def encrypt(self, pk, m, salt=None): octetlen = int(ceil(int(pk['N']).bit_length() / 8.0)) EM = self.paddingscheme.encode(m, octetlen, "", salt) if debug: print("EM == >", EM) i = Conversion.OS2IP(EM) ip = integer(i) % pk['N'] #Convert to modular integer return (ip**pk['e']) % pk['N']
def eval(self, k, input1): if type(k) == integer: h = hmac.new(serialize(k), b'', hashlib.sha1) else: h = hmac.new(serialize(integer(k)), b'', hashlib.sha1) h.update(input1) return Conversion.bytes2integer(h.hexdigest())
def verify(self, pk, M, S): modbits = int(pk['N']).bit_length() k = int(ceil(modbits / 8.0)) emLen = int(ceil((modbits - 1) / 8.0)) if len(S) != k: if debug: print("Sig is %s octets long, not %" % (len(S), k)) return False s = Conversion.OS2IP(S) s = integer(s) % pk['N'] #Convert to modular integer m = (s**pk['e']) % pk['N'] EM = Conversion.IP2OS(m, emLen) if debug: print("Verifying") print("k =>", k) print("emLen =>", emLen) print("s =>", s) print("m =>", m) print("em =>", EM) print("S =>", S) return self.paddingscheme.verify(M, EM, modbits - 1)
def sign(self, sk, M, salt=None): #apply encoding modbits = int(sk['N']).bit_length() k = int(ceil(modbits / 8.0)) emLen = int(ceil((modbits - 1) / 8.0)) em = self.paddingscheme.encode(M, modbits - 1, salt) m = Conversion.OS2IP(em) m = integer(m) % sk['N'] #ERRROR m is larger than N s = (m**sk['d']) % sk['N'] S = Conversion.IP2OS(s, k) if debug: print("Signing") print("k =>", k) print("emLen =>", emLen) print("m =>", m) print("em =>", em) print("s =>", s) print("S =>", S) return S
def eval(self, k, input, outputLen): if outputLen % 8 != 0: return False if type(k) == integer: h = hmac.new(serialize(k), b'', hashlib.sha1) else: h = hmac.new(serialize(integer(k)), b'', hashlib.sha1) h.update(input) seed = Conversion.bytes2integer(h.hexdigest()) #print("Prf result =>", seed) return seed
def eval(self, k, input, outputLen): if outputLen%8 != 0: return False if type(k) == integer: h = hmac.new(serialize(k), b'', hashlib.sha1) else: h = hmac.new(serialize(integer(k)), b'', hashlib.sha1) h.update(input) seed = Conversion.bytes2integer(h.hexdigest()) #print("Prf result =>", seed) return seed
def strToId( pk , strID ) : '''Hash the identity string and break it up in to l bit pieces''' hash = sha1( strID ) val = Conversion.OS2IP( hash ) #Convert to integer format bstr = bin( val ) [ 2 : ] #cut out the 0b header v = [ ] for i in range( pk [ 'z' ] ) : #z must be greater than or e qual to 1 binsubstr = bstr [ pk [ 'l' ] * i : pk [ 'l' ] *( i + 1 ) ] intval = int( binsubstr , 2 ) intelement = group.init( ZR , intval ) v.append( intelement ) return v
def strToId(self, pk, strID): h = hashObj.copy() h.update(bytes(strID, 'utf-8')) hash = Bytes(h.digest()) val = Conversion.OS2IP(hash) bstr = bin(val)[2:] v = [] for i in range(pk['x']): binsubstr = bstr[pk['l'] * i:pk['l'] * (i + 1)] intval = int(binsubstr, 2) intelement = group.init(ZR, intval) v.append(intelement) return v
