Exemple #1
0
def relaxedSign(message, pub, priv):
    H = challenge43.hash(message)
    (p, q, g, y) = pub
    k = random.randint(1, q-1)
    x = priv
    r = pow(g, k, p) % q
    kInv = challenge39.invmod(k, q)
    s = (kInv * (H + x * r)) % q
    return (r, s)
Exemple #2
0
def relaxedSign(message, pub, priv):
    H = challenge43.hash(message)
    (p, q, g, y) = pub
    k = random.randint(1, q-1)
    x = priv
    r = pow(g, k, p) % q
    kInv = challenge39.invmod(k, q)
    s = (kInv * (H + x * r)) % q
    return (r, s)
Exemple #3
0
def verifySignatureHash(H, signature, pub):
    (r, s) = signature
    (p, q, g, y) = pub
    if r <= 0 or r >= q or s <= 0 or s >= q:
        return False
    w = challenge39.invmod(s, q)
    u1 = (H * w) % q
    u2 = (r * w) % q
    v = ((pow(g, u1, p) * pow(y, u2, p)) % p) % q
    return v == r
Exemple #4
0
def verifySignatureHash(H, signature, pub):
    (r, s) = signature
    (p, q, g, y) = pub
    if r <= 0 or r >= q or s <= 0 or s >= q:
        return False
    w = challenge39.invmod(s, q)
    u1 = (H * w) % q
    u2 = (r * w) % q
    v = ((pow(g, u1, p) * pow(y, u2, p)) % p) % q
    return v == r
Exemple #5
0
def signHashWithK(H, pub, priv, k):
    (p, q, g, y) = pub
    x = priv
    r = pow(g, k, p) % q
    if r == 0:
        return None
    kInv = challenge39.invmod(k, q)
    s = (kInv * (H + x * r)) % q
    if s == 0:
        return None
    return (r, s)
Exemple #6
0
def relaxedVerifySignature(message, signature, pub):
    H = challenge43.hash(message)
    (r, s) = signature
    (p, q, g, y) = pub
    if r < 0 or r >= q or s < 0 or s >= q:
        return False
    w = challenge39.invmod(s, q)
    u1 = (H * w) % q
    u2 = (r * w) % q
    v = ((pow(g, u1, p) * pow(y, u2, p)) % p) % q
    return v == r
Exemple #7
0
def signHashWithK(H, pub, priv, k):
    (p, q, g, y) = pub
    x = priv
    r = pow(g, k, p) % q
    if r == 0:
        return None
    kInv = challenge39.invmod(k, q)
    s = (kInv * (H + x * r)) % q
    if s == 0:
        return None
    return (r, s)
Exemple #8
0
def relaxedVerifySignature(message, signature, pub):
    H = challenge43.hash(message)
    (r, s) = signature
    (p, q, g, y) = pub
    if r < 0 or r >= q or s < 0 or s >= q:
        return False
    w = challenge39.invmod(s, q)
    u1 = (H * w) % q
    u2 = (r * w) % q
    v = ((pow(g, u1, p) * pow(y, u2, p)) % p) % q
    return v == r
Exemple #9
0
def checkForCommonK(pub, msg1, msg2):
    (p, q, g, y) = pub
    (_, s1, r1, m1) = msg1
    (_, s2, r2, m2) = msg2
    ds = (s1 - s2) % q
    dm = (m1 - m2) % q
    dsInv = challenge39.invmod(ds, q)
    k = (dm * dsInv) % q
    priv1 = challenge43.extractKey(m1, r1, s1, k, pub)
    priv2 = challenge43.extractKey(m2, r2, s2, k, pub)
    if priv1 == priv2 and challenge43.areValidKeys(pub, priv1) and challenge43.areValidKeys(pub, priv2):
        return (k, priv1)
    return (None, None)
Exemple #10
0
def checkForCommonK(pub, msg1, msg2):
    (p, q, g, y) = pub
    (_, s1, r1, m1) = msg1
    (_, s2, r2, m2) = msg2
    ds = (s1 - s2) % q
    dm = (m1 - m2) % q
    dsInv = challenge39.invmod(ds, q)
    k = (dm * dsInv) % q
    priv1 = challenge43.extractKey(m1, r1, s1, k, pub)
    priv2 = challenge43.extractKey(m2, r2, s2, k, pub)
    if priv1 == priv2 and challenge43.areValidKeys(
            pub, priv1) and challenge43.areValidKeys(pub, priv2):
        return (k, priv1)
    return (None, None)
Exemple #11
0
def extractKey(H, r, s, k, pub):
    (p, q, g, y) = pub
    rInv = challenge39.invmod(r, q)
    return (rInv * (s * k - H)) % q
Exemple #12
0
c0 = challenge39.encryptnum(pub0, plainnum)
c1 = challenge39.encryptnum(pub1, plainnum)
c2 = challenge39.encryptnum(pub2, plainnum)

