コード例 #1
0
ファイル: identity.c プロジェクト: aritradhar/OTExtension 
void pollard(big id,big dl)
{
    int i;
    long iter;
    big_chinese bc;
    big w,Q,R,m,n,q;
    char stack_mem[mr_big_reserve(6,50)];
    memset(stack_mem,0,mr_big_reserve(6,50));

    w=mirvar_mem(stack_mem,0);
    Q=mirvar_mem(stack_mem,1);
    R=mirvar_mem(stack_mem,2);
    m=mirvar_mem(stack_mem,3);
    n=mirvar_mem(stack_mem,4);
    q=mirvar_mem(stack_mem,5);

    copy(id,q);
    crt_init(&bc,np,pp);
    for (i=0;i<np;i++)
    { /* accumulate solutions for each pp */
        copy(p1,w);
        divide(w,pp[i],w);
        powmod(q,w,p,Q);
        powltr(PROOT,w,p,R);
        copy(pp[i],order);
        iter=rho(Q,R,m,n);
        xgcd(m,order,w,w,w);

        mad(w,n,n,order,order,rem[i]);
        printf("%9ld iterations needed\n",iter);
    }
    crt(&bc,rem,dl);  /* apply chinese remainder thereom */
    crt_end(&bc);
}
コード例 #2
0
ファイル: bmark.c プロジェクト: BingyZhang/CommutEnc 
double powers_small_base(int g,int eb,big p)
{
    int iterations=0;
    big e,w;
    clock_t start;
    double elapsed;
    char *mem;

    mem=(char *)memalloc(2);

    e=mirvar_mem(mem,0);
    w=mirvar_mem(mem,1);
    bigbits(eb,e);
    start=clock();

    do {
        powltr(g,e,p,w);
        iterations++;
        elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
    } while (elapsed<MIN_TIME || iterations<MIN_ITERS);

    elapsed=1000.0*elapsed/iterations;
    printf("S - %8d iterations of  g=%d/%4d ",iterations,g,eb);
    printf(" %8.2lf ms per iteration\n",elapsed);

    memkill(mem,2);
    return elapsed;
}
コード例 #3
0
ファイル: genprime.c プロジェクト: J0s3f/FiSH-irssi 
int main()
{ /* program to find a trap-door prime */
    BOOL found;
    int i,spins;
    long seed;
    big pp[NPRIMES],q,p,t;
    FILE *fp;
    mirsys(50,0);
    for (i=0;i<NPRIMES;i++) pp[i]=mirvar(0);
    q=mirvar(0);
    t=mirvar(0);
    p=mirvar(0);
    printf("Enter 9 digit seed= ");
    scanf("%ld",&seed);
    getchar();
    irand(seed);
    printf("Enter 4 digit seed= ");
    scanf("%d",&spins);
    getchar();
    for (i=0;i<spins;i++) brand();
    convert(2,pp[0]);
    do
    {  /* find prime p = 2.pp[1].pp[2]....+1 */
        convert(2,p);
        for (i=1;i<NPRIMES-1;i++)
        { /* generate all but last prime */
            bigdig(i+6,10,q);
            nxprime(q,pp[i]);
            multiply(p,pp[i],p);
        }
        do
        { /* find last prime component such that p is prime */
            nxprime(q,q);
            copy(q,pp[NPRIMES-1]);
            multiply(p,pp[NPRIMES-1],t);
            incr(t,1,t);
        } while(!isprime(t));
        copy(t,p);
        found=TRUE;
        for (i=0;i<NPRIMES;i++)
        { /* check that PROOT is a primitive root */
            decr(p,1,q);
            divide(q,pp[i],q);
            powltr(PROOT,q,p,t);
            if (size(t)==1) 
            {
                found=FALSE;
                break;
            }
        }
    } while (!found);
    fp=fopen("prime.dat","wt");
    fprintf(fp,"%d\n",NPRIMES);
    for (i=0;i<NPRIMES;i++) cotnum(pp[i],fp);
    fclose(fp);
    printf("prime= \n");
    cotnum(p,stdout);
    return 0;
}
コード例 #4
0
ファイル: IDENTITY.C プロジェクト: flomar/CrypTool-VS2015 
void pollard(big id,big dl)
{
    int i;
    long iter;
    big w,Q,R,m,n,q;
    big_chinese bc;
    w=mirvar(0);
    Q=mirvar(0);
    R=mirvar(0);
    m=mirvar(0);
    n=mirvar(0);
    q=mirvar(0);
    
