def calc_keyA(Y, sk_a, pk_b, esk_a, pk_a): h = NAXOS.H1((str(esk_a) + str(sk_a))) Y_sk_a = point_to_string_FQ(Y * sk_a) pk_b_hash = point_to_string_FQ(pk_b * h) Y_hash = point_to_string_FQ(Y * h) return NAXOS.H2(Y_sk_a + pk_b_hash + Y_hash + point_to_string_FQ(pk_a) + point_to_string_FQ(pk_b))
def naxos_ake(url, cipher): message = "Test" sk, pk = NAXOS.keygen() ephemeral = NAXOS.gen_ephemeral(128) if cipher == "salsa": res = requests.get(url=url + "/salsa/protocols/naxos/pkey") enc_data = res.json() data = salsa_decrypt_json(enc_data) elif cipher == "chacha": res = requests.get(url=url + "/chacha/protocols/naxos/pkey") enc_data = res.json() data = chacha_decrypt_json(enc_data) else: res = requests.get(url=url + "/protocols/naxos/pkey") data = res.json() pk_b = string_to_point_FQ(data.get("B")) X = NAXOS.calc_commit(ephemeral, sk) exchange_json = { "protocol_name": "naxos", "payload": { "X": point_to_string_FQ(X), "A": point_to_string_FQ(pk), "msg": message } } data = post_stage(url, cipher, "naxos", exchange_json, "exchange") Y = string_to_point_FQ(data.get("Y")) enc_msg = data.get("msg") K = NAXOS.calc_keyA(Y, sk, pk_b, ephemeral, pk) m = NAXOS.encode_msg(message, K) print(enc_msg == m)
def calc_keyB(pk_a, esk_b, sk_b, X, pk_b): h = NAXOS.H1((str(esk_b) + str(sk_b))) pk_a_hash = point_to_string_FQ(pk_a * h) X_sk_b = point_to_string_FQ(X * sk_b) X_hash = point_to_string_FQ(X * h) return NAXOS.H2(pk_a_hash + X_sk_b + X_hash + point_to_string_FQ(pk_a) + point_to_string_FQ(pk_b))
def schnorr_ss(url, cipher): message = "Test" sk, pk = SSS.keygen() x, big_x = SSS.gen_commit() c = SSS.gen_challenge(message, big_x) s = SSS.calc_proof(sk, x, c) verify_json = { "protocol_name": "sss", "payload": { "s": str(s), "A": point_to_string_FQ(pk), "X": point_to_string_FQ(big_x), "msg": message } } data = post_stage(url, cipher, "sss", verify_json, "verify") print(data)
def sigma_ake(url, cipher): message = "Test" sk, pk = SIGMA.keygen() x, X = SIGMA.gen_commit() init_json = { "protocol_name": "sigma", "payload": { "X": point_to_string_FQ(X), } } init_data = post_stage(url, cipher, "sigma", init_json, "init") token = init_data.get("session_token") payload = init_data.get("payload") pk_b = string_to_point_FQ(payload.get("B")) Y = string_to_point_FQ(payload.get("Y")) b_mac = payload.get("b_mac") sig_b = payload.get("sig") if sig_b.get("msg") is not None: sign_msg = sig_b.get("msg") else: sign_msg = point_to_string_FQ(X) + point_to_string_FQ(Y) sign_X = string_to_point_FQ(sig_b.get("X")) sign_s = int(sig_b.get("s")) assert (SIGMA.verify_signature(pk_b, sign_X, sign_s, sign_msg)) mac_key = SIGMA.gen_mac_key(Y * x) assert (SIGMA.verify_mac(mac_key, point_to_string_FQ(pk_b), b_mac)) sign_a_msg = point_to_string_FQ(Y) + point_to_string_FQ(X) signature = SIGMA.sign_message(sk, sign_a_msg) mac = SIGMA.auth_message(mac_key, point_to_string_FQ(pk)) exchange_json = { "protocol_name": "sigma", "session_token": token, "payload": { "a_mac": mac, "A": point_to_string_FQ(pk), "msg": message, "sig": { "X": point_to_string_FQ(signature[0]), "s": str(signature[1]), "msg": sign_a_msg } } } data = post_stage(url, cipher, "sigma", exchange_json, "exchange") enc_msg = data.get("msg") K = SIGMA.gen_session_key(Y * x) m = SIGMA.encode_msg(message, K) print(enc_msg == m)