def verify(self, mpk, ID, M, sig): h = hashObj.copy() h.update(bytes(ID, 'utf-8')) hash = Bytes(h.digest()) val = Conversion.OS2IP(hash) bstr = bin(val)[2:] v = [] for i in range(mpk['x']): binsubstr = bstr[mpk['l'] * i:mpk['l'] * (i + 1)] intval = int(binsubstr, 2) intelement = group.init(ZR, intval) v.append(intelement) k = v h = hashObj.copy() h.update(bytes(M, 'utf-8')) hash = Bytes(h.digest()) val = Conversion.OS2IP(hash) bstr = bin(val)[2:] v = [] for i in range(mpk['x']): binsubstr = bstr[mpk['l'] * i:mpk['l'] * (i + 1)] intval = int(binsubstr, 2) intelement = group.init(ZR, intval) v.append(intelement) m = v S1 = sig['S1'] S2 = sig['S2'] S3 = sig['S3'] A = mpk['A'] g2 = mpk['g2'] comp1 = dotprod(group.init(G2), -1, mpk['x'], lam_func, mpk['ub'], k) comp2 = dotprod(group.init(G2), -1, mpk['x'], lam_func, mpk['ub'], m) if (pair(S1, g2) * pair(S2, mpk['u1b'] * comp1) * pair(S3, mpk['u2b'] * comp2)) == A: return True return False
def decrypt(self, pk, sk, c): octetlen = int(ceil(int(pk['N']).bit_length() / 8.0)) p = sk['p'] q = sk['q'] yp = sk['yp'] yq = sk['yq'] mp = (c ** ((p+1)/4)) % p mq = (c ** ((q+1)/4)) % q r1 = ((int(yp)*int(p)*int(mq)) + ((int(yq)*int(q)*int(mp)))) % int(sk['N']) r2 = int(sk['N']) - int(r1) s1 = (int(yp)*int(p)*int(mq) - int(yq)*int(q)*int(mp)) % int(sk['N']) s2 = int(sk['N']) - int(s1) m1 = r1 % int(sk['N']) m2 = r2 % int(sk['N']) m3 = s1 % int(sk['N']) m4 = s2 % int(sk['N']) os1 = Conversion.IP2OS(int(m1), octetlen) os2 = Conversion.IP2OS(int(m2), octetlen) os3 = Conversion.IP2OS(int(m3), octetlen) os4 = Conversion.IP2OS(int(m4), octetlen) if debug: print("OS1 =>", os1) print("OS2 =>", os2) print("OS3 =>", os3) print("OS4 =>", os4) for i in [os1, os2, os3, os4]: (isMessage, message) = self.redundancyscheme.decode(self.paddingscheme.decode(i)) if(isMessage): return message
def verify(self, pk, M, S, salt=None): #M = b'This is a malicious message' octetlen = int(ceil(int(pk['N']).bit_length() / 8.0)) sig_mess = (integer(S['s1']) ** 2) % pk['N'] sig_mess = Conversion.IP2OS(int(sig_mess), octetlen) if debug: print("OS1 =>", sig_mess) dec_mess = self.paddingscheme.decode(sig_mess) if debug: print("Verifying") print("sig_mess =>", sig_mess) print("dec_mess =>", dec_mess) print("S =>", S) return (dec_mess == M)
def keygen(self, mpk, msk, ID): h = hashObj.copy() h.update(bytes(ID, 'utf-8')) hash = Bytes(h.digest()) val = Conversion.OS2IP(hash) bstr = bin(val)[2:] v = [] for i in range(mpk['x']): binsubstr = bstr[mpk['l'] * i:mpk['l'] * (i + 1)] intval = int(binsubstr, 2) intelement = group.init(ZR, intval) v.append(intelement) k = v r = group.random(ZR) k1 = msk * ( (mpk['u1t'] * dotprod(group.init(G1), -1, mpk['x'], lam_func, mpk['u'], k))**r) k2 = mpk['g1']**-r sk = (k1, k2) return sk