n0 = pub0[1]
n1 = pub1[1]
n2 = pub2[1]

ms0 = n1 * n2
ms1 = n0 * n2
ms2 = n0 * n1

N = n0 * n1 * n2

r0 = (c0 * ms0 * challenge39.invmod(ms0, n0))
r1 = (c1 * ms1 * challenge39.invmod(ms1, n1))
r2 = (c2 * ms2 * challenge39.invmod(ms2, n2))

r = (r0 + r1 + r2) % N


def floorRoot(n, s):
    b = n.bit_length()
    p = math.ceil(b / s)
    x = 2**p
    while x > 1:
        y = (((s - 1) * x) + (n // (x**(s - 1)))) // s
        if y >= x:
            return x
        x = y
Exemple #13
0
def decryptOnce(ciphertext):
    sha1 = hashlib.sha1()
    sha1.update(ciphertext)
    digest = sha1.digest()
    if digest in decryptedHashes:
        raise ValueError('Already decrypted')
    decryptedHashes.add(digest)
    return challenge39.decryptbytes(priv, ciphertext)


if __name__ == '__main__':
    plaintext = b'secret text'
    ciphertext = encrypt(plaintext)
    plaintext2 = decryptOnce(ciphertext)
    if plaintext2 != plaintext:
        raise ValueError(plaintext2 + b' != ' + plaintext)

    (e, n) = pub
    s = random.randint(2, n - 1)
    c = challenge39.bytestonum(ciphertext)
    c2 = (pow(s, e, n) * c) % n
    ciphertext2 = challenge39.numtobytes(c2)
    plaintext3 = decryptOnce(ciphertext2)
    p3 = challenge39.bytestonum(plaintext3)
    p4 = (p3 * challenge39.invmod(s, n)) % n
    plaintext4 = challenge39.numtobytes(p4)

    if plaintext4 != plaintext:
        raise ValueError(plaintext4 + b' != ' + plaintext)
Exemple #14
0
    if r < 0 or r >= q or s < 0 or s >= q:
        return False
    w = challenge39.invmod(s, q)
    u1 = (H * w) % q
    u2 = (r * w) % q
    v = ((pow(g, u1, p) * pow(y, u2, p)) % p) % q
    return v == r

