double powers_double(int gb,int eb,big p) { int iterations=0; clock_t start; double elapsed; big g1,e1,g2,e2,w; char *mem; mem=(char *)memalloc(5); g1=mirvar_mem(mem,0); e1=mirvar_mem(mem,1); g2=mirvar_mem(mem,2); e2=mirvar_mem(mem,3); w=mirvar_mem(mem,4); bigbits(gb,g1); bigbits(gb,g2); bigbits(eb,e1); bigbits(eb,e2); start=clock(); do { powmod2(g1,e1,g2,e2,p,w); iterations++; elapsed=(clock()-start)/(double)CLOCKS_PER_SEC; } while (elapsed<MIN_TIME || iterations<MIN_ITERS); elapsed=1000.0*elapsed/iterations; printf("D - %8d iterations of %4d/%4d ",iterations,gb,eb); printf(" %8.2lf ms per iteration\n",elapsed); memkill(mem,4); return elapsed; }
double powers_small_base(int g,int eb,big p) { int iterations=0; big e,w; clock_t start; double elapsed; char *mem; mem=(char *)memalloc(2); e=mirvar_mem(mem,0); w=mirvar_mem(mem,1); bigbits(eb,e); start=clock(); do { powltr(g,e,p,w); iterations++; elapsed=(clock()-start)/(double)CLOCKS_PER_SEC; } while (elapsed<MIN_TIME || iterations<MIN_ITERS); elapsed=1000.0*elapsed/iterations; printf("S - %8d iterations of g=%d/%4d ",iterations,g,eb); printf(" %8.2lf ms per iteration\n",elapsed); memkill(mem,2); return elapsed; }
ZR SmallExp(int bits) { big t = mirvar(0); bigbits(bits, t); ZR zr(t); mr_free(t); return zr; }
double mult2_precomp(int eb,big x,big y,big a2,big a6,int M,int A,int B,int C) { big e,c,d; int iterations=0; ebrick2 binst; clock_t start; double elapsed; char *mem; mem=(char *)memalloc(3); e=mirvar_mem(mem,0); c=mirvar_mem(mem,1); d=mirvar_mem(mem,2); ebrick2_init(&binst,x,y,a2,a6,M,A,B,C,WINDOW,eb); bigbits(eb,e); start=clock(); do { mul2_brick(&binst,e,c,d); iterations++; elapsed=(clock()-start)/(double)CLOCKS_PER_SEC; } while (elapsed<MIN_TIME || iterations<MIN_ITERS); elapsed=1000.0*elapsed/iterations; printf("EP - %8d iterations ",iterations); printf(" %8.2lf ms per iteration\n",elapsed); ebrick2_end(&binst); memkill(mem,3); return elapsed; }
double powers_small_exp(int gb,long ex,big p) { int iterations=0; big g,e,w; clock_t start; double elapsed; char *mem; mem=(char *)memalloc(3); g=mirvar_mem(mem,0); e=mirvar_mem(mem,1); w=mirvar_mem(mem,2); bigbits(gb,g); start=clock(); lgconv(ex,e); do { power(g,ex,p,w); iterations++; elapsed=(clock()-start)/(double)CLOCKS_PER_SEC; } while (elapsed<MIN_TIME || iterations<MIN_ITERS); elapsed=1000.0*elapsed/iterations; if (ex==257L) printf("V - %8d iterations of %4d/e=F3 ",iterations,gb); if (ex==65537L) printf("V - %8d iterations of %4d/e=F4 ",iterations,gb); if (ex!=257L && ex!=65537L) printf("V - %8d iterations of %4d/e=%2ld ",iterations,gb,ex); printf(" %8.2lf ms per iteration\n",elapsed); memkill(mem,3); return elapsed; }
void primemod(int bits,big p) { do { printf("%d bit prime.....\n",bits); bigbits(bits,p); nxprime(p,p); } while (logb2(p)!=bits); }
int main() { big p,q,dp,dq,m,c,m1; int i,romptr; miracl instance; /* sizeof(miracl)= 2124 bytes from the stack */ #ifndef MR_STATIC miracl *mr_mip=mirsys(&instance,WORDS*8,16); char *mem=memalloc(_MIPP_ ,7); #else miracl *mr_mip=mirsys(&instance,MR_STATIC*8,16); /* size of bigs is fixed */ char mem[MR_BIG_RESERVE(7)]; /* reserve space on the stack for 7 bigs */ memset(mem,0,MR_BIG_RESERVE(7)); /* clear this memory */ #endif /* Initialise bigs */ p=mirvar_mem(_MIPP_ mem,0); q=mirvar_mem(_MIPP_ mem,1); dp=mirvar_mem(_MIPP_ mem,2); dq=mirvar_mem(_MIPP_ mem,3); m=mirvar_mem(_MIPP_ mem,4); c=mirvar_mem(_MIPP_ mem,5); m1=mirvar_mem(_MIPP_ mem,6); romptr=0; init_big_from_rom(p,WORDS,rom,256,&romptr); init_big_from_rom(q,WORDS,rom,256,&romptr); init_big_from_rom(dp,WORDS,rom,256,&romptr); init_big_from_rom(dq,WORDS,rom,256,&romptr); bigbits(_MIPP_ 512,c); /* count clocks, instructions and CPI from here.. */ //for (i=0;i<100000;i++) //{ powmod(_MIPP_ c,dp,p,m); powmod(_MIPP_ c,dq,q,m1); //} /* to here... */ #ifndef MR_NO_STANDARD_IO otnum(_MIPP_ m,stdout); otnum(_MIPP_ m1,stdout); #endif #ifndef MR_STATIC memkill(_MIPP_ mem,7); #else memset(mem,0,MR_BIG_RESERVE(6)); /* clear this stack memory */ #endif mirexit(_MIPPO_ ); /* clears workspace memory */ return 0; }