def sign(self, mpk, sk, M): h = hashObj.copy() h.update(bytes(M, 'utf-8')) hash = Bytes(h.digest()) val = Conversion.OS2IP(hash) bstr = bin(val)[2:] v = [] for i in range(mpk['x']): binsubstr = bstr[mpk['l'] * i:mpk['l'] * (i + 1)] intval = int(binsubstr, 2) intelement = group.init(ZR, intval) v.append(intelement) m = v (k1, k2) = sk s = group.random(ZR) S1 = k1 * ( (mpk['u2t'] * dotprod(group.init(G1), -1, mpk['x'], lam_func, mpk['u'], m))**s) S2 = k2 S3 = mpk['g1']**-s sig = {'S1': S1, 'S2': S2, 'S3': S3} return sig
def sign(self,sk, M, salt=None): #apply encoding while True: octetlen = int(ceil(int(sk['N']).bit_length() / 8.0)) em = self.paddingscheme.encode(M, octetlen, "", salt) m = Conversion.OS2IP(em) m = integer(m) % sk['N'] #ERRROR m is larger than N p = sk['p'] q = sk['q'] yp = sk['yp'] yq = sk['yq'] mp = (m ** ((p+1)/4)) % p mq = (m ** ((q+1)/4)) % q r1 = ((int(yp)*int(p)*int(mq)) + ((int(yq)*int(q)*int(mp)))) % int(sk['N']) r2 = int(sk['N']) - int(r1) s1 = (int(yp)*int(p)*int(mq) - int(yq)*int(q)*int(mp)) % int(sk['N']) s2 = int(sk['N']) - int(s1) if(((int((integer(r1) ** 2) % sk['N'] - m)) == 0) or ((int((integer(r2) ** 2) % sk['N'] - m)) == 0) or ((int((integer(s1) ** 2) % sk['N'] - m)) == 0) or ((int((integer(s2) ** 2) % sk['N'] - m)) == 0)): break S = { 's1':r1, 's2':r2, 's3':s1, 's4':s2 } if debug: print("Signing") print("m =>", m) print("em =>", em) print("S =>", S) return S
def verifySigsRecursive(group, deltaz, verifyFuncArgs, argSigIndexMap, verifyArgsDict, dotA, dotB, dotD, sumE, mpk_1, mpk_6, mpk_7, A, startIndex, endIndex): l = 5 sigNumKey = 'Signature_Number' hashObj = hashlib.new('sha1') lam_func = lambda i, a, b: a[i]**b[i] for arg in verifyFuncArgs: argSigIndexMap[arg] = 0 dotA_runningProduct = group.init(G1, 1) dotB_runningProduct = group.init(G1, 1) dotF_runningProduct = group.init(GT, 1) dotD_runningProduct = group.init(G1, 1) sumE_runningProduct = group.init(ZR, 0) dotF_runningProduct = group.init(GT, 1) for y in range(0, l): dotC_runningProduct = group.init(G1, 1) for z in range(startIndex, endIndex): for arg in verifyFuncArgs: if (sigNumKey in verifyArgsDict[z][arg]): argSigIndexMap[arg] = int( verifyArgsDict[z][arg][sigNumKey]) else: argSigIndexMap[arg] = z h = hashObj.copy() h.update( bytes(verifyArgsDict[argSigIndexMap['ID']]['ID'][bodyKey], 'utf-8')) hash = Bytes(h.digest()) val = Conversion.OS2IP(hash) bstr = bin(val)[2:] v = [] for i in range(verifyArgsDict[argSigIndexMap['mpk']]['mpk'] [bodyKey]['x']): binsubstr = bstr[verifyArgsDict[ argSigIndexMap['mpk']]['mpk'][bodyKey]['l'] * i:verifyArgsDict[argSigIndexMap['mpk']]['mpk'] [bodyKey]['l'] * (i + 1)] intval = int(binsubstr, 2) intelement = group.init(ZR, intval) v.append(intelement) k = v h = hashObj.copy() h.update( bytes(verifyArgsDict[argSigIndexMap['M']]['M'][bodyKey], 'utf-8')) hash = Bytes(h.digest()) val = Conversion.OS2IP(hash) bstr = bin(val)[2:] v = [] for i in range(verifyArgsDict[argSigIndexMap['mpk']]['mpk'] [bodyKey]['x']): binsubstr = bstr[verifyArgsDict[ argSigIndexMap['mpk']]['mpk'][bodyKey]['l'] * i:verifyArgsDict[argSigIndexMap['mpk']]['mpk'] [bodyKey]['l'] * (i + 1)] intval = int(binsubstr, 2) intelement = group.init(ZR, intval) v.append(intelement) m = v S2 = verifyArgsDict[argSigIndexMap['sig']]['sig'][bodyKey]['S2'] S3 = verifyArgsDict[argSigIndexMap['sig']]['sig'][bodyKey]['S3'] dotC_runningProduct = dotC_runningProduct * ( S2**(deltaz[z] * k[y]) * S3**(deltaz[z] * m[y])) dotF_runningProduct = dotF_runningProduct * pair( dotC_runningProduct, verifyArgsDict[argSigIndexMap['mpk']]['mpk'][bodyKey]['ub'][y]) for index in range(startIndex, endIndex): dotA_runningProduct = dotA_runningProduct * dotA[index] dotB_runningProduct = dotB_runningProduct * dotB[index] dotD_runningProduct = dotD_runningProduct * dotD[index] sumE_runningProduct = sumE_runningProduct + sumE[index] if (pair(dotA_runningProduct, mpk_1) * ((pair(dotB_runningProduct, mpk_6) * dotF_runningProduct) * pair(dotD_runningProduct, mpk_7))) == A**sumE_runningProduct: return else: midWay = int((endIndex - startIndex) / 2) if (midWay == 0): print("sig " + str(startIndex) + " failed\n") return midIndex = startIndex + midWay verifySigsRecursive(group, deltaz, verifyFuncArgs, argSigIndexMap, verifyArgsDict, dotA, dotB, dotD, sumE, mpk_1, mpk_6, mpk_7, A, startIndex, midIndex) verifySigsRecursive(group, deltaz, verifyFuncArgs, argSigIndexMap, verifyArgsDict, dotA, dotB, dotD, sumE, mpk_1, mpk_6, mpk_7, A, midIndex, endIndex)
lam_func = lambda i, a, b: a[i]**b[i] for sigIndex in range(0, numSigs): for arg in verifyFuncArgs: if (sigNumKey in verifyArgsDict[sigIndex][arg]): argSigIndexMap[arg] = int( verifyArgsDict[sigIndex][arg][sigNumKey]) else: argSigIndexMap[arg] = sigIndex h = hashObj.copy() h.update( bytes(verifyArgsDict[argSigIndexMap['ID']]['ID'][bodyKey], 'utf-8')) hash = Bytes(h.digest()) val = Conversion.OS2IP(hash) bstr = bin(val)[2:] v = [] for i in range( verifyArgsDict[argSigIndexMap['mpk']]['mpk'][bodyKey]['x']): binsubstr = bstr[ verifyArgsDict[argSigIndexMap['mpk']]['mpk'][bodyKey]['l'] * i:verifyArgsDict[argSigIndexMap['mpk']]['mpk'][bodyKey]['l'] * (i + 1)] intval = int(binsubstr, 2) intelement = group.init(ZR, intval) v.append(intelement) k = v h = hashObj.copy() h.update( bytes(verifyArgsDict[argSigIndexMap['M']]['M'][bodyKey], 'utf-8'))
def decrypt(self, pk, sk, c): octetlen = int(ceil(int(pk['N']).bit_length() / 8.0)) M = (c**(sk['d'] % sk['phi_N'])) % pk['N'] os = Conversion.IP2OS(int(M), octetlen) if debug: print("OS =>", os) return self.paddingscheme.decode(os)
def testIP2OS(self): #9,202,000 = (0x)8c 69 50. os = Conversion.IP2OS(9202000) self.assertEqual(os, b'\x8c\x69\x50')
def testOS2IP(self): #9,202,000 = (0x)8c 69 50. i = Conversion.OS2IP(b'\x8c\x69\x50') self.assertEqual(i, 9202000)
def getRandomBits(self, length): i = randomBits(length) len = math.ceil(length / 8) return Conversion.IP2OS(i, len)
def testIP2OSLen(self): i = 9202000 os = Conversion.IP2OS(i, 200) i2 = Conversion.OS2IP(os) self.assertEqual(i, i2)
def getRandomBytes(self, length): bits = length * 8 val = randomBits(bits) return Conversion.IP2OS(val, length)