Пример #1
0
def main():
    pksig = Sig_RSA_Stateless_HW09() 
    # fixed params for unit tests
    p = integer(13075790812874903063868976368194105132206964291400106069285054021531242344673657224376055832139406140158530256050580761865568307154219348003780027259560207)
    q = integer(12220150399144091059083151334113293594120344494042436487743750419696868216757186059428173175925369884682105191510729093971051869295857706815002710593321543)
    (pk, sk) = pksig.keygen(1024, p, q)
    if debug:
        print("Public parameters...")
        print("pk =>", pk)
        print("sk =>", sk)
    
    m = SHA1(b'this is the message I want to hash.')
    m2 = SHA1(b'please sign this message too!')
    #m = b'This is a message to hash'
    sig = pksig.sign(pk, sk, m)
    if debug:
        print("Signature...")
        print("sig =>", sig)
    sig2 = pksig.sign(pk, sk, m2)
    if debug:
        print("Signature 2...")
        print("sig2 =>", sig2)
    
    assert pksig.verify(pk, m, sig), "FAILED VERIFICATION!!!"
    assert pksig.verify(pk, m2, sig2), "FAILED VERIFICATION!!!"
    if debug: print("Successful Verification!!!")
Пример #2
0
 def setparam(self, p, q):
     if p == (2 * q) + 1 and isPrime(p) and isPrime(q):
         self.p = integer(p)
         self.q = integer(q)
         return True
     else:
         print("p and q are not safe primes!")
     return False
Пример #3
0
 def setparam(self, p, q):
     if isPrime(p) and isPrime(q) and p != q:
         self.p = integer(p)
         self.q = integer(q)
         self.n = self.p * self.q
         return True
     else:
         print("p and q are not primes!")
     return False
Пример #4
0
 def hashToZn(self, value):
     if type(value) == pairing:
         h = hashlib.new(self.hash_type)
         h.update(self.e.serialize(value))
         #print "digest => %s" % h.hexdigest()
         # get raw bytes of digest and hash to Zr
         val = h.digest()
         return integer(int(self.e.H(val, ZR)))
         # do something related to that
     if type(value) == integer:
         str_value = int2Bytes(value)
         return integer(int(self.e.H(str_value, ZR)))
     return None
Пример #5
0
    def verify(self, pk, message, sig):
        if debug: print("\nVERIFY\n\n")
        sigma1, r, s, e = sig['sigma1'], sig['r'], sig['s'], sig['e']
        K, L, c, keyLength, u, h, N = pk['K'], pk['L'], pk['c'], pk['length'], pk['u'], pk['h'], pk['N']
    
        # Make sure that 0 < s < 2^{keylength/2}, else reject the signature
        if not (0 < s and s < (2 ** (keyLength/2))):
            return False

        # Compute e = H_k(s) and reject the signature if it's not prime
        ei = self.HW_hash(K, c, s, keyLength) % N
        if not isPrime(ei):
            if debug: print("ei not prime")
            return False
        
        # Compute Y = sigma1^{2*ceil(log2(s))}
        s1 = integer(2 ** (math.ceil(log[2](s))))
        Y = (sigma1 ** s1) % N
        
        # Hash the mesage using the chameleon hash with fixed randomness r
        (x, r2) = self.ChameleonHash.hash(L, message, r)

        lhs = (Y ** ei) % N
        rhs = ((u ** x) * h) % N
        if debug:
            print("lhs =>", lhs)
            print("rhs =>", rhs)
        # Verify that Y^e = (u^x h) mod N.  If so, accept the signature
        if lhs == rhs:
            return True
        # Default: reject the signature
        return False
Пример #6
0
 def HW_hash(self, key, c, input, keyLen):
     C = integer(c)
     input_size = bitsize(c)
     input_b = Conversion.IP2OS(input, input_size)
     # Return c XOR PRF(k, input), where the output of PRF is keyLength bits
     result = C ^ self.Prf.eval(key, input_b)
     return result
Пример #7
0
 def pow(self, modularInt):
   # TODO: Verify that this is a blum integer!!!!!!!
   p, q = self.p, self.q
   result = integer(modularInt) % (p * q)
   for repeat in range(self.raisedToThePower):
       result = result ** (((p-1)*(q-1)+4)/8)
   return result
Пример #8
0
 def eval(self, k, input1): 
   if type(k) == integer:
       h = hmac.new(serialize(k), b'', hashlib.sha1)
   else:
       h = hmac.new(serialize(integer(k)), b'', hashlib.sha1)
   
   h.update(input1)
   return Conversion.bytes2integer(h.hexdigest())
Пример #9
0
def main():
    pksig = Sig_CL03() 

    p = integer(21281327767482252741932894893985715222965623124768085901716557791820905647984944443933101657552322341359898014680608292582311911954091137905079983298534519)
    q = integer(25806791860198780216123533220157510131833627659100364815258741328806284055493647951841418122944864389129382151632630375439181728665686745203837140362092027)