double mult2_double(int eb,epoint *g) { big e1,e2; int iterations=0; clock_t start; double elapsed; char *mem1; char *mem2; epoint *w; epoint *r1; epoint *r2; mem1=(char *)memalloc(2); mem2=(char *)ecp_memalloc(3); e1=mirvar_mem(mem1,0); e2=mirvar_mem(mem1,1); w=epoint_init_mem(mem2,0); r1=epoint_init_mem(mem2,1); r2=epoint_init_mem(mem2,2); bigbits(eb,e1); ecurve2_mult(e1,g,r1); /* generate a random point on the curve */ bigbits(eb,e2); ecurve2_mult(e2,g,r2); /* generate a random point on the curve */ bigbits(eb,e1); bigbits(eb,e2); start=clock(); do { ecurve2_mult2(e1,r1,e2,r2,w); iterations++; elapsed=(clock()-start)/(double)CLOCKS_PER_SEC; } while (elapsed<MIN_TIME || iterations<MIN_ITERS); elapsed=1000.0*elapsed/iterations; printf("ED - %8d iterations ",iterations); printf(" %8.2lf ms per iteration\n",elapsed); ecp_memkill(mem2,3); memkill(mem1,2); return elapsed; }
double mults2(int eb,epoint *g) { big e; int iterations=0; clock_t start; double elapsed; epoint *w; epoint *r; char *mem1; char *mem2; mem1=(char *)memalloc(1); mem2=(char *)ecp_memalloc(2); e=mirvar_mem(mem1,0); w=epoint_init_mem(mem2,0); r=epoint_init_mem(mem2,1); bigbits(eb,e); ecurve2_mult(e,g,r); /* generate a random point on the curve */ bigbits(eb,e); start=clock(); do { ecurve2_mult(e,r,w); iterations++; elapsed=(clock()-start)/(double)CLOCKS_PER_SEC; } while (elapsed<MIN_TIME || iterations<MIN_ITERS); elapsed=1000.0*elapsed/iterations; printf("ER - %8d iterations ",iterations); printf(" %8.2lf ms per iteration\n",elapsed); memkill(mem1,1); ecp_memkill(mem2,2); return elapsed; }
int main() { FILE *fp; big e,n,g,a; brick binst; int window,nb,bits; miracl *mip=mirsys(100,0); n=mirvar(0); e=mirvar(0); a=mirvar(0); g=mirvar(0); fp=fopen("common.dss","rt"); fscanf(fp,"%d\n",&bits); mip->IOBASE=16; cinnum(n,fp); cinnum(g,fp); cinnum(g,fp); mip->IOBASE=10; printf("modulus is %d bits in length\n",logb2(n)); printf("Enter size of exponent in bits = "); scanf("%d",&nb); getchar(); printf("Enter window size in bits (1-10)= "); scanf("%d",&window); getchar(); if (!brick_init(&binst,g,n,window,nb)) { printf("Failed to initialize\n"); return 0; } printf("%d big numbers have been precomputed and stored\n",(1<<window)); bigbits(nb,e); /* random exponent */ printf("naive method\n"); powmod(g,e,n,a); cotnum(a,stdout); printf("Comb method\n"); pow_brick(&binst,e,a); brick_end(&binst); cotnum(a,stdout); return 0; }
double powers_precomp(int gb,int eb,big p) { int iterations=0; clock_t start; double elapsed; brick binst; big g,e,w; char *mem; mem=(char *)memalloc(3); g=mirvar_mem(mem,0); e=mirvar_mem(mem,1); w=mirvar_mem(mem,2); bigbits(gb,g); brick_init(&binst,g,p,WINDOW,eb); bigbits(eb,e); start=clock(); do { pow_brick(&binst,e,w); iterations++; elapsed=(clock()-start)/(double)CLOCKS_PER_SEC; } while (elapsed<MIN_TIME || iterations<MIN_ITERS); elapsed=1000.0*elapsed/iterations; printf("P - %8d iterations of %4d/%4d ",iterations,gb,eb); printf(" %8.2lf ms per iteration\n",elapsed); brick_end(&binst); memkill(mem,3); return elapsed; }
int main() { FILE *fp; big q,p,p1,h,t,g,low,high; big pool[POOL_SIZE]; BOOL fail; int i,j,p1bits,np; long seed,m,permutation; miracl *mip=mirsys(100,0); q=mirvar(0); p=mirvar(0); h=mirvar(0); t=mirvar(0); g=mirvar(0); p1=mirvar(0); low=mirvar(0); high=mirvar(0); gprime(10000); /* randomise */ printf("Enter 9 digit random number seed = "); scanf("%ld",&seed); getchar(); irand(seed); p1bits=PBITS-QBITS-1; /* find number of primes pa, pb, pc etc., that will be needed */ np=1; while (p1bits/np >= OBITS) np++; np--; /* find the high/low limits for these primes, so that the generated prime p will be exactly PBITS in length */ expb2(p1bits-1,t); nroot(t,np,low); /* np-th integer root */ incr(low,1,low); premult(t,2,t); decr(t,1,t); nroot(t,np,high); subtract(high,low,t); /* raise low limit up to