def split_rekey(self, priv_a, priv_b, threshold, N): coeffs = [priv_a * (~priv_b)] # Standard rekey coeffs += [ ec.random(self.ecgroup, ec.ZR) for _ in range(threshold - 1) ] ids = [ec.random(self.ecgroup, ec.ZR) for _ in range(N)] rk_shares = [ RekeyFrag(id, key=poly_eval(coeffs, id), pre=self) for id in ids ] return rk_shares
def split_rekey(self, priv_a, priv_b, threshold, N): coeffs = [priv_a * (~priv_b)] # Standard rekey coeffs += [ ec.random(self.ecgroup, ec.ZR) for _ in range(threshold - 1) ] # TODO: change this! h = self.g vKeys = [h**coeff for coeff in coeffs] ids = [ec.random(self.ecgroup, ec.ZR) for _ in range(N)] rk_shares = [RekeyFrag(id, key=poly_eval(coeffs, id)) for id in ids] return rk_shares, vKeys
def __init__(self, curve=curves.secp256k1, g=None): self.curve = curves.secp256k1 self.ecgroup = ec.elliptic_curve(nid=self.curve) if g is None: self.g = ec.random(self.ecgroup, ec.G) else: self.g = ec.deserialize(self.ecgroup, g) self.bitsize = ec.bitsize(self.ecgroup)
def encapsulate(self, pub_key, key_length=32): """Generare an ephemeral key pair and symmetric key""" priv_e = ec.random(self.ecgroup, ec.ZR) pub_e = self.g**priv_e # DH between eph_private_key and public_key shared_key = pub_key**priv_e # Key to be used for symmetric encryption key = self.kdf(shared_key, key_length) return key, EncryptedKey(pub_e, re_id=None)
def encrypt(self, pub, msg, padding=True): if type(msg) is str: msg = msg.encode() if padding: msg = pad(self.bitsize, msg) chunks = [ msg[i * self.bitsize:i * self.bitsize + self.bitsize] for i in range(len(msg) // self.bitsize) ] else: chunks = [msg] r = ec.random(self.ecgroup, ec.ZR) c1 = self.load_key(pub)**r c2 = [(self.g**r) * ec.encode(self.ecgroup, m, False) for m in chunks] c2 = map(ec.serialize, c2) return msgpack.dumps([ec.serialize(c1)] + list(c2))
def test_alice_sends_fake_kFrag_to_Ursula(N, threshold): pre = umbral.PRE() priv_alice = pre.gen_priv() pub_alice = pre.priv2pub(priv_alice) priv_bob = pre.gen_priv() rk_ab = pre.rekey(priv_alice, priv_bob) sym_key, ekey_alice = pre.encapsulate(pub_alice) kfrags, vkeys = pre.split_rekey(priv_alice, priv_bob, threshold, N) for kfrag in kfrags: assert pre.check_kFrag_consistency(kfrag, vkeys) # Alice tries to frame the first Ursula by sending her a random kFrag fake_kfrag = kfrags[0]._replace(key=ec.random(pre.ecgroup, ec.ZR)) assert not pre.check_kFrag_consistency(fake_kfrag, vkeys)
def gen_priv(self, dtype='ec'): # Same as in BBS98 priv = ec.random(self.ecgroup, ec.ZR) return priv
def gen_priv(self, dtype='ec'): priv = ec.random(self.ecgroup, ec.ZR) if dtype in ('bytes', bytes): return ec.serialize(priv) else: return priv