    (pk, sk) = pksig.keygen(1024, p, q)
    if debug:
        print("Public parameters...")
        print("pk =>", pk)
        print("sk =>", sk)
    
    m = integer(SHA1(b'This is the message I want to hash.'))
    sig = pksig.sign(pk, sk, m)
    if debug:
        print("Signature...")
        print("sig =>", sig)
    
    assert pksig.verify(pk, m, sig), "FAILED VERIFICATION!!!"
    if debug: print("Successful Verification!!!")
Пример #10
0
  def eval(self, k, input, outputLen):
    if outputLen%8 != 0:
       return False
    if type(k) == integer:
        h = hmac.new(serialize(k), b'', hashlib.sha1)
    else:
        h = hmac.new(serialize(integer(k)), b'', hashlib.sha1)
    h.update(input)
    seed = Conversion.bytes2integer(h.hexdigest())

    #print("Prf result =>", seed)
    return seed
Пример #11
0
 def HW_hash(self, key, c, input, keyLen):
     # Return c XOR PRF(k, input), where the output of PRF is keyLength bits
     if type(input) != str:
         input_temp = input
         input_s = ''
         while input_temp > 0:
             input_s = chr(input_temp & 0xff) + input_s
             input_temp = input_temp >> 8
         input_b = Bytes(input_s, 'utf8')
     else: 
         assert False, "Invalid input: need an integer."
     result = integer(c) ^ self.Prf.eval(key, input_b, keyLen)
     #print("HW_hash =>", result)
     return result
Пример #12
0
    def signCommit(self, pk, sk, Cx):
        e = randomPrime(le)

        ls = ln + lm + l
        rprime = integer(randomBits(ls))

        phi_N = (sk['p']-1)*(sk['q']-1)
        e2 = e % phi_N
    
        v = (((Cx)*(pk['b'] ** rprime)*pk['c']) ** (e2 ** -1)) % pk['N']

        sig = { 'e':e, 'rprime':rprime, 'v':v }

        return sig
Пример #13
0
    def sign(self, pk, sk, m):
        e = randomPrime(le)

        ls = ln + lm + l
        s = integer(randomBits(ls))

        phi_N = (sk['p']-1)*(sk['q']-1)
        e2 = e % phi_N
    
        v = (((pk['a'] ** m)*(pk['b'] ** s)*pk['c']) ** (e2 ** -1)) % pk['N']

        sig = { 'e':e, 's':s, 'v':v }

        return sig
Пример #14
0
    def verify(self, pk, message, sig):
        print("\nVERIFY\n\n")
        sigma1, r, s, e = sig['sigma1'], sig['r'], sig['s'], sig['e']
        K, L, c, keyLength, u, h, N = pk['K'], pk['L'], pk['c'], pk['length'], pk['u'], pk['h'], pk['N']
    
        # Make sure that 0 < s < 2^{keylength/2}, else reject the signature
        if not (0 < s and s < (2 ** (keyLength/2))):
            return False
      
        # Compute Y = sigma1^{2*ceil(log2(s))}
        s1 = integer(2 ** math.ceil(math.log(s,2)))
        print("s1 =>", s1)
        Y = sigma1 ** s1
        print("Y =>", Y)
        # Hash the mesage using the chameleon hash with fixed randomness r
        (x, r) = self.ChameleonHash.hash(L, message, r)
        print("x =>", x)
        print("r =>", r)
        # Compute e = H_k(s) and reject the signature if it's not prime
        #e = self.HW_hash(K, c, s, keyLength)

        print("verify: e =>", e)
        if not isPrime(e):
            return False
    
        print("Final check")
        print()
        lhs = (Y ** e) % N
        print("lhs =>", lhs)
        rhs = ((u ** x) * h) % N
        print("rhs =>", rhs)
        # Verify that Y^e = (u^x h) mod N.  If so, accept the signature
        if lhs == rhs:
            return True
        # Default: reject the signature
        return False
Пример #15
0
 def pow(self, modularInt):
   p, q = self.p, self.q
   result = integer(modularInt) % (p * q)
   for repeat in range(self.raisedToThePower):
       result = result ** (((p-1)*(q-1)+4)/8)
   return result
Пример #16
0
 def keygen(self, bits):
   return integer(randomBits(bits))