half-way... */ subdiv(t,2,t); subtract(high,t,low); /* generate q */ forever { /* make sure leading two bits of q 11... */ expb2(QBITS,q); bigbits(QBITS-2,t); subtract(q,t,q); nxprime(q,q); if (logb2(q)>QBITS) continue; break; } printf("q= (%d bits)\n",logb2(q)); cotnum(q,stdout); /* generate prime pool from which permutations of np primes will be picked until a Lim-Lee prime is found */ for (i=0;i<POOL_SIZE;i++) { /* generate the primes pa, pb, pc etc.. */ pool[i]=mirvar(0); forever { bigrand(high,p1); if (mr_compare(p1,low)<0) continue; nxprime(p1,p1); if (mr_compare(p1,high)>0) continue; copy(p1,pool[i]); break; } } /* The '1' bits in the permutation indicate which primes are picked from the pool. If np=5, start at 11111, then 101111 etc */ permutation=1L; for (i=0;i<np;i++) permutation<<=1; permutation-=1; /* permuation = 2^np-1 */ /* generate p */ fail=FALSE; forever { convert(1,p1); for (i=j=0,m=1L;j<np;i++,m<<=1) { if (i>=POOL_SIZE) { /* ran out of primes... */ fail=TRUE; break; } if (m&permutation) { multiply(p1,pool[i],p1); j++; } } if (fail) break; printf("."); premult(q,2,p); multiply(p,p1,p); incr(p,1,p); permutation=increment(permutation); if (logb2(p)!=PBITS) continue; if (isprime(p)) break; } if (fail) { printf("\nFailed - very unlikely! - try increasing POOL_SIZE\n"); return 0; } printf("\np= (%d bits)\n",logb2(p)); cotnum(p,stdout); /* finally find g */ do { decr(p,1,t); bigrand(t,h); divide(t,q,t); powmod(h,t,p,g); } while(size(g)==1); printf("g= (%d bits)\n",logb2(g)); cotnum(g,stdout); fp=fopen("common.dss","wt"); fprintf(fp,"%d\n",PBITS); mip->IOBASE=16; cotnum(p,fp); cotnum(q,fp); cotnum(g,fp); fclose(fp); return 0; }
int main() { FILE *fp; big e,n,a,b,x,y,r; epoint *g; ebrick binst; int nb,bits,window,len,bptr,m,i,j; miracl *mip=mirsys(50,0); n=mirvar(0); e=mirvar(0); a=mirvar(0); b=mirvar(0); x=mirvar(0); y=mirvar(0); r=mirvar(0); #ifndef MR_EDWARDS fp=fopen("common.ecs","rt"); #else fp=fopen("edwards.ecs","rt"); #endif fscanf(fp,"%d\n",&bits); mip->IOBASE=16; cinnum(n,fp); cinnum(a,fp); cinnum(b,fp); cinnum(r,fp); cinnum(x,fp); cinnum(y,fp); mip->IOBASE=10; printf("modulus is %d bits in length\n",logb2(n)); printf("Enter max. size of exponent in bits = "); scanf("%d",&nb); getchar(); printf("Enter window size in bits (1-10)= "); scanf("%d",&window); getchar(); ebrick_init(&binst,x,y,a,b,n,window,nb); /* Print out the precomputed table (for use in ecdhp.c ?) In which case make sure that MR_SPECIAL is defined and active in the build of this program, so MR_COMBA must also be defined as the number of words in the modulus * len=MR_ROUNDUP(bits,MIRACL); bptr=0; for (i=0;i<2*(1<<window);i++) { for (j=0;j<len;j++) { printf("0x%x,",binst.table[bptr++]); } printf("\n"); } */ printf("%d elliptic curve points have been precomputed and stored\n",(1<< window)); bigbits(nb,e); /* random exponent */ printf("naive method\n"); ecurve_init(a,b,n,MR_PROJECTIVE); g=epoint_init(); epoint_set(x,y,0,g); ecurve_mult(e,g,g); epoint_get(g,x,y); cotnum(x,stdout); cotnum(y,stdout); printf("Comb method\n"); mul_brick(&binst,e,x,y); ebrick_end(&binst); cotnum(x,stdout); cotnum(y,stdout); return 0; }
int main() { FILE *fp; big p,q,h,g,n,s,t; long seed; miracl *mip=mirsys(100,0); p=mirvar(0); q=mirvar(0); h=mirvar(0); g=mirvar(0); n=mirvar(0); s=mirvar(0); t=mirvar(0); /* randomise */ printf("Enter 9 digit random number seed = "); scanf("%ld",&seed); getchar(); irand(seed); /* generate q */ forever { bigbits(QBITS,q); nxprime(q,q); if (logb2(q)>QBITS) continue; break; } printf("q= "); cotnum(q,stdout); /* generate p */ expb2(PBITS,t); decr(t,1,t); premult(q,2,n); divide(t,n,t); expb2(PBITS-1,s); decr(s,1,s); divide(s,n,s); forever { bigrand(t,p); if (mr_compare(p,s)<=0) continue; premult(p,2,p); multiply(p,q,p); incr(p,1,p); copy(p,n); if (isprime(p)) break; } printf("p= "); cotnum(p,stdout); /* generate g */ do { decr(p,1,t); bigrand(t,h); divide(t,q,t); powmod(h,t,p,g); } while (size(g)==1); printf("g= "); cotnum(g,stdout); fp=fopen("common.dss","wt"); fprintf(fp,"%d\n",PBITS); mip->IOBASE=16; cotnum(p,fp); cotnum(q,fp); cotnum(g,fp); fclose(fp); return 0; }