    copy(id,q);
    crt_init(&bc,np,pp);
    for (i=0;i<np;i++)
    { /* accumulate solutions for each pp */
        copy(p1,w);
        divide(w,pp[i],w);
        powmod(q,w,p,Q);
        powltr(PROOT,w,p,R);
        copy(pp[i],order);
        iter=rho(Q,R,m,n);
        xgcd(m,order,w,w,w);
        mad(w,n,n,order,order,rem[i]);
        printf("%9ld iterations needed\n",iter);
    }
    crt(&bc,rem,dl);  /* apply chinese remainder thereom */
    crt_end(&bc);
    mirkill(q);
    mirkill(n);
    mirkill(m);
    mirkill(R);
    mirkill(Q);
    mirkill(w);
}
コード例 #5
0
ファイル: IDENTITY.C プロジェクト: flomar/CrypTool-VS2015 
int main()
{
    int i;
    FILE *fp;
    big K,rid,id,w,a,b,n,q1;
    miracl *mip=mirsys(200,256);
    for (i=0;i<NPRIMES;i++)
    {
        pp[i]=mirvar(0);
        rem[i]=mirvar(0);
    }
    w=mirvar(0);
    n=mirvar(0);
    a=mirvar(0);
    b=mirvar(0);
    p=mirvar(0);
    p1=mirvar(0);     
    q1=mirvar(0);
    K=mirvar(0);
    lim1=mirvar(0);
    lim2=mirvar(0);
    id=mirvar(0);
    rid=mirvar(0);
    order=mirvar(0);

    printf("Enter ID= ");
    innum(rid,stdin);
    getprime("trap1.dat");
    copy(p,n);
    getprime("trap2.dat");
   
    multiply(n,p,n);
    printf("\ncomposite =\n");
    cotnum(n,stdout);

    premult(rid,256,id);   
    while (jack(id,n)!=1)
    { /* bad identity - id=256*rid+i */
        printf("No Discrete Log. for this ID -- incrementing\n");
        incr(id,1,id);
    }

    getprime("trap1.dat");
    copy(p1,q1);
    pollard(id,b);
    getprime("trap2.dat");
    pollard(id,a);

    xgcd(p1,q1,K,K,K); 
    subtract(b,a,w);
    mad(w,K,w,q1,q1,w);
    if(size(w)<0) add_r(w,q1,w);
    subdiv(w,2,w);
    multiply(w,p1,w);
    add_r(w,a,w);

    fp=fopen("secret.dat","w");
    otnum(rid,fp);
    cotnum(w,fp);
    cotnum(n,fp);
    fclose(fp);
    printf("\nDiscrete log (secret key) \n");
    cotnum(w,stdout);
    powltr(PROOT,w,n,id);
    subdiv(id,256,id);
    otstr(id,mip->IOBUFF);
    printf("Check Identity= %s\n",mip->IOBUFF);
    return 0;
}
コード例 #6
0
ファイル: pk-demo.c プロジェクト: asgene/sm2 
int main()
{
    int ia,ib;
    time_t seed;
    epoint *g,*ea,*eb;
    big a,b,p,q,n,p1,q1,phi,pa,pb,key,e,d,dp,dq,t,m,c,x,y,k,inv;
    big primes[2],pm[2];
    big_chinese ch;
    miracl *mip;
#ifndef MR_NOFULLWIDTH   
    mip=mirsys(500,0);
#else
    mip=mirsys(500,MAXBASE);
#endif
    a=mirvar(0);
    b=mirvar(0);
    p=mirvar(0);
    q=mirvar(0);
    n=mirvar(0);
    p1=mirvar(0);
    q1=mirvar(0);
    phi=mirvar(0);
    pa=mirvar(0);
    pb=mirvar(0);
    key=mirvar(0);
    e=mirvar(0);
    d=mirvar(0);
    dp=mirvar(0);
    dq=mirvar(0);
    t=mirvar(0);
    m=mirvar(0);
    c=mirvar(0);
    pm[0]=mirvar(0);
    pm[1]=mirvar(0);
    x=mirvar(0);
    y=mirvar(0);
    k=mirvar(0);
    inv=mirvar(0);

    time(&seed);
    irand((unsigned long)seed);   /* change parameter for different values */

    printf("First Diffie-Hellman Key exchange .... \n");

    cinstr(p,primetext);

