Пример #1
def dh_encrypt(pub, message, aliceSig=None):
    """ Assume you know the public key of someone else (Bob), 
    and wish to Encrypt a message for them.
        - Generate a fresh DH key for this message.
        - Derive a fresh shared key.
        - Use the shared key to AES_GCM encrypt the message.
        - Optionally: sign the message with Alice's key.

    # Bob's public key is a point on the curve
    bob_pub = pub

    G, alice_priv, alice_pub = dh_get_key()
    # Alice's private key is a scalar
    # shared_key_point = bob_pub * alice_priv # this is multiplication of a point with a scalar
    shared_key_point = bob_pub.pt_mul(alice_priv)
    # We convert this shared_key point to a
    # string binary representation with .export
    # .export :
    # "Returns a string binary representation
    #  of the point in compressed coordinates"
    shared_key_point_binary = shared_key_point.export()
    # Then we hash the value to produce a 256 bit key
    shared_key = sha256(shared_key_point_binary).digest()
    plaintext = message.encode("utf8")

    aes = Cipher("aes-256-gcm")
    iv = urandom(16)
    encrypted_text, tag = aes.quick_gcm_enc(shared_key, iv, plaintext)
    # iv, encrypted_text, tag = encrypt_message(shared_key, message)
    return alice_pub, iv, encrypted_text, tag
Пример #2
    def __init__(self, G, name, priv, pki):
        # Maths
        self.G = G
        self.g = self.G.generator()
        self.order = self.G.order()

        ## Store keys
        self.priv = priv
        self.pub = priv * self.g

        self.pki = pki
        self.name = name

        # Which channel are we in?
        self.admins = []
        self.members = []

        # Channel key stores
        self.Ks = []

        ## Generate an ephemeral signature key
        self.priv_sign = self.order.random()
        self.pub_sign = self.priv_sign * self.g

        ## Storage for short term dictionaries
        self.current_dict = {"me": self.pub_sign}

        ## Generate an ephemeral signature key
        self.priv_enc = self.order.random()
        self.pub_enc = self.priv_enc * self.g

        self.aes = Cipher("aes-128-gcm")
Пример #3
def dh_encrypt(pub, message, aliceSig = None):
    """ Assume you know the public key of someone else (Bob), 
    and wish to Encrypt a message for them.
        - Generate a fresh DH key for this message.
        - Derive a fresh shared key.
        - Use the shared key to AES_GCM encrypt the message.
        - Optionally: sign the message with Alice's key.
    # pub is bob's pub key, alicesig is my private sig key,
    # which shuold be different from enc/dec keypair
    # for cryptographic sec reasons

    # priv is an integer, pub is an ec point
    alice_G, alice_priv, alice_pub = dh_get_key()

    # shared secret = my priv x bob's pub point
    shared_key = alice_priv * pub
    # hash ec pt to derive key
    shared_key = sha256(shared_key.export()).digest()

    # aes_gcm encrypt
    aes = Cipher("aes-256-gcm")
    iv = urandom(len(shared_key))
    ciphertext, tag = aes.quick_gcm_enc(shared_key, iv, message.encode("utf-8"))

    # sign message (assume using common curve)
    # hash ciphertext
    sig = do_ecdsa_sign(EcGroup(), aliceSig, sha256(ciphertext).digest()) if aliceSig else None

    # return alice_pub for dh_decrypt on bob side
    # (because bob needs alice's pub to gen shared secret)
    return (iv, ciphertext, tag, alice_pub, sig)
Пример #4
def dh_decrypt(priv, ciphertext, aliceVer = None):
    """ Decrypt a received message encrypted using your public key, 
    of which the private key is provided. Optionally verify 
    the message came from Alice using her verification key."""
    # ciphertext be (iv, ciphertext, tag, sender_pub, sig)
    # bob decrypting: check sig using alice's pub ver key,
    # then decrypt using shared key derived from priv (bob's private key)

    # check input parameter format
    if (not isinstance(ciphertext, tuple)) or (isinstance(ciphertext, tuple) and len(ciphertext) != 5):
        raise Exception("Expecting tuple (iv, ciphertext, tag, sender public key, signature).")
    iv, encmsg, tag, sender_pub, sig = ciphertext