int main() { int ia,ib,promptr; epoint *PA,*PB; big A,B,a,b,q,pa,pb,key,x,y; ebrick2 binst; miracl instance; /* create miracl workspace on the stack */ /* Specify base 16 here so that HEX can be read in directly without a base-change */ miracl *mip=mirsys(&instance,WORDS*HEXDIGS,16); /* size of bigs is fixed */ char mem_big[MR_BIG_RESERVE(10)]; /* we need 10 bigs... */ char mem_ecp[MR_ECP_RESERVE(2)]; /* ..and two elliptic curve points */ memset(mem_big, 0, MR_BIG_RESERVE(10)); /* clear the memory */ memset(mem_ecp, 0, MR_ECP_RESERVE(2)); A=mirvar_mem(mip, mem_big, 0); /* Initialise big numbers */ B=mirvar_mem(mip, mem_big, 1); pa=mirvar_mem(mip, mem_big, 2); pb=mirvar_mem(mip, mem_big, 3); key=mirvar_mem(mip, mem_big, 4); x=mirvar_mem(mip, mem_big, 5); y=mirvar_mem(mip, mem_big, 6); q=mirvar_mem(mip,mem_big,7); a=mirvar_mem(mip, mem_big, 8); b=mirvar_mem(mip, mem_big, 9); PA=epoint_init_mem(mip, mem_ecp, 0); /* initialise Elliptic Curve points */ PB=epoint_init_mem(mip, mem_ecp, 1); irand(mip, 3L); /* change parameter for different random numbers */ promptr=0; init_big_from_rom(B,WORDS,rom,WORDS*4,&promptr); /* Read in curve parameter B from ROM */ /* don't need q or G(x,y) (we have precomputed table from it) */ init_big_from_rom(q,WORDS,rom,WORDS*4,&promptr); init_big_from_rom(x,WORDS,rom,WORDS*4,&promptr); init_big_from_rom(y,WORDS,rom,WORDS*4,&promptr); convert(mip,1,A); /* set A=1 */ /* Create precomputation instance from precomputed table in ROM */ ebrick2_init(&binst,prom,A,B,CURVE_M,CURVE_A,CURVE_B,CURVE_C,WINDOW,CURVE_M); /* offline calculations */ bigbits(mip,CURVE_M,a); /* A's random number */ ia=mul2_brick(mip,&binst,a,pa,pa); /* a*G =(pa,ya), ia is sign of ya */ bigbits(mip,CURVE_M,b); /* B's random number */ ib=mul2_brick(mip,&binst,b,pb,pb); /* b*G =(pb,yb), ib is sign of yb */ /* online calculations */ ecurve2_init(mip,CURVE_M,CURVE_A,CURVE_B,CURVE_C,A,B,FALSE,MR_PROJECTIVE); epoint2_set(mip,pb,pb,ib,PB); /* decompress PB */ ecurve2_mult(mip,a,PB,PB); epoint2_get(mip,PB,key,key); /* since internal base is HEX, can use otnum instead of cotnum - avoiding a base change */ printf("Alice's Key= "); otnum(mip,key,stdout); epoint2_set(mip,pa,pa,ia,PB); /* decompress PA */ ecurve2_mult(mip,b,PB,PB); epoint2_get(mip,PB,key,key); printf("Bob's Key= "); otnum(mip,key,stdout); /* clear the memory */ memset(mem_big, 0, MR_BIG_RESERVE(10)); memset(mem_ecp, 0, MR_ECP_RESERVE(2)); return 0; }
int main() { #ifdef MR_GENERIC_MT miracl instance; #endif big p,A,B,fr,q,delta,t,T; zzn2 res,Qx,Qy; epoint *P; int i,romptr; #ifndef MR_STATIC #ifdef MR_GENERIC_MT miracl *mr_mip=mirsys(&instance,WORDS*NPW,16); #else miracl *mr_mip=mirsys(WORDS*NPW,16); #endif char *mem=memalloc(_MIPP_ 14); char *mem1=ecp_memalloc(_MIPP_ 1); #else #ifdef MR_GENERIC_MT miracl *mr_mip=mirsys(&instance,MR_STATIC*NPW,16); #else miracl *mr_mip=mirsys(MR_STATIC*NPW,16); #endif char mem[MR_BIG_RESERVE(14)]; /* reserve space on the stack for 14 bigs */ char mem1[MR_ECP_RESERVE(1)]; /* reserve space on stack for 1 curve points */ memset(mem,0,MR_BIG_RESERVE(14)); /* clear this memory */ memset(mem1,0,MR_ECP_RESERVE(1)); #endif p=mirvar_mem(_MIPP_ mem,0); A=mirvar_mem(_MIPP_ mem,1); B=mirvar_mem(_MIPP_ mem,2); T=mirvar_mem(_MIPP_ mem,3); q=mirvar_mem(_MIPP_ mem,4); fr=mirvar_mem(_MIPP_ mem,5); delta=mirvar_mem(_MIPP_ mem,6); res.a=mirvar_mem(_MIPP_ mem,7); res.b=mirvar_mem(_MIPP_ mem,8); t=mirvar_mem(_MIPP_ mem,9); Qx.a=mirvar_mem(_MIPP_ mem,10); Qx.b=mirvar_mem(_MIPP_ mem,11); Qy.a=mirvar_mem(_MIPP_ mem,12); Qy.b=mirvar_mem(_MIPP_ mem,13); P=epoint_init_mem(_MIPP_ mem1,0); convert(_MIPP_ -3,A); romptr=0; init_big_from_rom(p,WORDS,romp,ROMSZ,&romptr); init_big_from_rom(B,WORDS,romp,ROMSZ,&romptr); init_big_from_rom(q,WORDS,romp,ROMSZ,&romptr); init_big_from_rom(delta,WORDS,romp,ROMSZ,&romptr); init_big_from_rom(fr,WORDS,romp,ROMSZ,&romptr); init_big_from_rom(T,WORDS,romp,ROMSZ,&romptr); #ifndef