def collision(self, m, m1, xi, etd, pk): phi_NN1 = pk['phi_N'] * (xi['N1'] - etd['p1'] - etd['q1'] + 1) d = (xi['e'] ** -1) % (phi_NN1) print('d=>',d) if d == 1 / xi['e']: print('reverse') M1 = Conversion.bytes2integer(m1) M = Conversion.bytes2integer(m) h = (group.hash(M) * (xi['r'] ** xi['e'])) % (pk['N'] * xi['N1']) r1 = (((group.hash(M1) ** (-1)) * h) ** d) % (pk['N'] * xi['N1']) print("r1 =>", r1) return r1
def hashcheck(self, pk, message, xi): M = Conversion.bytes2integer(message) h1 = group.hash(M) * (xi['r']**xi['e']) % (pk['N'] * xi['N1']) if h1 == xi['h']: return True else: return False
def hash(self, pk, message, r = 0): N, J, e = pk['N'], pk['J'], pk['e'] if r == 0: r = group.random(N) M = Conversion.bytes2integer(message) h = ((J ** M) * (r ** e)) % N return (h, r)
def eval(self, k, input1): if type(k) == integer: h = hmac.new(serialize(k), b'', hashlib.sha1) else: h = hmac.new(serialize(integer(k)), b'', hashlib.sha1) h.update(input1) return Conversion.bytes2integer(h.hexdigest())
def hash(self, pk, sk, message, r=0): # generate ephemeral trapdoors(p1,q1) while True: p1, q1 = randomPrime(pk['secparam']), randomPrime(pk['secparam']) # print("p1,q1=>",p1,q1) if isPrime(p1) and isPrime(q1) and p1 != q1: N1 = p1 * q1 if not gcd(N1, pk['N']) == 1: continue break if r == 0: r = random(N1 * pk['N']) # print("r=>",r) # print("(p1,q1,N1)=>", (p1,q1,N1)) # print("N*N1=>",N1 * pk['N']) phi_NN1 = pk['phi_N'] * (N1 - p1 - q1 + 1) # print("phi_NN1=>", phi_NN1) # find e inverse mod N1 * N, so gcd(e,phi_NN1)==1 while True: e = random(phi_NN1) if not gcd(e, phi_NN1) == 1: continue break M = Conversion.bytes2integer(message) # print("M =>",M) # to set hash modular N * N1() group.q = N1 * pk['N'] group.p = group.q * 2 + 1 # print("q=>",group.q) # print("M hash=>", group.hash(M)) h = (group.hash(M) * (r**e)) % (N1 * pk['N']) xi = {'h': h, 'r': r, 'N1': N1, 'p1': p1, 'q1': q1, 'e': e} # print("e=>",xi['e']) return xi
from charm.core.math.integer import integer, randomBits from charm.toolbox.conversion import Conversion from idemix.issuer import Issuer from idemix.recipient import Recipient from idemix.settings import lm, l, secparam from idemix.verifier import Verifier context = integer(randomBits(lm)) attr = {'1': 'student', '2': 'italian', '3': 'age'} for id, value in attr.iteritems(): h_challenge = hashlib.new('sha256') h_challenge.update(str(value)) attr[id] = Conversion.bytes2integer(h_challenge.digest()) issuer = Issuer(len(attr), 0, 0, secparam, context) pk_i, sk_i = issuer.gen_key_pair() # print sk_i assert issuer.selfTest() user = Recipient(pk_i, context) user.gen_master_secret() user.set_attributes(attr) # attr = user.gen_random_attributes(l) # ISSUING PROTOCOL n1 = issuer.round_0() # Generate nonce p1, n2 = user.round_1(n1)
from charm.core.math.integer import integer, randomBits from charm.toolbox.conversion import Conversion from idemix.issuer import Issuer from idemix.recipient import Recipient from idemix.settings import lm, l, secparam from idemix.verifier import Verifier context = integer(randomBits(lm)) attr = {'1': 'student', '2': 'italian', '3': 'age'} for id, value in attr.iteritems(): h_challenge = hashlib.new('sha256') h_challenge.update(str(value)) attr[id] = Conversion.bytes2integer(h_challenge.digest()) issuer = Issuer(len(attr), 0, 0, secparam, context) pk_i, sk_i = issuer.gen_key_pair() # print sk_i assert issuer.selfTest() user = Recipient(pk_i, context) user.gen_master_secret() user.set_attributes(attr) # attr = user.gen_random_attributes(l) # ISSUING PROTOCOL n1 = issuer.round_0() # Generate nonce p1, n2 = user.round_1(n1) signature, P2 = issuer.round_2(p1['U'], p1, attr, n2)