    # verify signature
    if aliceVer:
        if not sig:
           raise Exception("Signature required before decyption.")
        elif not do_ecdsa_verify(EcGroup(), aliceVer, sig, sha256(encmsg).digest()):
           raise Exception("Signature verification failed.")
    # shared key = bob priv x alice's pub point
    shared_key = priv * sender_pub
    # hash
    shared_key = sha256(shared_key.export()).digest()

    # decrypt
    aes = Cipher("aes-256-gcm")
    plaintext = aes.quick_gcm_dec(shared_key, iv, encmsg, tag)

    return plaintext.encode("utf-8")
Пример #5
    def __init__(self, group=None, header_len = 192, body_len = 1024, assoc_len=0, k=16, dest_len=16):
        self.aes = Cipher("AES-128-CTR")
        self.cbc = Cipher("AES-128-CBC")

        self.assoc_len = assoc_len
        self.max_len = header_len

        self.zero_pad = b"\x00" * (2 * self.max_len)

        self.m = body_len
        self.k = k
        self.dest_len = dest_len

        self.group = group
        if not group:
            self.group = Group_ECC()
Пример #6
 def aes_enc_dec(self, data):
  ''' AES Enc/Dec '''
  aes = Cipher("AES-128-CBC")
  enc = aes.enc(self.key, self.ctr_iv)
  output = enc.update(data)
  output += enc.finalize()
  return output
Пример #7
def dh_encrypt(pub, message):
    """ Assume you know the public key of someone else (Bob), 
    and wish to Encrypt a message for them.
        - Generate a fresh DH key for this message.
        - Derive a fresh shared key.
        - Use the shared key to AES_GCM encrypt the message.
        - Optionally: sign the message.

    Group, private, public = dh_get_key()  #generate new DH pair for Alice
    #private key is an integer/scalar and public key is a point on the curve

    #check whether public key of Bob is valid and on curve
    assert Group.check_point(pub)

    #Alice obtains shared secret by multiplying her private key with bob's forwarded public key
    key = pub.pt_mul(private)  #dA* qB
    print "key from enc is", key

    hashedKey = sha256(key.export()).digest()

    plaintext = message.encode("utf8")  #encode message
    aes = Cipher("aes-128-gcm")  #select cipher
    iv = urandom(16)  #generate initialization vector
    cipher, tag = aes.quick_gcm_enc(hashedKey[:16], iv,
                                    plaintext)  #encrypt using shared key
    ciphertext = [iv, cipher, tag, public]

    return ciphertext
Пример #8
class PublicParams(object):
    ec_group = attrib(default=Factory(EcGroup))
    hash_func = attrib(default=Factory(lambda: sha256))
    enc_cipher = attrib(default=Factory(lambda: Cipher("aes-128-gcm")))
    enc_key_size = attrib(default=16)
    lookup_key_size = attrib(default=8)
    nonce_size = attrib(default=16)
Пример #9
def test_cbc_oram_enc_dec():

    aes = Cipher("AES-128-CBC")
    key = urandom(16)
    iv = urandom(16)
    ipt = [urandom(16), "Hello"]

    IV, data = ipt
    IV0 = KDF(iv, IV).iv
    enc = aes.enc(key, IV0)
    data = enc.update(data)
    data += enc.finalize()
    IV1 = KDF(iv, data[0:16]).iv
    enc = aes.enc(key, IV1)
    IV = enc.update(IV)
    IV += enc.finalize()
    datablock = [IV, data]

    IV, data = datablock
    IV1 = KDF(iv, data[0:16]).iv
    dec = aes.dec(key, IV1)
    IV = dec.update(IV)
    IV += dec.finalize()
    IV0 = KDF(iv, IV).iv
    dec = aes.dec(key, IV0)
    data = dec.update(data)
    data += dec.finalize()
    datablock = [IV, data]

    assert ipt == datablock
Пример #10
 def aes_enc_dec(self, key, iv, input_):
     """A helper function which implements the AES-128 encryption in counter mode CTR"""
     aes = Cipher("AES-128-CTR")
     enc = aes.enc(key, iv)
     output = enc.update(input_)
     output += enc.finalize()
     return output
Пример #11
def encrypt_message(K, message):
    """ Encrypt a message under a key K """