/* offline calculations could be done quicker using Comb method
   - See brick.c. Note use of "truncated exponent" of 160 bits -  
   could be output of hash function SHA (see mrshs.c)               */

    printf("\nAlice's offline calculation\n");        
    bigbits(160,a);

/* 3 generates the sub-group of prime order (p-1)/2 */

    powltr(3,a,p,pa);

    printf("Bob's offline calculation\n");        
    bigbits(160,b);
    powltr(3,b,p,pb);

    printf("Alice calculates Key=\n");
    powmod(pb,a,p,key);
    cotnum(key,stdout);

    printf("Bob calculates Key=\n");
    powmod(pa,b,p,key);
    cotnum(key,stdout);

    printf("Alice and Bob's keys should be the same!\n");

/* 
   Now Elliptic Curve version of the above.
   Curve is y^2=x^3+Ax+B mod p, where A=-3, B and p as above 
   "Primitive root" is the point (x,y) above, which is of large prime order q. 
   In this case actually
   q=FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831 
 
*/

    printf("\nLets try that again using elliptic curves .... \n");
    convert(-3,a);
    mip->IOBASE=16;
    cinstr(b,ecb);
    cinstr(p,ecp);      
    ecurve_init(a,b,p,MR_BEST);  /* Use PROJECTIVE if possible, else AFFINE coordinates */

    g=epoint_init();
    cinstr(x,ecx);
    cinstr(y,ecy);
    mip->IOBASE=10;
    epoint_set(x,y,0,g);
    ea=epoint_init();
    eb=epoint_init();
    epoint_copy(g,ea);
    epoint_copy(g,eb);

    printf("Alice's offline calculation\n");        
    bigbits(160,a);
    ecurve_mult(a,ea,ea);
    ia=epoint_get(ea,pa,pa); /* <ia,pa> is compressed form of public key */

    printf("Bob's offline calculation\n");        
    bigbits(160,b);
    ecurve_mult(b,eb,eb);
    ib=epoint_get(eb,pb,pb); /* <ib,pb> is compressed form of public key */

    printf("Alice calculates Key=\n");
    epoint_set(pb,pb,ib,eb); /* decompress eb */
    ecurve_mult(a,eb,eb);
    epoint_get(eb,key,key);
    cotnum(key,stdout);

    printf("Bob calculates Key=\n");
    epoint_set(pa,pa,ia,ea); /* decompress ea */
    ecurve_mult(b,ea,ea);
    epoint_get(ea,key,key);
    cotnum(key,stdout);

    printf("Alice and Bob's keys should be the same! (but much smaller)\n");

    epoint_free(g);
    epoint_free(ea);
    epoint_free(eb);

/* El Gamal's Method */

    printf("\nTesting El Gamal's public key method\n");
    cinstr(p,primetext);
    bigbits(160,x);    /* x<p */
    powltr(3,x,p,y);    /* y=3^x mod p*/
    decr(p,1,p1);

    mip->IOBASE=128;
    cinstr(m,text);

    mip->IOBASE=10;
    do 
    {
        bigbits(160,k);
    } while (egcd(k,p1,t)!=1);
    powltr(3,k,p,a);   /* a=3^k mod p */
    powmod(y,k,p,b);
    mad(b,m,m,p,p,b);  /* b=m*y^k mod p */
    printf("Ciphertext= \n");
    cotnum(a,stdout);
    cotnum(b,stdout);

    zero(m);           /* proof of pudding... */
  
    subtract(p1,x,t);
    powmod(a,t,p,m);
    mad(m,b,b,p,p,m);  /* m=b/a^x mod p */

    printf("Plaintext= \n");
    mip->IOBASE=128;
    cotnum(m,stdout);
    mip->IOBASE=10;