def sigma_exchange(): if request.data and type(request.data) is dict: data = request.data else: data = request.json if data.get("protocol_name") == PROTOCOL: token = data.get("session_token") payload = data.get("payload") current_app.logger.info(f"[SIGMA] Received payload:\n{pformat(payload)}") session = Session.query.filter_by(session_token=token).first() X = string_to_point_FQ(session.payload.get("X")) Y = string_to_point_FQ(session.payload.get("Y")) y = session.payload.get("y") try: db.session.delete(session) db.session.commit() except: db.create_all() db.session.rollback() db.session.delete(session) db.session.commit() pk_a = string_to_point_FQ(payload.get("A")) a_mac = payload.get("a_mac") sig_a = payload.get("sig") if sig_a.get("msg") is not None: sign_msg = sig_a.get("msg") else: sign_msg = point_to_string_FQ(Y) + point_to_string_FQ(X) sign_X = string_to_point_FQ(sig_a.get("X")) sign_s = int(sig_a.get("s")) assert(SIGMA.verify_signature(pk_a, sign_X, sign_s, sign_msg)) current_app.logger.info(f"[SIGMA] Verified signature") mac_key = SIGMA.gen_mac_key(X * y) assert(SIGMA.verify_mac(mac_key, point_to_string_FQ(pk_a), a_mac)) current_app.logger.info(f"[SIGMA] Verified MAC") msg = payload.get("msg") K = SIGMA.gen_session_key(X * y) enc_msg = SIGMA.encode_msg(msg, K) return jsonify({ "msg": enc_msg })
def schnorr_is(url, cipher): sk, pk = SIS.keygen() x, big_x = SIS.gen_commit() init_json = { "protocol_name": "sis", "payload": { "A": point_to_string_FQ(pk), "X": point_to_string_FQ(big_x), } } init_data = post_stage(url, cipher, "sis", init_json, "init") c = int(init_data.get("payload").get("c")) token = init_data.get("session_token") s = SIS.calc_proof(sk, x, c) verify_json = { "protocol_name": "sis", "session_token": token, "payload": { "s": str(s) } } data = post_stage(url, cipher, "sis", verify_json, "verify") print(data)
def gen_challenge(h, Y, z, u, v): g_str = point_to_string_FQ(GJSS.g) h_str = point_to_string_FQ(h) Y_str = point_to_string_FQ(Y) z_str = point_to_string_FQ(z) u_str = point_to_string_FQ(u) v_str = point_to_string_FQ(v) points = g_str + h_str + Y_str + z_str + u_str + v_str return int(sha3_512((points).encode()).hexdigest(), 16) % GJSS.q
def gj_ss(url, cipher): message = "message" sk, pk = GJSS.keygen() r = GJSS.gen_random(111) h = GJSS.gen_h(message, r) z = GJSS.compute_h_key(h, sk) k, u, v = GJSS.gen_commit(h) c = GJSS.gen_challenge(h, pk, z, u, v) s = GJSS.calc_proof(k, sk, c) verify_json = { "protocol_name": "gjss", "payload": { "sigma": { "s": str(s), "c": str(c), "r": str(r), "z": point_to_string_FQ(z) }, "A": point_to_string_FQ(pk), "msg": message } } data = post_stage(url, cipher, "gjss", verify_json, "verify") print(data)
def bls_ss(url, cipher): message = "Test" sk, pk = BLSSS.keygen() h = BLSSS.gen_g2_generator(message) sigma = BLSSS.compute_sigma(h, sk) verify_json = { "protocol_name": "blsss", "payload": { "sigma": point_to_string_FQ2(sigma), "A": point_to_string_FQ(pk), "msg": message } } data = post_stage(url, cipher, "blsss", verify_json, "verify") print(data)
