def issuerHandler(issueparam): group = ECGroup(security_dict[issueparam.L]) g = group.deserialize(str.encode(issueparam.sg)) h = group.deserialize(str.encode(issueparam.sh)) # print(issueparam.yt) #####!!!!!!!!!!!!!!!!!!!!!!!Danger!!!!!!!!!!!!!!####### # xt = group.random(ZR) # yt = g ** xt # print('xt: ----====>>>') # print(xt) yt = point2Obj(int(issueparam.yt), group) #####!!!!!!!!!!!!!!!!!!!!!!!Danger!!!!!!!!!!!!!!####### gamma = group.init(ZR, int(issueparam.gamma)) z = group.deserialize(str.encode(issueparam.sz)) zu = z**(gamma**-1) v, u, d, s1, s2 = (group.random(ZR) for i in range(5)) t1, t2, t3, t4, t5 = (group.random(ZR) for i in range(5)) z1 = yt**v z2 = zu / z1 a = g**u b1 = (g**s1) * (z1**d) b2 = (h**s2) * (z2**d) ret = [zu, v, u, d, s1, s2, \ t1, t2, t3, t4, t5, \ z1, z2, a, b1, b2,\ bytes.decode(group.serialize(zu)), bytes.decode(group.serialize(z1)), bytes.decode(group.serialize(z2)),\ bytes.decode(group.serialize(a)), bytes.decode(group.serialize(b1)), bytes.decode(group.serialize(b2))] return (str(k) for k in ret)
def testECGroup(self): trials = 10 group = ECGroup(prime192v2) g = group.random(G) h = group.random(G) i = group.random(G) self.assertTrue(group.InitBenchmark()) group.StartBenchmark(["RealTime", "Mul", "Div", "Exp", "Granular"]) for a in range(trials): j = g * h k = h**group.random(ZR) t = (j**group.random(ZR)) / k group.EndBenchmark() msmtDict = group.GetGeneralBenchmarks() self.assertTrue(isSaneBenchmark(msmtDict)) granDict = group.GetGranularBenchmarks() self.assertTrue(isSaneBenchmark(granDict)) self.assertTrue(group.InitBenchmark()) group.StartBenchmark(["RealTime", "Mul", "Div", "Exp", "Granular"]) for a in range(trials * 2): j = g * h k = h**group.random(ZR) t = (j**group.random(ZR)) / k group.EndBenchmark() msmtDict = group.GetGeneralBenchmarks() granDict = group.GetGranularBenchmarks() del group self.assertTrue(isSaneBenchmark(msmtDict)) self.assertTrue(isSaneBenchmark(granDict))
def parseFromXML(xmlObjectString, group=None): assert type(xmlObjectString) == str, "Invalid type for XML object" dom = parseString(xmlObjectString) assert dom.documentElement.tagName == "charm", "Not a Charm element" # print(dom.toprettyxml(indent=" ")) groupObj = dom.getElementsByTagName("group") assert groupObj != None, "Error: could not find group tag." groupObj = groupObj[0] charmObj1 = dom.getElementsByTagName("object") assert charmObj1 != None, "Error: could not find object tag." charmObj1 = charmObj1[0] structure = {} setting = groupObj.getAttribute("setting") param = groupObj.getAttribute("param") charmObj2 = dom.getElementsByTagName("name") structure['name'] = None if charmObj2 != None: charmObj2 = charmObj2[0] # what is this useful for? structure['name'] = charmObj2.getAttribute("id") bytesObj = getText(charmObj1.childNodes).strip() if setting == 'pairing' and group == None: group = PairingGroup(param) elif structure['setting'] == 'elliptic_curve' and group == None: group = ECGroup(param) elif structure['setting'] == 'integer': # TODO: this is a special case pass return bytesToObject(bytesObj, group)
def ecdsa(): group = ECGroup(prime192v2) ecdsa = ECDSA(group) results = 0.0 for i in range(0, number): start = time.clock() (public_key, secret_key) = ecdsa.keygen(0) end = time.clock() results += end - start mean = results / number logging.info("ECDSA key generation time: " + str(mean)) (public_key, secret_key) = ecdsa.keygen(0) msg = "hello world! this is a test message." results = 0.0 for i in range(0, number): start = time.clock() ecdsa.sign(public_key, secret_key, msg) end = time.clock() results += end - start mean = results / number logging.info("ECDSA signing time: " + str(mean)) signature = ecdsa.sign(public_key, secret_key, msg) results = 0.0 for i in range(0, number): start = time.clock() ecdsa.verify(public_key, signature, msg) end = time.clock() results += end - start mean = results / number logging.info("ECDSA verify time: " + str(mean)) ecdsa.verify(public_key, signature, msg)
