p = gensafeprime.generate(300) #300 bit primes self.q = gensafeprime.generate(300) self.n = self.p * self.q self.e, self.d = generate_key_pair(self.p, self.q) self.texts = [ "I like cheese", "I like cryptography", "I'm not very good at this", "hmmmmmmmm", "Do your worst!", "I bet you can't decrypt this" ]
def keypair(bits): p = gensafeprime.generate(bits) q = gensafeprime.generate(bits) n = p * q et = (p - 1) * (q - 1) e = 3 d = invmod(e, et) Public = [e, n] Private = [d, n] return [Public, Private]
def keypair(bits): p = gensafeprime.generate(bits) q = gensafeprime.generate(bits) n = p * q et = (p-1) * (q-1) e = 3 d = invmod(e, et) Public = [e, n] Private = [d, n] return [Public, Private]
def __init__(self, pk = None, sk = None): self.MsgDir = './messages/' if pk is None: from gensafeprime import generate p, q = generate(1024), generate(1024) pk = p * q self.pk = pk if sk is None: sk = 2 * number.getRandomNBitInteger(255) + 1 self.sk = sk
def rsa_keygen(n): # use openssl to generate primes p = gensafeprime.generate(n//2) q = gensafeprime.generate(n//2) N = p*q phi = (p-1)*(q-1) d = modinv(phi, E_RSA) sk = (d, N) pk = (E_RSA, N) return pk, sk
def rsa_keygen(n): # use openssl to generate primes p = gensafeprime.generate(n // 2) q = gensafeprime.generate(n // 2) N = p * q phi = (p - 1) * (q - 1) d = modinv(phi, E_RSA) sk = (d, N) pk = (E_RSA, N) return pk, sk
def main(): m = "Hi I'm encrypting this 3 times hopefully it goes ok!" ct = [] pk = [] for i in range(3): p = gensafeprime.generate(300) #300 bit primes q = gensafeprime.generate(300) n = p*q e,d = generate_key_pair(p, q) c = rsa_encrypt(m, e, n) ct.append(c) pk.append(n) print e_3_broadcast(ct, pk)
def __init__(self, l=512): if l <= 0: print "error" raise Exception() elif l < 16: self._p = 47 self._q = 59 self.n = self._p * self._q self._phi = (self._p - 1) * (self._q - 1) else: self._p = gensafeprime.generate(l) self._q = gensafeprime.generate(l) self.n = self._p * self._q self._phi = (self._q - 1) * (self._p - 1)
def rsa(msg): e = 3 p = gensafeprime.generate(1024) q = gensafeprime.generate(1024) n = p * q et = (p - 1) * (q - 1) d = Crypto.Util.number.inverse(e, et) m = Crypto.Util.number.bytes_to_long(msg) c = pow(m, e, n) decrypt_msg = pow(c, d, n) dec = Crypto.Util.number.long_to_bytes(decrypt_msg) print(dec) return (c, n)
def gen_keys(): ''' generates public and private key for RSA encryption with crypto safe prime numbers (1024 bits) returns -> ( public ( e , n ) , private ( d , n ) ''' e = 17 p = gensafeprime.generate(128) q = gensafeprime.generate(128) n = p*q et = (p-1)*(q-1) d = inverse(e,et) public = e,n private = d,n return(public,private)
def generate_primes(key_size=128): """ Generate some primes. Key size in bits. """ if key_size >= 512: from cryptography.hazmat.backends import default_backend from cryptography.hazmat.primitives.asymmetric import rsa private_key = rsa.generate_private_key(public_exponent=65537, key_size=key_size, backend=default_backend()) private_numbers = private_key.private_numbers() p, q = private_numbers.p, private_numbers.q else: import gensafeprime p, q = gensafeprime.generate(key_size), gensafeprime.generate(key_size) return min(p, q), max(p, q)
def diffie_helman(): g = 5 rbytes = ssl.rand.bytes(63) s = long(rbytes.encode('hex'), 16) p = sp.generate(504) print "g=%d, s=%d, p=%d" % (g, s, p) print "g^s mod p =%d" % (modular_exponentiation(g, s, p))