if __name__ == '__main__':
    (p, q, g) = (0x800000000000000089e1855218a0e7dac38136ffafa72eda7859f2171e25e65eac698c1702578b07dc2a1076da241c76c62d374d8389ea5aeffd3226a0530cc565f3bf6b50929139ebeac04f48c3c84afb796d61e5a4f9a8fda812ab59494232c7d2b4deb50aa18ee9e132bfa85ac4374d7f9091abc3d015efc871a584471bb1, 0xf4f47f05794b256174bba6e9b396a7707e563c5b, 0x5958c9d3898b224b12672c0b98e06c60df923cb8bc999d119458fef538b8fa4046c8db53039db620c094c9fa077ef389b5322a559946a71903f990f1f7e0e025e2d7f7cf494aff1a0470f5b64c36b625a097f1651fe775323556fe00b3608c887892878480e99041be601a62166ca6894bdd41a7054ec89f756ba9fc95302291)
    pub, priv = challenge43.genKeys(p, q, 0)
    message1 = b'Hello, world'
    signature1 = relaxedSign(message1, pub, priv)
    message2 = b'Goodbye, world'
    signature2 = relaxedSign(message2, pub, priv)
    print(message1, signature1, relaxedVerifySignature(message1, signature1, pub))
    print(message2, signature2, relaxedVerifySignature(message2, signature2, pub))
    print(relaxedVerifySignature(message1, signature2, pub))
    print(relaxedVerifySignature(message2, signature1, pub))

    pub, priv = challenge43.genKeys(p, q, p+1)
    (_, _, _, y) = pub
    z = 2
    invZ = challenge39.invmod(2, q)
    r = ((y**z) % p) % q
    s = (r * invZ) % q
    signature = (r, s)
    print(signature)
    print(message1, challenge43.verifySignature(message1, signature, pub))
    print(message2, challenge43.verifySignature(message2, signature, pub))
Exemple #15
0
def extractKey(H, r, s, k, pub):
    (p, q, g, y) = pub
    rInv = challenge39.invmod(r, q)
    return (rInv * (s * k - H)) % q
Exemple #16
0
c0 = challenge39.encryptnum(pub0, plainnum)
c1 = challenge39.encryptnum(pub1, plainnum)
c2 = challenge39.encryptnum(pub2, plainnum)

n0 = pub0[1]
n1 = pub1[1]
n2 = pub2[1]

ms0 = n1 * n2
ms1 = n0 * n2
ms2 = n0 * n1

N = n0 * n1 * n2

r0 = (c0 * ms0 * challenge39.invmod(ms0, n0))
r1 = (c1 * ms1 * challenge39.invmod(ms1, n1))
r2 = (c2 * ms2 * challenge39.invmod(ms2, n2))

r = (r0 + r1 + r2) % N

def floorRoot(n, s):
    b = n.bit_length()
    p = math.ceil(b/s)
    x = 2**p
    while x > 1:
        y = (((s - 1) * x) + (n // (x**(s-1)))) // s
        if y >= x:
            return x
        x = y
    return 1
Exemple #17
0
    if r < 0 or r >= q or s < 0 or s >= q:
        return False
    w = challenge39.invmod(s, q)
    u1 = (H * w) % q
    u2 = (r * w) % q
    v = ((pow(g, u1, p) * pow(y, u2, p)) % p) % q
    return v == r

if __name__ == '__main__':
    (p, q, g) = (0x800000000000000089e1855218a0e7dac38136ffafa72eda7859f2171e25e65eac698c1702578b07dc2a1076da241c76c62d374d8389ea5aeffd3226a0530cc565f3bf6b50929139ebeac04f48c3c84afb796d61e5a4f9a8fda812ab59494232c7d2b4deb50aa18ee9e132bfa85ac4374d7f9091abc3d015efc871a584471bb1, 0xf4f47f05794b256174bba6e9b396a7707e563c5b, 0x5958c9d3898b224b12672c0b98e06c60df923cb8bc999d119458fef538b8fa4046c8db53039db620c094c9fa077ef389b5322a559946a71903f990f1f7e0e025e2d7f7cf494aff1a0470f5b64c36b625a097f1651fe775323556fe00b3608c887892878480e99041be601a62166ca6894bdd41a7054ec89f756ba9fc95302291)
    pub, priv = challenge43.genKeys(p, q, 0)
    message1 = b'Hello, world'
    signature1 = relaxedSign(message1, pub, priv)
    message2 = b'Goodbye, world'
    signature2 = relaxedSign(message2, pub, priv)
    print(message1, signature1, relaxedVerifySignature(message1, signature1, pub))
    print(message2, signature2, relaxedVerifySignature(message2, signature2, pub))
    print(relaxedVerifySignature(message1, signature2, pub))
    print(relaxedVerifySignature(message2, signature1, pub))