def testRandomMessageDecode(self): group = ECGroup(prime192v2) for i in range(runs): msg_len = group.bitsize() s = OpenSSLRand().getRandomBytes(msg_len) g = group.encode(s) t = group.decode(g) assert s == t, "Failed to encode/decode %d properly" % i
def readPoint(pointX, pointY): group = ECGroup(prime192v1) point = group.deserialize(b'1:' + b64encode(a2b_hex('03' + pointX.zfill(48)))) if str(group.coordinates(point)[1]) != str(int(pointY, 16)): # print("inverting ("+str(group.coordinates(point)[1])+", "+str(int(pointY, 16))+")") point = point**-1 return point
def testRandomGroupDecode(self): group = ECGroup(prime192v1) for i in range(runs): r = group.random(G) m = group.decode(r, True) n = group.encode(m, True) assert r == n, "Failed to encode/decode properly including counter"
def testElGamal(self): groupObj = ECGroup(prime192v2) el = ElGamal(groupObj) (pk, sk) = el.keygen() msg = b"hello world!" cipher1 = el.encrypt(pk, msg) m = el.decrypt(pk, sk, cipher1) assert m == msg, "Failed Decryption!!!" if debug: print("SUCCESSFULLY DECRYPTED!!!")
def testECDSA(self): groupObj = ECGroup(prime192v2) ecdsa = ECDSA(groupObj) (pk, sk) = ecdsa.keygen(0) m = "hello world! this is a test message." sig = ecdsa.sign(pk, sk, m) assert ecdsa.verify(pk, sig, m), "Failed verification!" if debug: print("Signature Verified!!!")
def testElGamal(self): groupObj = ECGroup(prime192v2) el = ElGamal(groupObj) (pk, sk) = el.keygen() # message len should be group.bitsize() len for prime192v1 (or 20 bytes) msg = b'the hello world msg1' cipher1 = el.encrypt(pk, msg) m = el.decrypt(pk, sk, cipher1) assert m == msg, "Failed Decryption!!!" if debug: print("SUCCESSFULLY DECRYPTED!!!")
def oneHandler(oneParameter): group = ECGroup(security_dict[oneParameter.L]) t1 = group.init(ZR, int(oneParameter.t1)) t2 = group.init(ZR, int(oneParameter.t2)) t3 = group.init(ZR, int(oneParameter.t3)) t4 = group.init(ZR, int(oneParameter.t4)) t5 = group.init(ZR, int(oneParameter.t5)) gamma = group.init(ZR, int(oneParameter.gamma)) z1 = group.deserialize(str.encode(oneParameter.sz1)) z = group.deserialize(str.encode(oneParameter.sz)) a = group.deserialize(str.encode(oneParameter.sa)) b1 = group.deserialize(str.encode(oneParameter.sb1)) b2 = group.deserialize(str.encode(oneParameter.sb2)) g = group.deserialize(str.encode(oneParameter.sg)) h = group.deserialize(str.encode(oneParameter.sh)) y = group.deserialize(str.encode(oneParameter.sy)) message = oneParameter.M d = group.init(ZR, int(oneParameter.d)) u = group.init(ZR, int(oneParameter.u)) x = group.init(ZR, int(oneParameter.x)) s1 = group.init(ZR, int(oneParameter.s1)) s2 = group.init(ZR, int(oneParameter.s2)) zeta1 = z1**gamma zeta2 = z / zeta1 alpha = a * (g**t1) * (y**t2) beta1 = (b1**gamma) * (g**t3) * (zeta1**t5) beta2 = (b2**gamma) * (h**t4) * (zeta2**t5) epsilon = group.hash((zeta1, alpha, beta1, beta2, message), ZR) e = epsilon - t2 - t5 ####--------------------------------------- c = e - d r = u - c * x ####======================================= roi = r + t1 omega = c + t2 sigma1 = gamma * s1 + t3 sigma2 = gamma * s2 + t4 delta = d + t5 ####---------------------------------------- xi = group.deserialize(str.encode(oneParameter.sxi)) v = group.init(ZR, int(oneParameter.v)) xiv = xi**v ret = [ zeta1, zeta2, alpha, beta1, beta2, epsilon, e, c, r, roi, omega, sigma1, sigma2, delta, xiv, bytes.decode(group.serialize(xiv)), bytes.decode(group.serialize(zeta1)), bytes.decode(group.serialize(zeta2)) ] return (str(i) for i in ret)
def el_gamal_cryptosystem(): from charm.toolbox.eccurve import prime192v2 from charm.toolbox.ecgroup import ECGroup from charm.schemes.pkenc.pkenc_elgamal85 import ElGamal groupObj = ECGroup(prime192v2) el = ElGamal(groupObj) (public_key, secret_key) = el.keygen() msg = b"hello world!12345678" cipher_text = el.encrypt(public_key, msg) decrypted_msg = el.decrypt(public_key, secret_key, cipher_text) print(decrypted_msg == msg)
def main(): groupObj = ECGroup(prime192v1) pkenc = CS98(groupObj) hyenc = HybridEnc(pkenc) (pk, sk) = hyenc.keygen() m = b'this is a new message' cipher = hyenc.encrypt(pk, m) orig_m = hyenc.decrypt(pk, sk, cipher) assert m == orig_m, "Failed Decryption" if debug: print("Successful Decryption!!")