    plaintext = message.encode("utf8")
    aes = Cipher("aes-128-gcm")
    iv = urandom(16)
    ciphertext, tag = aes.quick_gcm_enc(K, iv, plaintext)
    return (iv, ciphertext, tag)
Пример #12
 def aes_cbc(self, key, IV, data):
     #Input: Encryption key, Initialization vector, data to encrypt
     #Output: Encrypted data with IV and key
     aes = Cipher("AES-128-CBC")
     enc = aes.enc(key, IV)
     output = enc.update(data)
     output += enc.finalize()
     return output
Пример #13
def encrypt_message(K, message, key_length=16):
    """ Encrypt a message under a key K """

    plaintext = message.encode("utf8")
    aes = Cipher("aes-{}-gcm".format(key_length * 8))
    iv = urandom(key_length)
    ciphertext, tag = aes.quick_gcm_enc(K, iv, plaintext)

    return iv, ciphertext, tag
Пример #14
def decrypt_message(K, iv, ciphertext, tag):
    """ Decrypt a cipher text under a key K 

        In case the decryption fails, throw an exception.
    aes = Cipher("aes-128-gcm")
    plain = aes.quick_gcm_dec(K, iv, ciphertext, tag)

    return plain.encode("utf8")
Пример #15
def decrypt_message(K, iv, ciphertext, tag, key_length=16):
    """ Decrypt a cipher text under a key K 

        In case the decryption fails, throw an exception.
    aes = Cipher("aes-{}-gcm".format(key_length * 8))
    plain = aes.quick_gcm_dec(K, iv, ciphertext, tag)

    return plain.encode("utf8")
Пример #16
def decrypt_message(K, iv, ciphertext, tag):
    """ Decrypt a cipher text under a key K 

        In case the decryption fails, throw an exception.
    aes = Cipher("aes-128-gcm")  # Initialize AES-GCM with 128 bit keys
    plain = aes.quick_gcm_dec(K, iv, ciphertext, tag)

    return plain.encode("utf8")
Пример #17
def encrypt_message(K, message):
    """ Encrypt a message under a key K """
    plaintext = message.encode("utf8")

    aes = Cipher("aes-128-gcm")  # Initialize AES-GCM with 128 bit keys
    iv = urandom(16)
    # Encryption using AES-GCM returns a ciphertext and a tag
    ciphertext, tag = aes.quick_gcm_enc(K, iv, plaintext)

    return (iv, ciphertext, tag)
Пример #18
def dh_decrypt(priv, ciphertext, aliceVer=None):
    """ Decrypt a received message encrypted using your public key, 
    of which the private key is provided. Optionally verify 
    the message came from Alice using her verification key."""
    iv, enc_msg, tag, pub_enc = ciphertext
    shared_key = pub_enc.pt_mul(priv).export()
    hashed_shared_key = sha256(shared_key).digest()
    aes = Cipher("aes-128-gcm")
    plaintext = aes.quick_gcm_dec(hashed_shared_key[:16], iv, enc_msg,
    return plaintext
Пример #19
def dh_decrypt(priv, ciphertext, aliceVer=None):
    """ Decrypt a received message encrypted using your public key, 
    of which the private key is provided. Optionally verify 
    the message came from Alice using her verification key."""

    iv, ciphertext, tag, pub_enc = ciphertext
    freshKey = pub_enc.pt_mul(priv).export()[:16]
    aes = Cipher("aes-128-gcm")
    plaintext = aes.quick_gcm_dec(freshKey, iv, ciphertext, tag)
    return plaintext.encode("utf8")
Пример #20
def decrypt_message(K, iv, ciphertext, tag):
    """ Decrypt a cipher text under a key K 
        In case the decryption fails, throw an exception.
        aes = Cipher("aes-128-gcm")
        plain = aes.quick_gcm_dec(K, iv, ciphertext, tag)
        raise Exception("decryption failed")

    return plain.encode("utf8")
Пример #21
def decrypt_message(K, iv, ciphertext, tag):
    """ Decrypt a cipher text under a key K 

        In case the decryption fails, throw an exception.