def get_primes(): rel_prime = False p, q = 0, 0 while not rel_prime: # Ensure high order bit is set while (p >> 511) != 1: # or could bit-wise & with 2^512 and check if equal to 2^512 p = sp.generate(512) while (q >> 511) != 1: q = sp.generate(512) # Verify that phi(n) [(p-1)(q-1) is relatively prime to e] phin = (p - 1) * (q - 1) if relatively_prime(phin, e) == 1: # or just phin % e != 0, since e is prime rel_prime = True else: p, q = 0, 0 return p, q
def generate_key(self): # l is length of p1 and q1 # (l+1) is length of p and q # n = p * q -> length of n is 2*(l+1) safeprime_length = self.sec_params["l"] + 1 self.p = gensafeprime.generate(safeprime_length) self.q = gensafeprime.generate(safeprime_length) self.p1 = (self.p - 1) / 2 self.q1 = (self.q - 1) / 2 #if self.p1 == self.q1: # sys.exit("p1 and q1 are the same") n = self.p * self.q self.pub_key["n"] = n n2 = n * n # n1 = self.p1 * self.q1 gg1 = number.getRandomRange(0, n2) # g' in paper g = pow(gg1, 2 * n, n2) self.pub_key["g"] = g # choose x1, x2, x3 which are < n^2/4 b = n2 / 4 x1 = number.getRandomRange(0, b) x2 = number.getRandomRange(0, b) x3 = number.getRandomRange(0, b) self.sec_key["n"] = n self.sec_key["g"] = g self.sec_key["x1"] = x1 self.sec_key["x2"] = x2 self.sec_key["x3"] = x3 y1 = pow(g, x1, n2) y2 = pow(g, x2, n2) y3 = pow(g, x3, n2) self.pub_key["y1"] = y1 self.pub_key["y2"] = y2 self.pub_key["y3"] = y3 return True
def make_pubpri(nbit): p, q, r = [getPrime(nbit) for _ in xrange(3)] n = p * q * r phi = (p - 1) * (q - 1) * (r - 1) l = min([p, q, r]) d = getPrime(1 << 8) e = inverse(d, phi) a = gensafeprime.generate(2 * nbit) while True: g = getRandomRange(2, a) if pow(g, 2, a) != 1 and pow(g, a / 2, a) != 1: break return (n, e, a, g), (n, d, a, g)
def extended_euclid(a, b): if a == 0: return b, 0, 1 else: g, y, x = extended_euclid(b % a, a) return g, x - (b // a) * y, y if __name__ == "__main__": # generate key params bitlen = 512 e = 65537 p = gensafeprime.generate(bitlen) q = gensafeprime.generate(bitlen) n = p * q m = (p - 1) * (q - 1) while not coprime([e, m]): p = gensafeprime.generate(bitlen) q = gensafeprime.generate(bitlen) n = p * q m = (p - 1) * (q - 1) d = mod_inv(e, m) print("p: " + str(p)) print("q: " + str(q)) print("n: " + str(n)) print("e: " + str(e)) print("d: " + str(d))
def keygen(k, t, l, save_dir, save_in_file=True, gen_dlut=False): # generate distinct primes vp and vq vp = gensafeprime.generate(t) while (1): vq = gensafeprime.generate(t) if vp != vq: break # generate u to be the prime just greater than 2^l+2 u = nextprime(pow(2, l + 2)) # generate prime p s.t. vp | p-1 and u | p-1 print("Generating p....") while (1): temp1 = 2 * u * vp sz = k // 2 - temp1.bit_length() prand = gensafeprime.generate(sz) p = temp1 * prand + 1 if isprime(p): break print("Generating q....") # generate prime q s.t. vq | q-1 and u | q-1 while (1): temp1 = 2 * u * vq sz = k // 2 - temp1.bit_length() qrand = gensafeprime.generate(sz) q = temp1 * qrand + 1 if isprime(q): break # calc n n = p * q # finding h partials_p = [2 * u * vp, 2 * u * prand, 2 * vp * prand, prand * vp * u] while (1): hrandp = random.randint(0, p - 1) if (hrandp == 1 or math.gcd(hrandp, p) != 1): continue f = False for prod in partials_p: f = f | (pow(hrandp, prod, p) == 1) if (f): break if (not f): break partials_q = [2 * u * vq, 2 * u * qrand, 2 * vq * qrand, qrand * vq * u] while (1): hrandq = random.randint(0, q - 1) if (hrandq == 1 or math.gcd(hrandq, q) != 1): continue f = False for prod in partials_q: f = f | (pow(hrandq, prod, q) == 1) if (f): break if (not f): break hrand = (hrandp * q * mod_inverse(q, p) + hrandq * p * mod_inverse(p, q)) % n h = pow(hrand, 2 * u * prand * qrand, n) #finding g partials_p = [2 * u * vp, 2 * u * prand, 2 * vp * prand, prand * vp * u] while (1): grandp = random.randint(0, p - 1) if (grandp == 1 or math.gcd(grandp, p) != 1): continue f = False for prod in partials_p: f = f | (pow(grandp, prod, p) == 1) # modp or modp-1 if (f): break if (not f): break partials_q = [2 * u * vq, 2 * u * qrand, 2 * vq * qrand, qrand * vq * u] while (1): grandq = random.randint(0, q - 1) if (grandq == 1 or math.gcd(grandq, q) != 1): continue f = False for prod in partials_q: f = f | (pow(grandq, prod, q) == 1) # modp or modp-1 if (f): break if (not f): break grand = (hrandp * q * mod_inverse(q, p) + hrandq * p * mod_inverse(p, q)) % n g = pow(grand, 2 * prand * qrand, n) priv, pub = {}, {} priv['p'], priv['q'], priv['vp'], priv['vq'] = p, q, \ vp, vq pub['n'], pub['g'], pub['h'], pub['u'], pub['t'] = n, g, \ h, u, t if (gen_dlut): print("Generating dlut....") priv['dlut'] = [] for i in range(pub['u']): if (i % 10000 == 0): print(i) priv['dlut'].append(pow(pub['g'], priv['vp'] * i, priv['p'])) priv['dlut'] = np.array(priv['dlut']) if (save_in_file): np.save(os.path.join(save_dir, "priv.npy"), priv) np.save(os.path.join(save_dir, "pub.npy"), pub) return priv, pub
def genSafePrimes(k): p = gensafeprime.generate(k - 1) return (p - 1) / 2, p
return crypt(integer, public_key) def decrypt_string(ciphertext, private_key): """Take an integer, return a string.""" return i2s(crypt(ciphertext, private_key)) #### tests #### ## invmod assert invmod(17, 3120) == 2753 for i in range(10): a = gensafeprime.generate(64) m = gensafeprime.generate(64) x = invmod(a, m) assert (a * x) % m == 1 ## i2s and s2i h = 'Hiya' assert i2s(s2i(h)) == h assert s2i(i2s(999999999)) == 999999999 assert s2i(i2s(9999999999)) == 9999999999 ## keypair and crypt for i in range(10): U, R = keypair(64)
def __init__(self, bits): p = gensafeprime.generate(bits/2) q = gensafeprime.generate(bits/2) self.bits = bits self.n = p*q self.e, self.d = generate_key_pair(p, q)
def gen_N(b=4096): p = gensafeprime.generate(b // 2) q = gensafeprime.generate(b // 2) return p * q
def generate_prime(): prime = gensafeprime.generate(512) if prime & 1 == 0: prime = generate_prime() return prime
def __init__(self): p = gensafeprime.generate(1024) q = gensafeprime.generate(1024) self.n = p*q self.e, self.d = generate_key_pair(p, q)
import gensafeprime import random import time #générer deux chiffres aléatoires premiers p et q p = gensafeprime.generate(1024) q = gensafeprime.generate(1024) print('Affichage de la valeur de p : ', p) print('Affichage de la valeur de q : ', q) N = p * q print('Affichage de la valeur de N :', N) #Fi est le 𝜑(𝑁) vu en cours Fi = (p - 1) * (q - 1) print('Affichage de la valeur de Fi :', Fi) # e est l'une des valeurs de la clé public , elle a été énnoncée dans le TP e = 65537 print("Affichage de la valeur de e :", e) # pour effectuer l'inversion modulaire on implémente deux fonctions qui sont extended_gcd et inverse_modulaire def extended_gcd(val1, val2): lastremainder, remainder = abs(val1), abs(val2) x, lastx, y, lasty = 0, 1, 1, 0 while remainder: lastremainder, (quotient, remainder) = remainder, divmod(lastremainder, remainder)
import struct, sys, proto, gensafeprime, discrete_log_proof p=gensafeprime.generate(1024) coins=set([pow(2,int(s),p) for s in sys.argv[2:]]) proto.bank("127.0.0.1", int(sys.argv[1]),coins,p)