    pub, priv = challenge43.genKeys(p, q, p+1)
    (_, _, _, y) = pub
    z = 2
    invZ = challenge39.invmod(z, q)
    r = ((y**z) % p) % q
    s = (r * invZ) % q
    signature = (r, s)
    print(signature)
    print(message1, challenge43.verifySignature(message1, signature, pub))
    print(message2, challenge43.verifySignature(message2, signature, pub))
Exemple #18
0

if __name__ == '__main__':
    (p, q, g) = (
        0x800000000000000089e1855218a0e7dac38136ffafa72eda7859f2171e25e65eac698c1702578b07dc2a1076da241c76c62d374d8389ea5aeffd3226a0530cc565f3bf6b50929139ebeac04f48c3c84afb796d61e5a4f9a8fda812ab59494232c7d2b4deb50aa18ee9e132bfa85ac4374d7f9091abc3d015efc871a584471bb1,
        0xf4f47f05794b256174bba6e9b396a7707e563c5b,
        0x5958c9d3898b224b12672c0b98e06c60df923cb8bc999d119458fef538b8fa4046c8db53039db620c094c9fa077ef389b5322a559946a71903f990f1f7e0e025e2d7f7cf494aff1a0470f5b64c36b625a097f1651fe775323556fe00b3608c887892878480e99041be601a62166ca6894bdd41a7054ec89f756ba9fc95302291
    )
    pub, priv = challenge43.genKeys(p, q, 0)
    message1 = b'Hello, world'
    signature1 = relaxedSign(message1, pub, priv)
    message2 = b'Goodbye, world'
    signature2 = relaxedSign(message2, pub, priv)
    print(message1, signature1,
          relaxedVerifySignature(message1, signature1, pub))
    print(message2, signature2,
          relaxedVerifySignature(message2, signature2, pub))
    print(relaxedVerifySignature(message1, signature2, pub))
    print(relaxedVerifySignature(message2, signature1, pub))

    pub, priv = challenge43.genKeys(p, q, p + 1)
    (_, _, _, y) = pub
    z = 2
    invZ = challenge39.invmod(2, q)
    r = ((y**z) % p) % q
    s = (r * invZ) % q
    signature = (r, s)
    print(signature)
    print(message1, challenge43.verifySignature(message1, signature, pub))
    print(message2, challenge43.verifySignature(message2, signature, pub))
Exemple #19
0
    return challenge39.encryptbytes(pub, plaintext)

def decryptOnce(ciphertext):
    sha1 = hashlib.sha1()
    sha1.update(ciphertext)
    digest = sha1.digest()
    if digest in decryptedHashes:
        raise ValueError('Already decrypted')
    decryptedHashes.add(digest)
    return challenge39.decryptbytes(priv, ciphertext)

if __name__ == '__main__':
    plaintext = b'secret text'
    ciphertext = encrypt(plaintext)
    plaintext2 = decryptOnce(ciphertext)
    if plaintext2 != plaintext:
        raise ValueError(plaintext2 + b' != ' + plaintext)

    (e, n) = pub
    s = random.randint(2, n - 1)
    c = challenge39.bytestonum(ciphertext)
    c2 = (pow(s, e, n) * c) % n
    ciphertext2 = challenge39.numtobytes(c2)
    plaintext3 = decryptOnce(ciphertext2)
    p3 = challenge39.bytestonum(plaintext3)
    p4 = (p3 * challenge39.invmod(s, n)) % n
    plaintext4 = challenge39.numtobytes(p4)

    if plaintext4 != plaintext:
        raise ValueError(plaintext4 + b' != ' + plaintext)