def server(self, msg_list: List[str]) -> None:
"""
Args:
msg_list: list, list consist of string.
Returns: None
"""
y = self.secrets_generator.randint(1, P-1)
param_s = multiply(G, y)
self.var_chan.send(param_s, tag='ot_param_s')
param_r = self.var_chan.recv(tag='ot_param_r')
encrypted_msg_list = []
iv = Random.new().read(AES.block_size)
for i, msg in enumerate(msg_list):
key_pub = multiply(add(param_r, multiply(param_s, (-1) * i)), y)
key = hashlib.sha256(
str(int("04" + "%064x" % key_pub[0] + "%064x" % key_pub[1], 16)).encode('utf-8')).digest()
aes = AES.new(key, AES.MODE_CBC, iv)
cipher = aes.encrypt(self._pad(msg).encode())
encrypted_msg_list.append(base64.b64encode(iv + cipher))
self.var_chan.send(encrypted_msg_list, tag='ot_encrypted_messages')
return
def client(self, index: int) -> str:
"""
Args:
index: int, which index the client want to get from server's input list.
Returns: str, message
"""
param_s = self.var_chan.recv(tag='ot_param_s')
x = self.secrets_generator.randint(1, P-1)
param_r = add(multiply(param_s, int(index)), multiply(G, x))
self.var_chan.send(param_r, tag='ot_param_r')
key_pub = multiply(param_s, x)
key = hashlib.sha256(str(int("04" + "%064x" % key_pub[0] + "%064x" % key_pub[1], 16)).encode('utf-8')).digest()
recv_msg_list = self.var_chan.recv(tag='ot_encrypted_messages')
if not (0 <= index <= self.n - 1):
raise ValueError(f"Index {index} is supposed to be a number between 1 and n.")
recv_msg = base64.b64decode(recv_msg_list[index])
iv = recv_msg[:AES.block_size]
cipher = recv_msg[AES.block_size:]
aes = AES.new(key, AES.MODE_CBC, iv)
decrypted_message = self._unpad(aes.decrypt(cipher)).decode('utf-8')
return decrypted_message
def verify1ZKP(self, proof, gen1, gen2, verbal):
#print proof
v, sh, e, z = proof
if verbal: print "Verifying ZKP..."
if verbal: print "e = " + str(e) + "\nIntermediates"
a1 = ec.add(ec.multiply(gen1, z), ec.multiply(sh, e))
a2 = ec.add(ec.multiply(gen2, z), ec.multiply(v, e))
if verbal:
print conc([str(ele) for ele in [a1[0], a1[1], a2[0], a2[1]]])
arr = [sh[0], sh[1], v[0], v[1], a1[0], a1[1], a2[0], a2[1]]
toBeHashed = bytes('')
for ele in arr:
toBeHashed += encode_int32(ele)
eVerify = sha3(toBeHashed)
e = encode_int32(e)
if verbal:
print "Recovered e : " + mpz(codecs.encode(eVerify, 'hex'),
16).digits()
return eVerify == e
def verifyZKP(self, shares, vArr, e, zArr, verbal):
if verbal: print "\nVerification..."
self.verifyByCode(vArr, verbal)
n = len(shares)
if verbal: print "\ne = " + str(e) + "\nIntermediates"
toBeHashed = bytes('')
for i in range(n):
sh = shares[i]
v = vArr[i]
(a1,a2) = (ec.add(ec.multiply(self.publicKeys[i],zArr[i]),ec.multiply(shares[i],e)),\
ec.add(ec.multiply(self.generatorSecondary,zArr[i]),ec.multiply(vArr[i],e)))
if verbal:
print conc([str(ele) for ele in [a1[0], a1[1], a2[0], a2[1]]])
arr = [sh[0], sh[1], v[0], v[1], a1[0], a1[1], a2[0], a2[1]]
for ele in arr:
toBeHashed += encode_int32(ele)
eVerify = sha3(toBeHashed)
e = encode_int32(e)
if verbal:
print "Recovered e : " + mpz(codecs.encode(eVerify, 'hex'),
16).digits()
#if verbal : print codecs.encode(str(e),'hex')
return eVerify == e
def PVSSReconstruct(self, xl, dSecrets):
t = self.t
result = (0, 0)
for x, d in zip(xl, dSecrets):
lambnum = 1
lambden = 1
for otherx in xl:
if not otherx == x:
lambnum *= otherx
lambden *= otherx - x
lamb = lambnum * gmpy2.invert(lambden, self.order)
lamb = gmpy2.f_mod(lamb, self.order)
print "Lambda (" + str(x) + ") : " + str(lamb)
temp = ec.multiply(d, long(lamb))
result = ec.add(result, temp)
return result
def process_secret_share_verification(self, address: int):
own_address = self.node.address
participant = self.get_participant_by_address(address)
share1 = participant.secret_share1
share2 = participant.secret_share2
vlhs = secp256k1.add(secp256k1.multiply(secp256k1.G, share1),
secp256k1.multiply(G2, share2))
vrhs = functools.reduce(
secp256k1.add,
(secp256k1.multiply(ps, pow(own_address, k, secp256k1.N))
for k, ps in enumerate(participant.verification_points)))
if vlhs == vrhs:
return
participant.get_or_create_complaint_by_complainer_address(own_address)
def verifyByCode(self, vArr, verbal):
randomVec = [
int(gmpy2.mpz_random(self.rs, self.order))
for i in range(self.n - self.t)
]
codewordInDual = self.code.getCodewordInDual(randomVec)
codewordInDual = [
gmpy2.f_mod(mpz(int(ele)), self.order) for ele in codewordInDual
]
if verbal: print "Random codeword from dual : " + tostr(codewordInDual)
if verbal: print "Intermediates"
product = (0L, 0L)
for vi, ci in zip(vArr, codewordInDual):
temp = ec.multiply(vi, ci)
if verbal: print str(ci) + " x " + tostr(vi) + " = " + tostr(temp)
product = ec.add(product, temp)
if verbal: print "Product : " + tostr(product)
if product == (0L, 0L):
if verbal: print "...Codeword valid : v"
def init(self):
for addr in networking.channels.keys():
self.get_or_create_participant_by_address(addr)
# everyone should on agree on participants
self.threshold = math.ceil(THRESHOLD_FACTOR * (len(self.participants)+1))
spoly1 = random_polynomial(self.threshold)
spoly2 = random_polynomial(self.threshold)
self.secret_poly1 = spoly1
self.secret_poly2 = spoly2
self.encryption_key_vector = tuple(secp256k1.multiply(secp256k1.G, coeff) for coeff in self.secret_poly1)
self.verification_points = tuple(
secp256k1.add(secp256k1.multiply(secp256k1.G, a), secp256k1.multiply(G2, b))
for a, b in zip(spoly1, spoly2)
)
self.phase = ECDKGPhase.key_distribution
def GetAddrFromSharedSecret(ss, pub_spend_key):
P = curve.multiply(curve.G, int.from_bytes(ss, 'big'))
P = curve.add(P, pub_spend_key)
addr = GetAddrFromPubKey(P)
return addr
def generate_public_shares(poly1, poly2):
if len(poly1) != len(poly2):
raise ValueError('polynomial lengths must match ({} != {})'.format(len(poly1), len(poly2)))
return (secp256k1.add(secp256k1.multiply(secp256k1.G, a), secp256k1.multiply(G2, b)) for a, b in zip(poly1, poly2))