for _ in menu( *[ f"What do, {USER}?" ] + [ ("Share useless flag.", share_user_flag), ("Redeem useless flag.", redeem_user_flag), ("Store scoring flag.", share_actual_flag), ("Retrieve scoring flag.", redeem_actual_flag) ], loop=True, done_option=True ): pass if not os.path.exists(os.path.join(os.path.dirname(__file__), "prime.ooo")): print("[STARTUP] Generating prime...") with open("prime.ooo", 'w') as _f: _f.write(str(gensafeprime.generate(256))) if not os.path.exists(os.path.join(os.path.dirname(__file__), "matrix.ooo")): print("[STARTUP] Generating matrix...") with open("matrix.ooo", 'w') as _f: _f.write(str(random_matrix(100, 5))) P = ast.literal_eval(open("prime.ooo").read().strip()) M = ast.literal_eval(open("matrix.ooo").read().strip()) N = len(M) K = len(M[0]) def sanity_check(n=N, k=K, m=M): def one_check(secret): shares = split_secret(secret, n, k, m) random.shuffle(shares)
"""Take a string, return an integer.""" integer = s2i(string) return crypt(integer, public_key) def decrypt_string(ciphertext, private_key): """Take an integer, return a string.""" return i2s(crypt(ciphertext, private_key)) #### tests #### ## invmod assert invmod(17, 3120) == 2753 for i in range(10): a = gensafeprime.generate(64) m = gensafeprime.generate(64) x = invmod(a, m) assert (a*x) % m == 1 ## i2s and s2i h = 'Hiya' assert i2s(s2i(h)) == h assert s2i(i2s(999999999)) == 999999999 assert s2i(i2s(9999999999)) == 9999999999 ## keypair and crypt for i in range(10): U, R = keypair(64)
import gensafeprime import subprocess import shlex from math import ceil, log, exp BITS = [50, 55, 60] CONFS = {'1': 'hostfile_1', '2': 'hostfile_2', '4': 'hostfile_4'} BOUND_FACTORS = [1, 2, 4, 8, 16] COMMANDLINE = "mpirun --hostfile {} -np {} ./bachelor_main {} {} {}" def L(a,c,N): z = ceil(exp(c*log(N) ** a*log(log(N)) ** (1-a))) if z % 2: z += 1 return ceil(z) for bits, factor in itertools.product(BITS, BOUND_FACTORS): prime = gensafeprime.generate(bits) default_bound = L(0.5, 0.5, prime) for workers, hostfile in CONFS.items(): cmdline = COMMANDLINE.format(hostfile, workers, bits, prime, ceil(factor * default_bound)) print("---------------------------------") print('# ', cmdline) out = subprocess.check_output(shlex.split(cmdline), universal_newlines=True) print(out) print("---------------------------------") print() with open('out_{}_{}_{}'.format(bits, workers, factor), 'w') as f: f.write(out)
def __init__(self, bits): p = gensafeprime.generate(bits / 2) q = gensafeprime.generate(bits / 2) self.bits = bits self.n = p * q self.e, self.d = generate_key_pair(p, q)
def erik_tews_SSL_prime(n): return gensafeprime.generate(n)
#!/usr/bin/env python3 import gensafeprime import hashlib import random import binascii random.seed(12345) # Seed the PRNG p = gensafeprime.generate(1024) # Generate a safe prime `p` g = random.randint(2, p - 2) # Alice and Bob agree on a base `g` a = random.randint(2, p - 2) # Alice selects their `a` b = random.randint(2, p - 2) # Bob selects their `b` ga = pow(g, a, p) # Alice computes g^a mod p gb = pow(g, b, p) # Bob computes g^b mod p ka = pow(gb, a, p) # Alice uses Bob's `gb` to compute the key kb = pow(ga, b, p) # Bob uses Alice's `ga` to compute the key assert ka == kb # Alice and Bob now have the same key! # ka is maximally 1024 bits, so convert to 128 bytes key = hashlib.sha224(ka.to_bytes(128, 'big')).hexdigest() print(key)