def calc_keyA(Y, sk_a, pk_b, esk_a, pk_a):
h = NAXOS.H1((str(esk_a) + str(sk_a)))
Y_sk_a = point_to_string_FQ(Y * sk_a)
pk_b_hash = point_to_string_FQ(pk_b * h)
Y_hash = point_to_string_FQ(Y * h)
return NAXOS.H2(Y_sk_a + pk_b_hash + Y_hash +
point_to_string_FQ(pk_a) + point_to_string_FQ(pk_b))
def naxos_ake(url, cipher):
message = "Test"
sk, pk = NAXOS.keygen()
ephemeral = NAXOS.gen_ephemeral(128)
if cipher == "salsa":
res = requests.get(url=url + "/salsa/protocols/naxos/pkey")
enc_data = res.json()
data = salsa_decrypt_json(enc_data)
elif cipher == "chacha":
res = requests.get(url=url + "/chacha/protocols/naxos/pkey")
enc_data = res.json()
data = chacha_decrypt_json(enc_data)
else:
res = requests.get(url=url + "/protocols/naxos/pkey")
data = res.json()
pk_b = string_to_point_FQ(data.get("B"))
X = NAXOS.calc_commit(ephemeral, sk)
exchange_json = {
"protocol_name": "naxos",
"payload": {
"X": point_to_string_FQ(X),
"A": point_to_string_FQ(pk),
"msg": message
}
}
data = post_stage(url, cipher, "naxos", exchange_json, "exchange")
Y = string_to_point_FQ(data.get("Y"))
enc_msg = data.get("msg")
K = NAXOS.calc_keyA(Y, sk, pk_b, ephemeral, pk)
m = NAXOS.encode_msg(message, K)
print(enc_msg == m)
def calc_keyB(pk_a, esk_b, sk_b, X, pk_b):
h = NAXOS.H1((str(esk_b) + str(sk_b)))
pk_a_hash = point_to_string_FQ(pk_a * h)
X_sk_b = point_to_string_FQ(X * sk_b)
X_hash = point_to_string_FQ(X * h)
return NAXOS.H2(pk_a_hash + X_sk_b + X_hash +
point_to_string_FQ(pk_a) + point_to_string_FQ(pk_b))
def schnorr_ss(url, cipher):
message = "Test"
sk, pk = SSS.keygen()
x, big_x = SSS.gen_commit()
c = SSS.gen_challenge(message, big_x)
s = SSS.calc_proof(sk, x, c)
verify_json = {
"protocol_name": "sss",
"payload": {
"s": str(s),
"A": point_to_string_FQ(pk),
"X": point_to_string_FQ(big_x),
"msg": message
}
}
data = post_stage(url, cipher, "sss", verify_json, "verify")
print(data)
def sigma_ake(url, cipher):
message = "Test"
sk, pk = SIGMA.keygen()
x, X = SIGMA.gen_commit()
init_json = {
"protocol_name": "sigma",
"payload": {
"X": point_to_string_FQ(X),
}
}
init_data = post_stage(url, cipher, "sigma", init_json, "init")
token = init_data.get("session_token")
payload = init_data.get("payload")
pk_b = string_to_point_FQ(payload.get("B"))
Y = string_to_point_FQ(payload.get("Y"))
b_mac = payload.get("b_mac")
sig_b = payload.get("sig")
if sig_b.get("msg") is not None:
sign_msg = sig_b.get("msg")
else:
sign_msg = point_to_string_FQ(X) + point_to_string_FQ(Y)
sign_X = string_to_point_FQ(sig_b.get("X"))
sign_s = int(sig_b.get("s"))
assert (SIGMA.verify_signature(pk_b, sign_X, sign_s, sign_msg))
mac_key = SIGMA.gen_mac_key(Y * x)
assert (SIGMA.verify_mac(mac_key, point_to_string_FQ(pk_b), b_mac))
sign_a_msg = point_to_string_FQ(Y) + point_to_string_FQ(X)
signature = SIGMA.sign_message(sk, sign_a_msg)
mac = SIGMA.auth_message(mac_key, point_to_string_FQ(pk))
exchange_json = {
"protocol_name": "sigma",
"session_token": token,
"payload": {
"a_mac": mac,
"A": point_to_string_FQ(pk),
"msg": message,
"sig": {
"X": point_to_string_FQ(signature[0]),
"s": str(signature[1]),
"msg": sign_a_msg
}
}
}