def readParams(filename='pc.param'): if (os.path.isfile(filename)): group = ECGroup(prime192v1) f = open(filename, 'rb') params = f.readline() f.close() params = bytesToObject(params, group) return [params, group] else: raise Exception( "I can't find the parameters file. You have to create them first using -n when starting." )
def testIntEncryption(): from charm.toolbox.eccurve import secp256k1 from charm.toolbox.ecgroup import ECGroup groupObj = ECGroup(secp256k1) hike = HIKE(groupObj) (secret_key, eval_key) = hike.keygen() (secret_key_prime, eval_key_prime) = hike.keygen() msg = 10 label = b"label1" print('Public Key...') Q = hike.publicKey(secret_key_prime) print() label = hike.generateLabel(secret_key, label, Q) cipher_text = hike.encrypt(secret_key, label, msg) program = {'f': [0, 1], 'labels': [label]} decrypted_msg = hike.decrypt(secret_key, program, cipher_text) print("Decrypted message {}".format(decrypted_msg)) print() print('Eval...') msg2 = 10 label2 = b"label2" label2 = hike.generateLabel(secret_key, label2, Q) program = {'f': [0, 1, 1], 'labels': [label, label2]} cipher_text2 = hike.encrypt(secret_key, label2, msg2) cipher_text_eval = hike.eval(program['f'], [cipher_text, cipher_text2]) decrypted_msg = hike.decrypt(secret_key, program, cipher_text_eval) print("Decrypted message eval f(0,1,1) and msg[1,1]: {}".format( decrypted_msg)) print() print('Token Gen...') tok = hike.tokenGen(secret_key, program) print() print('Token Dec...') tokenDec = hike.tokenDec(secret_key_prime, cipher_text, tok) print("TokenDec message {}".format(tokenDec)) print() print('ct: {}'.format(cipher_text['ct'])) print('Destroying ct....') ct = hike.destroyEnc(cipher_text) print('ct: {}'.format(ct['ct']))
def keygen(self): group = ECGroup(prime192v2) g = group.random(G) x = group.random(ZR) h = g**x pk = { 'g': g, 'h': h, 'group': group, 'order': 6277101735386680763835789423078825936192100537584385056049 } sk = {'x': x} return pk, sk
def initHandler(kappa): group = ECGroup(kappa) g, h = group.random(G), group.random(G) x, gamma = group.random(ZR), group.random(ZR) y, xi = g**x, g**gamma z = group.hash((g, h, y), G) ret = [g, h,\ bytes.decode(group.serialize(g)), bytes.decode(group.serialize(h)),\ x, y, gamma, xi,\ bytes.decode(group.serialize(y)), bytes.decode(group.serialize(xi)),\ z, bytes.decode(group.serialize(z))] return (str(k) for k in ret)
def testHybridEnc(self): groupObj = ECGroup(prime192v1) pkenc = ElGamal(groupObj) hyenc = HybridEnc(pkenc, msg_len=groupObj.bitsize()) (pk, sk) = hyenc.keygen() # message len should be group.bitsize() len for prime192v1 (or 20 bytes) m = b'the hello world msg1' cipher = hyenc.encrypt(pk, m) orig_m = hyenc.decrypt(pk, sk, cipher) assert m == orig_m, "Failed Decryption" if debug: print("Successful Decryption!!")
