def factoring(self, mode): x = 1 y = self._fx_origin(x) if mode == "--origin" else self._fx_nowadays(x) d = GCD(x, y) while d == 1: x = self._fx_origin(x) if mode == "--origin" else self._fx_nowadays(x) y = self._fx_origin(self._fx_origin(y)) if mode == "--origin" else self._fx_nowadays(self._fx_nowadays(y)) d = GCD(abs(x-y), self.n) if d == self.n: return -1 else: return d
def __init__(self, E:ECC, P:tuple, m:int, n:int): self.E = E self.E.calcuDots() assert P in self.E.dots self.P = P assert GCD(m, n) == 1 and Fermat(n) self.m = m self.Q = self.E.multi(self.P, self.m) self.n = n
def encrypt(self, x): flag = True while flag: k = random.randint(2, self.n) if GCD(k, self.n) == 1: break x0y0 = self.E.multi(self.Q, k) y1 = self._point_compress(self.E.multi(self.P, k)) y2 = Mul(x, x0y0[0], self.E.p) return (y1, y2)
def __init__(self, nume, deno, layer): assert GCD(nume, deno) == 1 self.nume = nume self.deno = deno self.layer = layer assert layer >= 2 self.a_arr = [] self.p_arr = [] self.q_arr = [] self.a_gen() self.pq_gen()
def Fermat(n, iterNum=512): if n == 2 or n == 3: return True for i in range(0, iterNum): a = random.randint(2, n - 2) if GCD(a, n) != 1: return False if pow(a, n - 1, n) != 1: return False else: return True
def CongEq(a, b, n): d = GCD(a, n) if d != 1 and not DIVVerify(d, b): return [-1] elif d != 1: res = CongEq(a // d, b // d, n // d) k = 1 while k * n // d < n: res.append(res[0] + k * n // d) k += 1 return res else: return [Mul(b, Inverse(a, n), n)]
def PollardRho(self): x, a, b = self._fx(1,0,0) x_,a_,b_ = self._fx(x,a,b) while x != x_: x, a, b = self._fx(x, a, b) x_,a_,b_ = self._fx(x_, a_, b_) x_,a_,b_ = self._fx(x_, a_, b_) if GCD(b_-b, self.n) != 1: return [-1] else: ''' using CongEq instead of Mul(a-a_, Inv(b_-b)) cos congruence equation can have several solutions probably ''' return CongEq( Sub(b_, b, self.ord), Sub(a, a_, self.ord), self.ord )
def __init__(self, bit, opt='--null', p=None, q=None, a=None): if opt == '-pq' or opt == '-pqa': self.p = p self.q = q else: self.p = randprime(2**(bit - 1), 2**bit) self.q = randprime(2**(bit - 1), 2**bit) self.phi = (self.p - 1) * (self.q - 1) self.n = self.p * self.q if opt == '-pqa': self.a = a else: flag = True while flag: a_gen = randint(2**(2 * bit - 1), 2**(2 * bit)) if GCD(a_gen, self.phi) == 1: flag = False self.a = a_gen self.b = Inverse(self.a, self.phi)
def primVerify2(g, m): assert GCD(g, m) == 1 phi = Euler(m) prime_fac = [] index = 1 prim = prime(index) bound = ceil(sqrt(phi)) while prim < bound: if DIVVerify(prim, phi): prime_fac.append(prim) index += 1 prim = prime(index) for q in prime_fac: if CMVerify(pow(g, phi // q), 1, m): return False else: return True
def elemPowOrder(elem, lamb, n): order = elemOrder(elem, n) return order // GCD(lamb, order)