data = post_stage(url, cipher, "sigma", exchange_json, "exchange")
enc_msg = data.get("msg")
K = SIGMA.gen_session_key(Y * x)
m = SIGMA.encode_msg(message, K)
print(enc_msg == m)
def sigma_exchange():
if request.data and type(request.data) is dict:
data = request.data
else:
data = request.json
if data.get("protocol_name") == PROTOCOL:
token = data.get("session_token")
payload = data.get("payload")
current_app.logger.info(f"[SIGMA] Received payload:\n{pformat(payload)}")
session = Session.query.filter_by(session_token=token).first()
X = string_to_point_FQ(session.payload.get("X"))
Y = string_to_point_FQ(session.payload.get("Y"))
y = session.payload.get("y")
try:
db.session.delete(session)
db.session.commit()
except:
db.create_all()
db.session.rollback()
db.session.delete(session)
db.session.commit()
pk_a = string_to_point_FQ(payload.get("A"))
a_mac = payload.get("a_mac")
sig_a = payload.get("sig")
if sig_a.get("msg") is not None:
sign_msg = sig_a.get("msg")
else:
sign_msg = point_to_string_FQ(Y) + point_to_string_FQ(X)
sign_X = string_to_point_FQ(sig_a.get("X"))
sign_s = int(sig_a.get("s"))
assert(SIGMA.verify_signature(pk_a, sign_X, sign_s, sign_msg))
current_app.logger.info(f"[SIGMA] Verified signature")
mac_key = SIGMA.gen_mac_key(X * y)
assert(SIGMA.verify_mac(mac_key, point_to_string_FQ(pk_a), a_mac))
current_app.logger.info(f"[SIGMA] Verified MAC")
msg = payload.get("msg")
K = SIGMA.gen_session_key(X * y)
enc_msg = SIGMA.encode_msg(msg, K)
return jsonify({
"msg": enc_msg
})
def schnorr_is(url, cipher):
sk, pk = SIS.keygen()
x, big_x = SIS.gen_commit()
init_json = {
"protocol_name": "sis",
"payload": {
"A": point_to_string_FQ(pk),
"X": point_to_string_FQ(big_x),
}
}
init_data = post_stage(url, cipher, "sis", init_json, "init")
c = int(init_data.get("payload").get("c"))
token = init_data.get("session_token")
s = SIS.calc_proof(sk, x, c)
verify_json = {
"protocol_name": "sis",
"session_token": token,
"payload": {
"s": str(s)
}
}
data = post_stage(url, cipher, "sis", verify_json, "verify")
print(data)
def gen_challenge(h, Y, z, u, v):
g_str = point_to_string_FQ(GJSS.g)
h_str = point_to_string_FQ(h)
Y_str = point_to_string_FQ(Y)
z_str = point_to_string_FQ(z)
u_str = point_to_string_FQ(u)
v_str = point_to_string_FQ(v)
points = g_str + h_str + Y_str + z_str + u_str + v_str
return int(sha3_512((points).encode()).hexdigest(), 16) % GJSS.q
def gj_ss(url, cipher):
message = "message"
sk, pk = GJSS.keygen()
r = GJSS.gen_random(111)
h = GJSS.gen_h(message, r)
z = GJSS.compute_h_key(h, sk)
k, u, v = GJSS.gen_commit(h)
c = GJSS.gen_challenge(h, pk, z, u, v)
s = GJSS.calc_proof(k, sk, c)
verify_json = {
"protocol_name": "gjss",
"payload": {
"sigma": {
"s": str(s),
"c": str(c),
"r": str(r),
"z": point_to_string_FQ(z)
},
"A": point_to_string_FQ(pk),
"msg": message
}
}
data = post_stage(url, cipher, "gjss", verify_json, "verify")
print(data)
def bls_ss(url, cipher):
message = "Test"
sk, pk = BLSSS.keygen()
h = BLSSS.gen_g2_generator(message)
sigma = BLSSS.compute_sigma(h, sk)
verify_json = {
"protocol_name": "blsss",
"payload": {
"sigma": point_to_string_FQ2(sigma),
"A": point_to_string_FQ(pk),
