def test_challenge43(): message = b'you know me' pub, priv = dsa.gen_key_pair() signature = dsa.sign(priv, message) assert dsa.verify(pub, message, signature) x = set6.challenge43() assert x == 125489817134406768603130881762531825565433175625
def tamper(m, g): y = pow(g, x, p) [r, s] = sign(m, g, p, q, x) print "m ", m print "g ", print_long(g) print "x (shh!) ", x print "y ", print_long(y) print "sig ", r print " ", s return [r,s,y]
def tamper(m, g): y = pow(g, x, p) [r, s] = sign(m, g, p, q, x) print "m ", m print "g ", print_long(g) print "x (shh!) ", x print "y ", print_long(y) print "sig ", r print " ", s return [r, s, y]
from dsa import gen_param, gen_keypair, sign, verify import sys print("algorithm parameter generation: ") if (len(sys.argv) > 1): q, p, g = gen_param(int(sys.argv[1]), int(sys.argv[2])) else: # default inputs are (160, 1024) q, p, g = gen_param() print("q: {}\np: {}\ng: {}\n".format(q, p, g)) print("keypair generation:") privkey, pubkey = gen_keypair(q, p, g) print("privkey: {}\npubkey: {}\n".format(privkey, pubkey)) message = int(input("enter your message (as an integer): ")) print("\nsigning message with private key {}".format(privkey)) r, s = sign(q, p, g, privkey, message) print("signature (r, s): {}".format((r, s))) print("\nverifying message '{}' with signaure {}".format(message, (r, s))) print(verify(q, p, g, pubkey, r, s, message))
def _sign_blob(tx_blob, seed, test=False): signing_hash = _get_signing_hash(tx_blob, test) return dsa.sign(signing_hash, seed)
from dsa import sign for i in range(50): print i, sign(str(i))
from dsa import p, q, g, find_private_key, sign import random x = random.randint(1, q) # private key y = pow(g, x, p) public = [p, q, g, y] # Turns out we don't even need y. test_string = """For those that envy a MC it can be hazardous to your health So be friendly, a matter of life and death, just like a etch-a-sketch """ H_string = sha1(test_string).hexdigest() print "Hash of test msg =", H_string H = int("0x" + H_string, 16) r, s = sign(test_string, g, p, q, x) print "With random nonce k," print "r =", r print "s =", s print #### Breaking, given a signature [r,s], and given that k <= 2**16. #### Also of course given parameters g, p, q, and hash H of message. print "Searching for k (nonce, subkey) and thus x (private key)...." matasano_r = 548099063082341131477253921760299949438196259240 matasano_s = 857042759984254168557880549501802188789837994940 k_found = 0 x_found = 0 start = time.time() for k in range (1, 2 ** 16):
#!/usr/bin/python from secrets import FLAG from dsa import verify, sign PORT = 8365 from BaseHTTPServer import BaseHTTPRequestHandler, HTTPServer from SocketServer import ThreadingMixIn print sign("flag") print sign("ala ma kota") class myHandler(BaseHTTPRequestHandler): def do_GET(self): self.send_response(200) self.send_header('Content-type', 'text/plain') self.end_headers() params = self.path[1:] [data, sig] = [x.decode('hex') for x in params.split(',')] try: if verify(data, int(sig)): if data == "flag": ret = FLAG else: ret = 'ok' else: ret = "bad sig" except: ret = 'error' self.wfile.write(ret)
from dsa import p, q, g, find_private_key, sign import random x = random.randint(1, q) # private key y = pow(g, x, p) public = [p, q, g, y] # Turns out we don't even need y. test_string = """For those that envy a MC it can be hazardous to your health So be friendly, a matter of life and death, just like a etch-a-sketch """ H_string = sha1(test_string).hexdigest() print "Hash of test msg =", H_string H = int("0x" + H_string, 16) r, s = sign(test_string, g, p, q, x) print "With random nonce k," print "r =", r print "s =", s print #### Breaking, given a signature [r,s], and given that k <= 2**16. #### Also of course given parameters g, p, q, and hash H of message. print "Searching for k (nonce, subkey) and thus x (private key)...." matasano_r = 548099063082341131477253921760299949438196259240 matasano_s = 857042759984254168557880549501802188789837994940 k_found = 0 x_found = 0 start = time.time() for k in range(1, 2**16):