def testEC_CS98(self): groupObj = ECGroup(prime192v1) pkenc = CS98(groupObj) (pk, sk) = pkenc.keygen() M = b"hello world!!!" ciphertext = pkenc.encrypt(pk, M) message = pkenc.decrypt(pk, sk, ciphertext) assert M == message, "Failed Decryption!!!" if debug: print("SUCCESSFUL DECRYPTION!!! => %s" % message)
def testEC_CS98(self): groupObj = ECGroup(prime192v1) pkenc = CS98(groupObj) (pk, sk) = pkenc.keygen() # message len should be group.bitsize() len for prime192v1 (or 20 bytes) M = b'the hello world msg1' ciphertext = pkenc.encrypt(pk, M) message = pkenc.decrypt(pk, sk, ciphertext) assert M == message, "Failed Decryption!!!" if debug: print("SUCCESSFUL DECRYPTION!!! => %s" % message)
def main(): grp = ECGroup(secp256k1) ms = MuSig(grp) g = grp.random(G) if debug: print('Generator...', g) msg = 'hello there' num_signers = 5 if debug: print('{} signers will sign {}'.format(num_signers, msg)) signers = [ms.keygen(g) for _ in range(num_signers)] nonces = [ms.new_nonce() for _ in range(num_signers)] an = ms.aggregate_nonce(g, nonces) all_pub_keys = [signer[0] for signer in signers] if debug: print('Public keys...') for pk in all_pub_keys: print(pk) apk = ms.aggregated_pub_key(all_pub_keys) if debug: print('Aggregated Public key: ', apk) challenge = ms.compute_challenge(apk, an, msg) sigs = [ ms.sign(nonces[i], signers[i][1], signers[i][0], challenge, all_pub_keys) for i in range(num_signers) ] if debug: print('Signatures...') for sig in sigs: print(sig) asig = ms.aggregate_sigs(sigs) if debug: print('Aggregated signature: ', asig) assert ms.verify(all_pub_keys, (an, asig), msg), 'Aggregated sig verification failed' if debug: print('Verification succeeded')
def testCM_Ped92(self): groupObj = ECGroup(410) cm = CM_Ped92(groupObj) pk = cm.setup() if debug: print("Public parameters...") print("pk =>", pk) m = groupObj.random(ZR) if debug: print("Commiting to =>", m) (c, d) = cm.commit(pk, m) assert cm.decommit(pk, c, d, m), "FAILED to decommit" if debug: print("Successful and Verified decommitment!!!") del groupObj
def testECGroup(self): groupObj = ECGroup(prime192v1) p = groupObj.random() data = { 'p': p, 'String': "foo", 'list': [ p, {}, 1, 1.7, b'dfa', ] } x = objectToBytes(data, groupObj) data2 = bytesToObject(x, groupObj) self.assertEqual(data, data2)
def twoHandler(twoParameter): group = ECGroup(security_dict[twoParameter.L]) omega = group.init(ZR, int(twoParameter.omega)) delta = group.init(ZR, int(twoParameter.delta)) g = group.deserialize(str.encode(twoParameter.sg)) h = group.deserialize(str.encode(twoParameter.sh)) y = group.deserialize(str.encode(twoParameter.sy)) zeta1 = group.deserialize(str.encode(twoParameter.szeta1)) zeta2 = group.deserialize(str.encode(twoParameter.szeta2)) roi = group.init(ZR, int(twoParameter.roi)) sigma1 = group.init(ZR, int(twoParameter.sigma1)) sigma2 = group.init(ZR, int(twoParameter.sigma2)) tmp1 = (g**roi) * (y**omega) tmp2 = (g**sigma1) * (zeta1**delta) tmp3 = (h**sigma2) * (zeta2**delta) m = twoParameter.m return (str(omega + delta), str(group.hash((zeta1, tmp1, tmp2, tmp3, m), ZR)))
def initParams(): group = ECGroup(prime192v1) g = Params.readPoint( "188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012", "7192B95FFC8DA78631011ED6B24CDD573F977A11E794811") h = Params.readPoint( "87656f2b5fee3821b53b00d78bd61a8d407ce4393ea48906", "b52e5b337ca8f667935a63d02d6f6fec689c7f18a640a8a5") # g = group.random(G) # h = group.random(G) params = {'g': g, 'h': h} # generators for the proof of shuffling for i in range(-4, 100): # FIXME: make this 101 params['f' + str(i)] = group.random(G) f = open('pc.param', 'wb') f.write(objectToBytes(params, group)) f.close() return [params, group]