"msg": message
}
}
data = post_stage(url, cipher, "blsss", verify_json, "verify")
print(data)
def mod_schnorr_is(url, cipher):
sk, pk = MSIS.keygen()
x, big_x = MSIS.gen_commit()
init_json = {
"protocol_name": "msis",
"payload": {
"A": point_to_string_FQ(pk),
"X": point_to_string_FQ(big_x),
}
}
init_data = post_stage(url, cipher, "msis", init_json, "init")
c = int(init_data.get("payload").get("c"))
token = init_data.get("session_token")
g_hat = MSIS.gen_g2_generator(big_x, c)
S = MSIS.calc_proof(g_hat, sk, x, c)
verify_json = {
"protocol_name": "msis",
"session_token": token,
"payload": {
"S": point_to_string_FQ2(S)
}
}
data = post_stage(url, cipher, "msis", verify_json, "verify")
print(data)
def naxos_exchange():
if request.data and type(request.data) is dict:
data = request.data
else:
data = request.json
if data.get("protocol_name") == PROTOCOL:
payload = data.get("payload")
current_app.logger.info(
f"[NAXOS] Received payload:\n{pformat(payload)}")
X = string_to_point_FQ(payload.get("X"))
A = string_to_point_FQ(payload.get("A"))
msg = payload.get("msg")
ephemeral = NAXOS.gen_ephemeral(128)
Y = NAXOS.calc_commit(ephemeral, naxos_sk)
current_app.logger.info(f"[NAXOS] Calculated Y:\n{pformat(Y)}")
K = NAXOS.calc_keyB(A, ephemeral, naxos_sk, X, naxos_pk)
enc_msg = NAXOS.encode_msg(msg, K)
return jsonify({"Y": point_to_string_FQ(Y), "msg": enc_msg})
def sigma_init():
if request.data and type(request.data) is dict:
data = request.data
else:
data = request.json
if data.get("protocol_name") == PROTOCOL:
payload = data.get("payload")
current_app.logger.info(f"[SIGMA] Received payload:\n{pformat(payload)}")
X_str = payload.get("X")
X = string_to_point_FQ(X_str)
y, Y = SIGMA.gen_commit()
current_app.logger.info(f"[SIGMA] Generated Y:\n{pformat(Y)}")
sign_msg = X_str + point_to_string_FQ(Y)
signature = SIGMA.sign_message(sigma_sk, sign_msg)
current_app.logger.info(f"[SIGMA] Generated Signature:\n{pformat(signature)}")
mac_key = SIGMA.gen_mac_key(X * y)
mac = SIGMA.auth_message(mac_key, point_to_string_FQ(sigma_pk))
current_app.logger.info(f"[SIGMA] Generated MAC:\n{pformat(mac)}")
token = generate_token()
db_data = {
"X": X_str,
"Y": point_to_string_FQ(Y),
"y": y
}
try:
db.session.add(Session(session_token=token, payload=db_data))
db.session.commit()
except:
db.create_all()
db.session.rollback()
db.session.add(Session(session_token=token, payload=db_data))
db.session.commit()
response = {
"session_token": token,
"payload": {
"b_mac": mac,
"B": point_to_string_FQ(sigma_pk),
"Y": point_to_string_FQ(Y),
"sig": {
"X": point_to_string_FQ(signature[0]),
"s": str(signature[1]),
"msg": sign_msg
}
}
}
current_app.logger.info(f"[SIGMA] Sent response")
return jsonify(response)
def gen_challenge(m, X):
return int(
sha3_512(
(m + point_to_string_FQ(X)).encode()).hexdigest(), 16) % SSS.q
def gen_g2_generator(X, c):
x_str = point_to_string_FQ(X)
payload = [f'{x_str}{str(c)}']
return string_to_point_FQ2(
call_node("./schemas/protocols/hash_map_g2.js", payload))
def naxos_pkey():
current_app.logger.info(f"[NAXOS] Sent B:\n{pformat(naxos_pk)}")
return jsonify({"B": point_to_string_FQ(naxos_pk)})