MR_NO_STANDARD_IO printf("ROM size= %d\n",sizeof(romp)+sizeof(Prom)); printf("sizeof(miracl)= %d\n",sizeof(miracl)); #endif ecurve_init(_MIPP_ A,B,p,MR_PROJECTIVE); romptr=0; init_point_from_rom(P,WORDS,Prom,PROMSZ,&romptr); init_big_from_rom(Qx.a,WORDS,Prom,PROMSZ,&romptr); init_big_from_rom(Qx.b,WORDS,Prom,PROMSZ,&romptr); init_big_from_rom(Qy.a,WORDS,Prom,PROMSZ,&romptr); init_big_from_rom(Qy.b,WORDS,Prom,PROMSZ,&romptr); #ifdef MR_COUNT_OPS fpa=fpc=fpx=0; #endif ecap(_MIPP_ &Qx,&Qy,P,T,fr,delta,&res); /* #ifdef MR_COUNT_OPS printf("fpc= %d\n",fpc); printf("fpa= %d\n",fpa); printf("fpx= %d\n",fpx); fpa=fpc=fpx=0; #endif */ bigbits(_MIPP_ 160,t); zzn2_powl(_MIPP_ &res,t,&res); #ifndef MR_NO_STANDARD_IO zzn2_out(_MIPP_ "res= ",&res); #endif ecurve_mult(_MIPP_ t,P,P); ecap(_MIPP_ &Qx,&Qy,P,T,fr,delta,&res); #ifndef MR_NO_STANDARD_IO zzn2_out(_MIPP_ "res= ",&res); #endif #ifndef MR_STATIC memkill(_MIPP_ mem,14); ecp_memkill(_MIPP_ mem1,1); #else memset(mem,0,MR_BIG_RESERVE(14)); /* clear this stack memory */ memset(mem1,0,MR_ECP_RESERVE(1)); #endif return 0; }
JNIEXPORT jobjectArray JNICALL Java_com_sunshuzhou_experiment_1miracl_Verify_computeForServer(JNIEnv *env, jobject instance, jstring ux_, jstring uy_, jstring u1x_, jstring u1y_, jstring wx_, jstring wy_, jstring com1x_, jstring com1y_, jstring N1_, jstring sid_, jstring alpha_, jstring beta_, jstring zeta_) { const char *ux = (*env)->GetStringUTFChars(env, ux_, 0); const char *uy = (*env)->GetStringUTFChars(env, uy_, 0); const char *u1x = (*env)->GetStringUTFChars(env, u1x_, 0); const char *u1y = (*env)->GetStringUTFChars(env, u1y_, 0); const char *wx = (*env)->GetStringUTFChars(env, wx_, 0); const char *wy = (*env)->GetStringUTFChars(env, wy_, 0); const char *com1x = (*env)->GetStringUTFChars(env, com1x_, 0); const char *com1y = (*env)->GetStringUTFChars(env, com1y_, 0); const char *N1 = (*env)->GetStringUTFChars(env, N1_, 0); const char *sid = (*env)->GetStringUTFChars(env, sid_, 0); const char *alpha = (*env)->GetStringUTFChars(env, alpha_, 0); const char *beta = (*env)->GetStringUTFChars(env, beta_, 0); const char *zeta = (*env)->GetStringUTFChars(env, zeta_, 0); big x, y, d, k1, N2, sum, big1; epoint *u, *u1, *w, *com1, *w1, *epoint1, *com, *K; int message_len, i; unsigned char key[300], tag[SHA1_HASH_SIZE], hexdigest[SHA1_HASH_SIZE * 2 + 1], message[1000], tempChars[300]; jclass jclass1 = (*env)->FindClass(env, "java/lang/String"); jobjectArray result; envirment_init(); x = mirvar(0); y = mirvar(0); d = mirvar(0); k1 = mirvar(0); N2 = mirvar(0); sum = mirvar(0); big1 = mirvar(0); u = epoint_init(); u1 = epoint_init(); w = epoint_init(); com1 = epoint_init(); w1 = epoint_init(); epoint1 = epoint_init(); com = epoint_init(); K = epoint_init(); cinstr(x, ux); cinstr(y, uy); epoint_set(x, y, 0, u); cinstr(x, u1x); cinstr(y, u1y); epoint_set(x, y, 0, u1); cinstr(x, wx); cinstr(y, wy); epoint_set(x, y, 0, w); cinstr(x, com1x); cinstr(y, com1y); epoint_set(x, y, 0, com1); irand((long)time(0)); bigrand(ECC_N, d); bigrand(ECC_N, k1); bigbits(80, N2); // sum = alpha + beta + zeta cinstr(big1, alpha); cinstr(sum, beta); add(big1, sum, sum); cinstr(big1, zeta); add(big1, sum, sum); // w1 = k1 * H ecurve_mult(k1, ECC_H, w1); // com = (alpha + beta + zeta) * u + d * H ecurve_mult(sum, u, com); ecurve_mult(d, ECC_H, epoint1); ecurve_add(epoint1, com); // K = d * w + k1 * (com1 - sum * u1) ecurve_mult(d, w, K); ecurve_mult(sum, u1, epoint1); ecurve_sub(epoint1, com1); ecurve_mult(k1, com1, com1); ecurve_add(com1, K); // K.y as key epoint_get(K, x, y); cotstr(y, key); // message: u.y || u1.y || w.y || com1.y || N1 || sid epoint_get(u, x, y); cotstr(y, message); message_len = strlen(message); epoint_get(u1, x, y); cotstr(y, &message[message_len]); message_len = strlen(message); epoint_get(w, x, y); cotstr(y, &message[message_len]); message_len = strlen(message); epoint_get(com1, x, y); cotstr(x, &message[message_len]); message_len = strlen(message); strcpy(&message[message_len], N1); message_len = strlen(message); strcpy(&message[message_len], sid); message_len = strlen(message); hmac_sha1(key, strlen(key), message, message_len, tag, SHA1_HASH_SIZE); for (i = 0; i < SHA1_HASH_SIZE; ++i) { sprintf(&hexdigest[i * 2], "%02x", tag[i]); } hexdigest[40] = '\0'; (*env)->ReleaseStringUTFChars(env, ux_, ux); (*env)->ReleaseStringUTFChars(env, uy_, uy); (*env)->ReleaseStringUTFChars(env, u1x_, u1x); (*env)->ReleaseStringUTFChars(env, u1y_, u1y); (*env)->ReleaseStringUTFChars(env, wx_, wx); (*env)->ReleaseStringUTFChars(env, wy_, wy); (*env)->ReleaseStringUTFChars(env, com1x_, com1x); (*env)->ReleaseStringUTFChars(env, com1y_, com1y); (*env)->ReleaseStringUTFChars(env, N1_, N1); (*env)->ReleaseStringUTFChars(env, sid_, sid); (*env)->ReleaseStringUTFChars(env, alpha_, alpha); (*env)->ReleaseStringUTFChars(env, beta_, beta); (*env)->ReleaseStringUTFChars(env, zeta_, zeta); result = (*env)->NewObjectArray(env, 8, jclass1, (*env)->NewStringUTF(env, "")); epoint_get(w1, x, y); cotstr(x, tempChars); (*env)->SetObjectArrayElement(env, result, 0, (*env)->NewStringUTF(env, tempChars)); cotstr(y, tempChars); (*env)->SetObjectArrayElement(env, result, 1, (*env)->NewStringUTF(env, tempChars)); epoint_get(com, x, y); cotstr(x, tempChars); (*env)->SetObjectArrayElement(env, result, 2, (*env)->NewStringUTF(env, tempChars)); cotstr(y, tempChars); (*env)->SetObjectArrayElement(env, result, 3, (*env)->NewStringUTF(env, tempChars)); cotstr(N2, tempChars); (*env)->SetObjectArrayElement(env, result, 4, (*env)->NewStringUTF(env, tempChars)); (*env)->SetObjectArrayElement(env, result, 5, (*env)->NewStringUTF(env, message)); (*env)->SetObjectArrayElement(env, result, 6, (*env)->NewStringUTF(env, hexdigest)); (*env)->SetObjectArrayElement(env, result, 7, (*env)->NewStringUTF(env, key)); mirkill(x); mirkill(y); mirkill(d); mirkill(k1); mirkill(N2); mirkill(sum); mirkill(big1); return result; }
int main() { int ia,ib; time_t seed; epoint *g,*ea,*eb; big a,b,p,q,n,p1,q1,phi,pa,pb,key,e,d,dp,dq,t,m,c,x,y,k,inv; big primes[2],pm[2]; big_chinese ch; miracl *mip; #ifndef MR_NOFULLWIDTH mip=mirsys(500,0); #else mip=mirsys(500,MAXBASE); #endif a=mirvar(0); b=mirvar(0); p=mirvar(0); q=mirvar(0); n=mirvar(0); p1=mirvar(0); q1=mirvar(0); phi=mirvar(0); pa=mirvar(0); pb=mirvar(0); key=mirvar(0); e=mirvar(0); d=mirvar(0); dp=mirvar(0); dq=mirvar(0); t=mirvar(0); m=mirvar(0); c=mirvar(0); pm[0]=mirvar(0); pm[1]=mirvar(0); x=mirvar(0); y=mirvar(0); k=mirvar(0); inv=mirvar(0); time(&seed); irand((unsigned long)seed); /* change parameter for different values */ printf("First Diffie-Hellman Key exchange .... \n"); cinstr(p,primetext); /* offline calculations could be done quicker using Comb method - See brick.c. Note use of "truncated exponent" of 160 bits - could be output of hash function SHA (see mrshs.c) */ printf("\nAlice's offline calculation\n"); bigbits(160,a); /* 3 generates the sub-group of prime order (p-1)/2 */ powltr(3,a,p,pa); printf("Bob's offline calculation\n"); bigbits(160,b); powltr(3,b,p,pb); printf("Alice calculates Key=\n"); powmod(pb,a,p,key); cotnum(key,stdout); printf("Bob calculates Key=\n"); powmod(pa,b,p,key); cotnum(key,stdout); printf("Alice and Bob's keys should be the same!