def setup(self, curve, subscribers): """ Setup the scheme using a trusted third party. """ group = ECGroup(curve) g = group.random(G) ak = 0 sk = list() for i in range(subscribers): key = group.random(ZR) ak -= key sk.append(key) self.pp = {'subscribers': subscribers, 'group': group, 'g': g} self.ak = ak self.sk = sk self.baby_steps = None return (self.pp, self.ak, self.sk)
def __init__(self, builtin_cv, common_input=None): Protocol.__init__(self, None) verifier_states = { 2: self.verifier_state2, 4: self.verifier_state4, 6: self.verifier_state6 } prover_states = { 1: self.prover_state1, 3: self.prover_state3, 5: self.prover_state5 } verifier_trans = {2: 4, 4: [2, 6]} prover_trans = {1: 3, 3: 5, 5: 1} # describe the parties involved and the valid transitions Protocol.addPartyType(self, VERIFIER, verifier_states, verifier_trans) Protocol.addPartyType(self, PROVER, prover_states, prover_trans, True) self.group = ECGroup(builtin_cv) #db = {} Protocol.setSubclassVars(self, self.group) #, db)
def testStringEncryption(): from charm.toolbox.eccurve import secp256k1 from charm.toolbox.ecgroup import ECGroup groupObj = ECGroup(secp256k1) hike = HIKE(groupObj) (secret_key, eval_key) = hike.keygen() (secret_key_prime, eval_key_prime) = hike.keygen() msg = b"hello world!1234567891234567" label = b"label1" print('Public Key...') Q = hike.publicKey(secret_key_prime) print() label = hike.generateLabel(secret_key, label, Q) cipher_text = hike.encrypt(secret_key, label, msg) program = {'f': [0, 1], 'labels': [label]} decrypted_msg = hike.decrypt(secret_key, program, cipher_text) print("Decrypted message {}".format(decrypted_msg)) print() tok = hike.tokenGen(secret_key, program) msg = hike.tokenDec(secret_key_prime, cipher_text, tok) print("TokenDec message {}".format(msg)) print() print('Destroying ct....') ct = hike.destroyEnc(cipher_text) decrypted_msg = hike.decrypt(secret_key, program, ct) print("Decrypted message {}".format(decrypted_msg)) print()
import time from charm.toolbox.ecgroup import ECGroup, ZR, G from charm.toolbox.eccurve import prime192v1, secp256k1, sect283k1, sect571k1 #192 bit group: g, h decoded_g192 = b'\xab\xd0}\x86\xe1\x92,\xdd Ceael\x1a\xc3\xb9\xf5a\xe9K\xcd7\xa4' decoded_h192 = b'\x00\xa3\x0brz\xea\xb0\xba\x005\t\xf9\xe9\xd2\x84\x0b\x18\x02\x18\xc2\xd7E\x13D' group192 = ECGroup(prime192v1) group256 = ECGroup(secp256k1) group283 = ECGroup(sect283k1) group571 = ECGroup(sect571k1) g256 = group256.random(G) h256 = group256.random(G) #Cofactor is 4 #TODO: Just doing 8 change to 4 g283 = (group283.random(G))**(group283.init(ZR, int(4))) h283 = (group283.random(G))**(group283.init(ZR, int(4))) g571 = (group571.random(G))**(group571.init(ZR, int(4))) h571 = (group571.random(G))**(group571.init(ZR, int(4))) decoded_g256 = group256.decode(g256) decoded_h256 = group256.decode(h256) decoded_g283 = group283.decode(g283) decoded_h283 = group283.decode(h283)
def setup(self, a): a['r'] = [group.random(ZR) for _ in range(len(a['m']))] a['r-1'] = [r**-1 for r in a['r']] a['R'] = [a['g']**r for r in a['r']] return {'R': a['R']} def choose(self, b): b['k'] = group.random(ZR) b['v'] = b['R'][b['b']]**b['k'] b['m'] = b['g']**b['k'] return {'v': b['v']} def mask(self, a): a["m'"] = [a['v']**r1 for r1 in a['r-1']] return {"m'": a["m'"]} if __name__ == "__main__": # Just testing OT = DLP(ECGroup(prime256v1)) a, b = OT.gen_params() OT.gen_msgs(a, 1000) b.update({'b': 2}) b.update(OT.setup(a)) a.update(OT.choose(b)) b.update(OT.mask(a)) print(b["m"] == a["m'"][b["b"]])