def __init__(self, P, Q, s=1, strict=False): ''' if strict == True: use Carmichael Number else: use Euler Number ''' N = P * Q # Lam = lcm(P-1, Q-1) G = field(N**s, "G") # n ** s == n if s = 1 # multiplicative group MG = field(N**(s + 1), "N^{s+1}") # n ** (s +1 ) == n2 in pailer case H = field(N, "H") # https://crypto.stackexchange.com/questions/29591/lcm-versus-phi-in-rsa if strict: LG = field(rsa_lambda(P, Q), "PhiGroup") else: LG = field(rsa_phi(P, Q), "PhiGroup") j = generate_prime(length(P)) assert gcd(j, N) == 1 x = randfield(H) g = MG((MG(1 + N)**j) * x) d = crt(a_list=[0, 1], n_list=[LG.P, G.P]) assert d % G.P == 1 assert d % LG.P == 0 self.s = s self.privkey = d self.N = N self.G = g self.pubkey = (N, g)
def __init__(self, P, Q): assert gcd(P * Q, (P - 1) * (Q - 1)) == 1 N = P * Q Lam = lcm(P - 1, Q - 1) F = field(N) DF = field(N**2) G = randfield(DF) M = ~F(L(pow(G, Lam).value, N)) self.N = N self.G = G self.privkey = Lam self.pubkey = (self.N, self.G)
def encrypt(cls, m, pub): g, h = pub y = randfield(field(g.N)).value m_ = map_to_curve(m) s = h**y c1 = g**y c2 = s * m_ return (c1, c2)
def test_ssss(): F = field(P) s = SSSS(F) k = random.randint(1, 100) n = k * 3 secret = randfield(F) s.setup(secret, k, n) assert s.decrypt([s.join() for _ in range(k - 1)]) != secret assert s.decrypt([s.join() for _ in range(k + 1)]) == secret assert s.decrypt([s.join() for _ in range(k + 2)]) == secret
def decrypt(cls, c, priv, pub, s=1): N, G = pub d = priv F = field(N**s, "N^s") return F(damgard_jurik_reduce( (c**d).value, N, s)) * ~F(damgard_jurik_reduce((G**d).value, N, s))
def decrypt(cls, c, priv, pub): Lam = priv N, G = pub F = field(N, "N") return F(L((c ** Lam).value, N)) * ~F(L(pow(G, Lam).value, N))