    # we declare the aes cipher
    aes = Cipher("aes-128-gcm")
    # we decode the ciphertext
    plain = aes.quick_gcm_dec(K, iv, ciphertext, tag)
    # we return the unencrypted message
    return plain.encode("utf8")
Пример #22
def decrypt_message(K, iv, ciphertext, tag):
    """ Decrypt a cipher text under a key K

        In case the decryption fails, throw an exception.
    ## YOUR CODE HERE tests
    aes = Cipher("aes-128-gcm")
        m = aes.quick_gcm_dec(K, iv, ciphertext,tag)
        m = m.decode("utf8")
        raise Exception('decryption failed')

    return m
Пример #23
def aes_ctr_enc_dec(key, iv, input):
    """ A helper function that implements AES Counter (CTR) Mode encryption and decryption. 
    Expects a key (16 byte), and IV (16 bytes) and an input plaintext / ciphertext.
    If it is not obvious convince yourself that CTR encryption and decryption are in 
    fact the same operations.

    aes = Cipher("AES-128-CTR")

    enc = aes.enc(key, iv)
    output = enc.update(input)
    output += enc.finalize()

    return output
Пример #24
def decrypt_message(K, iv, ciphertext, tag, key_length=128):
    """ Decrypt a cipher text under a key K 

        In case the decryption fails, throw an exception.

    if key_length not in [128, 192, 256]:
        raise Exception("Invalid key length")

    aes = Cipher("aes-%s-gcm" % str(key_length))

    plain = aes.quick_gcm_dec(K, iv, ciphertext, tag)

    return plain.encode("utf8")
Пример #25
def decrypt_message(K, iv, ciphertext, tag):
    """ Decrypt a cipher text under a key K 

        In case the decryption fails, throw an exception.
    plain = ''
    aes = Cipher("aes-128-gcm")
        plain = aes.quick_gcm_dec(K, iv, ciphertext,tag)
        plain = plain.decode("utf8")
        raise Exception('decryption failed')

    return plain
Пример #26
def encrypt_message(K, message):
    """ Encrypt a message under a key K """

    plaintext = message.encode("utf8")


    # we declare the aes cipher
    aes = Cipher("aes-128-gcm")
    # we generate the iv
    iv = urandom(16)
    # we encrypt the message "plaintext" using the key K provided and the iv we generated
    ciphertext, tag = aes.quick_gcm_enc(K, iv, plaintext)

    return (iv, ciphertext, tag)
Пример #27
def encrypt_message(K, message, key_length=128):
    """ Encrypt a message under a key K """

    plaintext = message.encode("utf8")

    iv = urandom(16)

    if key_length not in [128, 192, 256]:
        raise Exception("Invalid key length")

    aes = Cipher("aes-%s-gcm" % str(key_length))

    ciphertext, tag = aes.quick_gcm_enc(K, iv, plaintext)

    return (iv, ciphertext, tag)
Пример #28
def dh_encrypt(pub, message, aliceSig=None):
    """ Assume you know the public key of someone else (Bob), 
    and wish to Encrypt a message for them.
        - Generate a fresh DH key for this message.
        - Derive a fresh shared key.
        - Use the shared key to AES_GCM encrypt the message.
        - Optionally: sign the message with Alice's key.
    (G, priv_dec, pub_enc) = dh_get_key()
    shared_key = pub.pt_mul(priv_dec).export()
    hashed_shared_key = sha256(shared_key).digest()
    iv = urandom(16)
    aes = Cipher("aes-128-gcm")
    ciphertext, tag = aes.quick_gcm_enc(hashed_shared_key[:16], iv,
    return (iv, ciphertext, tag, pub_enc)
Пример #29
def test_cbc_enc_dec():

    aes = Cipher("AES-128-CBC")
    key = urandom(16)
    iv = urandom(16)
    ipt = "Hello"

    enc = aes.enc(key, iv)
    ciphertext = enc.update(ipt)
    ciphertext += enc.finalize()

    dec = aes.dec(key, iv)
    plaintext = dec.update(ciphertext)
    plaintext += dec.finalize()

    assert ipt == plaintext
Пример #30
    def cascade_rebuild(self, seed, key, iv, flags, inverse, data):
        #Cascade Rebuild data processing function
        #print "MIX: Cascade Rebuild enc/perm"
        if not inverse and not flags[2]:
            data = self.permute(seed, data, inverse)

        aes = Cipher("AES-128-CTR")
        enc = aes.enc(key, iv)

        #for i in range(len(data)):
        #	data[i] = enc.update(data[i])
        #	data[i] += enc.finalize()

        if inverse and not flags[2]:
            data = self.permute(seed, data, inverse)
        return data