def mod_schnorr_is(url, cipher): sk, pk = MSIS.keygen() x, big_x = MSIS.gen_commit() init_json = { "protocol_name": "msis", "payload": { "A": point_to_string_FQ(pk), "X": point_to_string_FQ(big_x), } } init_data = post_stage(url, cipher, "msis", init_json, "init") c = int(init_data.get("payload").get("c")) token = init_data.get("session_token") g_hat = MSIS.gen_g2_generator(big_x, c) S = MSIS.calc_proof(g_hat, sk, x, c) verify_json = { "protocol_name": "msis", "session_token": token, "payload": { "S": point_to_string_FQ2(S) } } data = post_stage(url, cipher, "msis", verify_json, "verify") print(data)
def naxos_exchange(): if request.data and type(request.data) is dict: data = request.data else: data = request.json if data.get("protocol_name") == PROTOCOL: payload = data.get("payload") current_app.logger.info( f"[NAXOS] Received payload:\n{pformat(payload)}") X = string_to_point_FQ(payload.get("X")) A = string_to_point_FQ(payload.get("A")) msg = payload.get("msg") ephemeral = NAXOS.gen_ephemeral(128) Y = NAXOS.calc_commit(ephemeral, naxos_sk) current_app.logger.info(f"[NAXOS] Calculated Y:\n{pformat(Y)}") K = NAXOS.calc_keyB(A, ephemeral, naxos_sk, X, naxos_pk) enc_msg = NAXOS.encode_msg(msg, K) return jsonify({"Y": point_to_string_FQ(Y), "msg": enc_msg})
def sigma_init(): if request.data and type(request.data) is dict: data = request.data else: data = request.json if data.get("protocol_name") == PROTOCOL: payload = data.get("payload") current_app.logger.info(f"[SIGMA] Received payload:\n{pformat(payload)}") X_str = payload.get("X") X = string_to_point_FQ(X_str) y, Y = SIGMA.gen_commit() current_app.logger.info(f"[SIGMA] Generated Y:\n{pformat(Y)}") sign_msg = X_str + point_to_string_FQ(Y) signature = SIGMA.sign_message(sigma_sk, sign_msg) current_app.logger.info(f"[SIGMA] Generated Signature:\n{pformat(signature)}") mac_key = SIGMA.gen_mac_key(X * y) mac = SIGMA.auth_message(mac_key, point_to_string_FQ(sigma_pk)) current_app.logger.info(f"[SIGMA] Generated MAC:\n{pformat(mac)}") token = generate_token() db_data = { "X": X_str, "Y": point_to_string_FQ(Y), "y": y } try: db.session.add(Session(session_token=token, payload=db_data)) db.session.commit() except: db.create_all() db.session.rollback() db.session.add(Session(session_token=token, payload=db_data)) db.session.commit() response = { "session_token": token, "payload": { "b_mac": mac, "B": point_to_string_FQ(sigma_pk), "Y": point_to_string_FQ(Y), "sig": { "X": point_to_string_FQ(signature[0]), "s": str(signature[1]), "msg": sign_msg } } } current_app.logger.info(f"[SIGMA] Sent response") return jsonify(response)
def gen_challenge(m, X): return int( sha3_512( (m + point_to_string_FQ(X)).encode()).hexdigest(), 16) % SSS.q
def gen_g2_generator(X, c): x_str = point_to_string_FQ(X) payload = [f'{x_str}{str(c)}'] return string_to_point_FQ2( call_node("./schemas/protocols/hash_map_g2.js", payload))
def naxos_pkey(): current_app.logger.info(f"[NAXOS] Sent B:\n{pformat(naxos_pk)}") return jsonify({"B": point_to_string_FQ(naxos_pk)})