\n"); /* Now Elliptic Curve version of the above. Curve is y^2=x^3+Ax+B mod p, where A=-3, B and p as above "Primitive root" is the point (x,y) above, which is of large prime order q. In this case actually q=FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831 */ printf("\nLets try that again using elliptic curves .... \n"); convert(-3,a); mip->IOBASE=16; cinstr(b,ecb); cinstr(p,ecp); ecurve_init(a,b,p,MR_BEST); /* Use PROJECTIVE if possible, else AFFINE coordinates */ g=epoint_init(); cinstr(x,ecx); cinstr(y,ecy); mip->IOBASE=10; epoint_set(x,y,0,g); ea=epoint_init(); eb=epoint_init(); epoint_copy(g,ea); epoint_copy(g,eb); printf("Alice's offline calculation\n"); bigbits(160,a); ecurve_mult(a,ea,ea); ia=epoint_get(ea,pa,pa); /* <ia,pa> is compressed form of public key */ printf("Bob's offline calculation\n"); bigbits(160,b); ecurve_mult(b,eb,eb); ib=epoint_get(eb,pb,pb); /* <ib,pb> is compressed form of public key */ printf("Alice calculates Key=\n"); epoint_set(pb,pb,ib,eb); /* decompress eb */ ecurve_mult(a,eb,eb); epoint_get(eb,key,key); cotnum(key,stdout); printf("Bob calculates Key=\n"); epoint_set(pa,pa,ia,ea); /* decompress ea */ ecurve_mult(b,ea,ea); epoint_get(ea,key,key); cotnum(key,stdout); printf("Alice and Bob's keys should be the same! (but much smaller)\n"); epoint_free(g); epoint_free(ea); epoint_free(eb); /* El Gamal's Method */ printf("\nTesting El Gamal's public key method\n"); cinstr(p,primetext); bigbits(160,x); /* x<p */ powltr(3,x,p,y); /* y=3^x mod p*/ decr(p,1,p1); mip->IOBASE=128; cinstr(m,text); mip->IOBASE=10; do { bigbits(160,k); } while (egcd(k,p1,t)!=1); powltr(3,k,p,a); /* a=3^k mod p */ powmod(y,k,p,b); mad(b,m,m,p,p,b); /* b=m*y^k mod p */ printf("Ciphertext= \n"); cotnum(a,stdout); cotnum(b,stdout); zero(m); /* proof of pudding... */ subtract(p1,x,t); powmod(a,t,p,m); mad(m,b,b,p,p,m); /* m=b/a^x mod p */ printf("Plaintext= \n"); mip->IOBASE=128; cotnum(m,stdout); mip->IOBASE=10; /* RSA. Generate primes p & q. Use e=65537, and find d=1/e mod (p-1)(q-1) */ printf("\nNow generating 512-bit random primes p and q\n"); do { bigbits(512,p); if (subdivisible(p,2)) incr(p,1,p); while (!isprime(p)) incr(p,2,p); bigbits(512,q); if (subdivisible(q,2)) incr(q,1,q); while (!isprime(q)) incr(q,2,q); multiply(p,q,n); /* n=p.q */ lgconv(65537L,e); decr(p,1,p1); decr(q,1,q1); multiply(p1,q1,phi); /* phi =(p-1)*(q-1) */ } while (xgcd(e,phi,d,d,t)!=1); cotnum(p,stdout); cotnum(q,stdout); printf("n = p.q = \n"); cotnum(n,stdout); /* set up for chinese remainder thereom */ /* primes[0]=p; primes[1]=q; crt_init(&ch,2,primes); */ /* use simple CRT as only two primes */ xgcd(p,q,inv,inv,inv); /* 1/p mod q */ copy(d,dp); copy(d,dq); divide(dp,p1,p1); /* dp=d mod p-1 */ divide(dq,q1,q1); /* dq=d mod q-1 */ mip->IOBASE=128; cinstr(m,text); mip->IOBASE=10; printf("Encrypting test string\n"); powmod(m,e,n,c); printf("Ciphertext= \n"); cotnum(c,stdout); zero(m); printf("Decrypting test string\n"); powmod(c,dp,p,pm[0]); /* get result mod p */ powmod(c,dq,q,pm[1]); /* get result mod q */ subtract(pm[1],pm[0],pm[1]); /* poor man's CRT */ mad(inv,pm[1],inv,q,q,m); multiply(m,p,m); add(m,pm[0],m); /* crt(&ch,pm,m); combine them using CRT */ printf("Plaintext= \n"); mip->IOBASE=128; cotnum(m,stdout); /* crt_end(&ch); */ return 0; }
int main() { big a2,a6,bx,r; big res[4]; epoint *P,*Q; int i,romptr; miracl instance; /* sizeof(miracl)= 2000 bytes from the stack */ #ifndef MR_STATIC #ifdef MR_GENERIC_MT miracl *mr_mip=mirsys(WORDS*NPW,16); #else miracl *mr_mip=mirsys(WORDS*NPW,16); #endif char *mem=(char *)memalloc(_MIPP_ 8); char *mem1=(char *)ecp_memalloc(_MIPP_ 2); #else #ifdef MR_GENERIC_MT miracl *mr_mip=mirsys(&instance,MR_STATIC*NPW,16); /* size of bigs is fixed */ #else miracl *mr_mip=mirsys(&instance,MR_STATIC*NPW,16); #endif char mem[MR_BIG_RESERVE(8)]; /* reserve space on the stack for 8 bigs */ char mem1[MR_ECP_RESERVE(2)]; /* reserve space on stack for 2 curve points */ memset(mem,0,MR_BIG_RESERVE(8)); /* clear this memory */ memset(mem1,0,MR_ECP_RESERVE(2)); /* ~668 bytes in all */ #endif /* Initialise bigs */ a2=mirvar_mem(_MIPP_ mem,0); a6=mirvar_mem(_MIPP_ mem,1); bx=mirvar_mem(_MIPP_ mem,2); for (i=0;i<4;i++) res[i]=mirvar_mem(_MIPP_ mem,3+i); r=mirvar_mem(_MIPP_ mem,7); /* printf("ROM size= %d\n",sizeof(rom)+sizeof(prom)); */ #ifndef MR_NO_STANDARD_IO #ifdef MR_STATIC printf("n Bigs require n*%d+%d bytes\n",MR_SIZE,MR_SL); printf("n Points require n*%d+%d bytes\n",MR_ESIZE,MR_SL); printf("sizeof(miracl)= %d\n",sizeof(miracl)); #endif #endif /* Initialise Elliptic curve points */ P=epoint_init_mem(_MIPP_ mem1,0); Q=epoint_init_mem(_MIPP_ mem1,1); /* Initialise supersingular curve */ convert(_MIPP_ 1,a2); convert(_MIPP_ B,a6); /* The -M tells MIRACL that this is a supersingular curve */ if (!ecurve2_init(_MIPP_ -M,T,U,V,a2,a6,FALSE,MR_PROJECTIVE)) { #ifndef MR_NO_STANDARD_IO printf("Problem with the curve\n"); #endif return 0; } /* Get P and Q from ROM */ /* These should have been multiplied by the cofactor 487805 = 5*97561 */ /* 487805 is a cofactor of the group order 2^271+2^136+1 */ romptr=0; init_point_from_rom(P,WORDS,rom,ROMSZ,&romptr); init_point_from_rom(Q,WORDS,rom,ROMSZ,&romptr); #ifndef MR_NO_STANDARD_IO printf( "P= \n"); otnum(_MIPP_ P->X,stdout); otnum(_MIPP_ P->Y,stdout); printf( "Q= \n"); otnum(_MIPP_ Q->X,stdout); otnum(_MIPP_ Q->Y,stdout); #endif bigbits(_MIPP_ 160,r); /* Simple bilinearity test */ tate(_MIPP_ P,Q,res); /* this could break the 4k stack, 2060+668+2996 >4K */ /* so we cannot afford much precomputation in power4 */ power4(_MIPP_ res,r,res); /* res=res^{sr} */ #ifndef MR_NO_STANDARD_IO printf( "\ne(P,Q)^r= \n"); for (i=0;i<4;i++) { otnum(_MIPP_ res[i],stdout); zero(res[i]); } #endif ecurve2_mult(_MIPP_ r,Q,Q); /* Q=rQ */ epoint2_norm(_MIPP_ Q); tate(_MIPP_ P,Q,res); /* Now invert is taken out of Tate, and the stack should be OK */ #ifndef MR_NO_STANDARD_IO printf( "\ne(P,rQ)= \n"); for (i=0;i<4;i++) otnum(_MIPP_ res[i],stdout); #endif /* all done */ #ifndef MR_STATIC memkill(_MIPP_ mem,8); ecp_memkill(_MIPP_ mem1,2); #else memset(mem,0,MR_BIG_RESERVE(8)); /* clear this stack memory */ memset(mem1,0,MR_ECP_RESERVE(2)); #endif mirexit(_MIPPO_ ); /* clears workspace memory */ return 0; }
int main() { int promptr; epoint *PB; big A,B,p,a,b,pa,pb,key; ebrick binst; miracl instance; /* create miracl workspace on the stack */ /* Specify base 16 here so that HEX can be read in directly without a base-change */ miracl *mip=mirsys(&instance,WORDS*HEXDIGS,16); /* size of bigs is fixed */ char mem_big[MR_BIG_RESERVE(8)]; /* we need 8 bigs... */ char mem_ecp[MR_ECP_RESERVE(1)]; /* ..and 1 elliptic curve points */ memset(mem_big, 0, MR_BIG_RESERVE(8)); /* clear the memory */ memset(mem_ecp, 0, MR_ECP_RESERVE(1)); A=mirvar_mem(mip, mem_big, 0); /* Initialise big numbers */ B=mirvar_mem(mip, mem_big, 1); pa=mirvar_mem(mip, mem_big, 2); pb=mirvar_mem(mip, mem_big, 3); key=mirvar_mem(mip, mem_big, 4); a=mirvar_mem(mip, mem_big, 5); b=mirvar_mem(mip, mem_big, 6); p=mirvar_mem(mip, mem_big, 7); PB=epoint_init_mem(mip, mem_ecp, 0); /* initialise Elliptic Curve points */ irand(mip, 3L); /* change parameter for different random numbers */ promptr=0; init_big_from_rom(p,WORDS,rom,WORDS*5,&promptr); /* Read in prime modulus p from ROM */ init_big_from_rom(B,WORDS,rom,WORDS*5,&promptr); /* Read in curve parameter B from ROM */ /* don't need q or G(x,y) (we have precomputed table from it) */ convert(mip,-3,A); /* set A=-3 */ /* Create precomputation instance from precomputed table in ROM */ ebrick_init(&binst,prom,A,B,p,WINDOW,CURVE_BITS); /* offline calculations */ bigbits(mip,CURVE_BITS,a); /* A's random number */ mul_brick(mip,&binst,a,pa,pa); /* a*G =(pa,ya) */ bigbits(mip,CURVE_BITS,b); /* B's random number */ mul_brick(mip,&binst,b,pb,pb); /* b*G =(pb,yb) */ /* swap X values of point */ /* online calculations */ ecurve_init(mip,A,B,p,MR_PROJECTIVE); epoint_set(mip,pb,pb,0,PB); /* decompress PB */ ecurve_mult(mip,a,PB,PB); epoint_get(mip,PB,key,key); /* since internal base is HEX, can use otnum instead of cotnum - avoiding a base change */ #ifndef MR_NO_STANDARD_IO printf("Alice's Key= "); otnum(mip,key,stdout); #endif epoint_set(mip,pa,pa,0,PB); /* decompress PA */ ecurve_mult(mip,b,PB,PB); epoint_get(mip,PB,key,key); #ifndef MR_NO_STANDARD_IO printf("Bob's Key= "); otnum(mip,key,stdout); #endif /* clear the memory */ memset(mem_big, 0, MR_BIG_RESERVE(8)); memset(mem_ecp, 0, MR_ECP_RESERVE(1)); return 0; }