def get_prr_masks(secret, word, prob_f, num_bits):
#h = hmac.new(secret, word, digestmod=hashlib.sha256)
h = HMAC_DRBG(os.urandom(64))
#log('word %s, secret %s, HMAC-SHA256 %s', word, secret, h.hexdigest())
# Now go through each byte
digest_bytes = h.generate(num_bits)
assert len(digest_bytes) == num_bits
# Use 32 bits. If we want 64 bits, it may be fine to generate another 32
# bytes by repeated HMAC. For arbitrary numbers of bytes it's probably
# better to use the HMAC-DRBG algorithm.
if num_bits > len(digest_bytes):
raise RuntimeError('%d bits is more than the max of %d', num_bits,
len(digest_bytes))
threshold128 = prob_f * 128
uniform = 0
f_mask = 0
for i in xrange(num_bits):
ch = digest_bytes[i]
byte = ord(ch)
u_bit = byte & 0x01 # 1 bit of entropy
uniform |= (u_bit << i) # maybe set bit in mask
rand128 = byte >> 1 # 7 bits of entropy
noise_bit = (rand128 < threshold128)
f_mask |= (noise_bit << i) # maybe set bit in mask
return uniform, f_mask
def get_prr_masks(secret, word, prob_f, num_bits):
h = hmac.new(secret.encode(), word, digestmod=hashlib.sha256)
#print (word)
rbg = HMAC_DRBG(entropy=os.urandom(64),
requested_security_strength=256,
personalization_string=word)
#log('word %s, secret %s, HMAC-SHA256 %s', word, secret, h.hexdigest())
#h = HMAC_DRBG (entropy=os.urandom(64),requested_security_strength=256, personalization_string=word)
# Now go through each byte
digest_bytes1 = h.digest()
digest_bytes = rbg.generate(num_bits)
#assert len(digest_bytes)==len(digest_bytes1)
#assert len(digest_bytes) == 32
# Use 32 bits. If we want 64 bits, it may be fine to generate another 32
# bytes by repeated HMAC. For arbitrary numbers of bytes it's probably
# better to use the HMAC-DRBG algorithm.
#if num_bits > len(digest_bytes):
# raise RuntimeError('%d bits is more than the max of %d', num_bits, len(d))
threshold128 = prob_f * 128
uniform = 0
f_mask = 0
for i in range(num_bits):
ch = digest_bytes[i]
byte = ch
u_bit = byte & 0x01 # 1 bit of entropy
uniform |= (u_bit << i) # maybe set bit in mask
rand128 = byte >> 1 # 7 bits of entropy
noise_bit = (rand128 < threshold128)
f_mask |= (noise_bit << i) # maybe set bit in mask
return uniform, f_mask
import os
from hmac_drbg import HMAC_DRBG
drbg = HMAC_DRBG (entropy=os.urandom (64))
while True:
secret = drbg.generate (1)
if secret is None:
drbg.reseed (entropy=os.urandom (32))
secret = drbg.generate (1)
secret = ord (secret) & 0xF
print "Guess my lucky number (0 to 15):"
guess = raw_input ('# ')
if int (guess) == secret:
print "You got it!"
else:
print "Nope, it was", secret
from __future__ import print_function
import os
from hmac_drbg import HMAC_DRBG
try:
input = raw_input
except NameError:
pass
drbg = HMAC_DRBG (entropy=os.urandom (64))
while True:
secret = drbg.generate (1)
if secret is None:
drbg.reseed (entropy=os.urandom (32))
secret = drbg.generate (1)
secret = ord (secret) & 0xF
print ("Guess my lucky number (0 to 15):")
guess = input ('# ')
if int (guess) == secret:
print ("You got it!")
else:
print ("Nope, it was", secret)
# Read stimulus and expected result
EntropyInput = read_entry (f, b'EntropyInput')
Nonce = read_entry (f, b'Nonce')
PersonalizationString = read_entry (f, b'PersonalizationString')
EntropyInputReseed = read_entry (f, b'EntropyInputReseed')
AdditionalInputReseed = read_entry (f, b'AdditionalInputReseed')
AdditionalInput0 = read_entry (f, b'AdditionalInput')
AdditionalInput1 = read_entry (f, b'AdditionalInput')
ReturnedBits = read_entry (f, b'ReturnedBits')
# This implementation does not support additional input
if AdditionalInputReseed != b'' or AdditionalInput0 != b'' or AdditionalInput1 != b'':
continue
# Test
drbg = HMAC_DRBG (entropy=(EntropyInput + Nonce), personalization_string=PersonalizationString)
drbg.reseed (entropy=EntropyInputReseed)
drbg.generate (len (ReturnedBits))
result = drbg.generate (len (ReturnedBits))
if result != ReturnedBits:
print ("FAILURE")
print ("EntropyInput = ", codecs.encode (EntropyInput, 'hex'))
print ("Nonce = ", codecs.encode (Nonce, 'hex'))
print ("PersonalizationString = ", codecs.encode (PersonalizationString, 'hex'))
print ("EntropyInputReseed = ", codecs.encode (EntropyInputReseed, 'hex'))
print ("AdditionalInputReseed = ", codecs.encode (AdditionalInputReseed, 'hex'))
print ("AdditionalInput = ", codecs.encode (AdditionalInput0, 'hex'))
print ("AdditionalInput = ", codecs.encode (AdditionalInput1, 'hex'))
print ("ReturnedBits = ", codecs.encode (ReturnedBits, 'hex'))
sys.exit (-1)
# Read stimulus and expected result
EntropyInput = read_entry(f, b'EntropyInput')
Nonce = read_entry(f, b'Nonce')
PersonalizationString = read_entry(f, b'PersonalizationString')
EntropyInputReseed = read_entry(f, b'EntropyInputReseed')
AdditionalInputReseed = read_entry(f, b'AdditionalInputReseed')
AdditionalInput0 = read_entry(f, b'AdditionalInput')
AdditionalInput1 = read_entry(f, b'AdditionalInput')
ReturnedBits = read_entry(f, b'ReturnedBits')
# This implementation does not support additional input
if AdditionalInputReseed != b'' or AdditionalInput0 != b'' or AdditionalInput1 != b'':
continue
# Test
drbg = HMAC_DRBG(entropy=(EntropyInput + Nonce),
personalization_string=PersonalizationString)
drbg.reseed(entropy=EntropyInputReseed)
drbg.generate(len(ReturnedBits))
result = drbg.generate(len(ReturnedBits))
if result != ReturnedBits:
print("FAILURE")
print("EntropyInput = ", codecs.encode(EntropyInput, 'hex'))
print("Nonce = ", codecs.encode(Nonce, 'hex'))
print("PersonalizationString = ",
codecs.encode(PersonalizationString, 'hex'))
print("EntropyInputReseed = ",
codecs.encode(EntropyInputReseed, 'hex'))
print("AdditionalInputReseed = ",
codecs.encode(AdditionalInputReseed, 'hex'))
print("AdditionalInput = ", codecs.encode(AdditionalInput0, 'hex'))