/* RSA. Generate primes p & q. Use e=65537, and find d=1/e mod (p-1)(q-1) */

    printf("\nNow generating 512-bit random primes p and q\n");
    do 
    {
        bigbits(512,p);
        if (subdivisible(p,2)) incr(p,1,p);
        while (!isprime(p)) incr(p,2,p);

        bigbits(512,q);
        if (subdivisible(q,2)) incr(q,1,q);
        while (!isprime(q)) incr(q,2,q);

        multiply(p,q,n);      /* n=p.q */

        lgconv(65537L,e);
        decr(p,1,p1);
        decr(q,1,q1);
        multiply(p1,q1,phi);  /* phi =(p-1)*(q-1) */
    } while (xgcd(e,phi,d,d,t)!=1);

    cotnum(p,stdout);
    cotnum(q,stdout);
    printf("n = p.q = \n");
    cotnum(n,stdout);

/* set up for chinese remainder thereom */
/*    primes[0]=p;
      primes[1]=q;
      crt_init(&ch,2,primes);
*/

/* use simple CRT as only two primes */

    xgcd(p,q,inv,inv,inv);   /* 1/p mod q */

    copy(d,dp);
    copy(d,dq);
    divide(dp,p1,p1);   /* dp=d mod p-1 */
    divide(dq,q1,q1);   /* dq=d mod q-1 */
    mip->IOBASE=128;
    cinstr(m,text);
    mip->IOBASE=10;
    printf("Encrypting test string\n");
    powmod(m,e,n,c);
    printf("Ciphertext= \n");
    cotnum(c,stdout);

    zero(m);

    printf("Decrypting test string\n");

    powmod(c,dp,p,pm[0]);    /* get result mod p */
    powmod(c,dq,q,pm[1]);    /* get result mod q */

    subtract(pm[1],pm[0],pm[1]);  /* poor man's CRT */
    mad(inv,pm[1],inv,q,q,m);
    multiply(m,p,m);
    add(m,pm[0],m);

/*    crt(&ch,pm,m);            combine them using CRT */

    printf("Plaintext= \n");
    mip->IOBASE=128;
    cotnum(m,stdout);
/*    crt_end(&ch);  */
    return 0;
}
コード例 #7
0
ファイル: DH1080.c プロジェクト: J0s3f/FiSH-irssi 
// Input:  priv_key = buffer of 200 bytes
//         pub_key  = buffer of 200 bytes
// Output: priv_key = Your private key
//         pub_key  = Your public key
int DH1080_gen(char *priv_key, char *pub_key)
{
	unsigned char raw_buf[160], iniHash[33];
	unsigned long seed;
	int len, iRet;

	big b_privkey, b_pubkey;
	csprng myRNG;

	FILE *hRnd;

	priv_key[0]='0';
	priv_key[1]='\0';
	pub_key[0]='0';
	pub_key[1]='\0';
	hRnd = fopen("/dev/urandom", "r");	// don't use /dev/random, it's a blocking device
	if(!hRnd) return 0;

	b_privkey=mirvar(0);
	b_pubkey=mirvar(0);

	// #*#*#*#*#* RNG START #*#*#*#*#*
	time((time_t *)&seed);

	seed ^= (long)hRnd << 16;
	if(fread(raw_buf, 1, sizeof(raw_buf), hRnd) < 32)
	{
		ZeroMemory(raw_buf, sizeof(raw_buf));
		fclose(hRnd);
		mirkill(b_privkey);
		mirkill(b_pubkey);

		return 0;
	}
	fclose(hRnd);

	sha_file(iniPath, iniHash);
	memXOR(raw_buf+128, iniHash, 32);
	sha_file((unsigned char *)get_irssi_config(), iniHash);
	memXOR(raw_buf+128, iniHash, 32);
	ZeroMemory(iniHash, sizeof(iniHash));
	// first 128 byte in raw_buf: output from /dev/urandom
	// last 32 byte in raw_buf: SHA-256 digest from blow.ini and irssi.conf

	seed *= (unsigned long)mip;
	strong_init(&myRNG, sizeof(raw_buf), raw_buf, (unsigned int)seed);
	strong_rng(&myRNG);
	strong_bigdig(&myRNG, 1080, 2, b_privkey);
	strong_kill(&myRNG);
	seed=0;
	// #*#*#*#*#* RNG END #*#*#*#*#*

	powltr(2, b_privkey, b_prime1080, b_pubkey);

	if(DH_verifyPubKey(b_pubkey))
	{
		len=big_to_bytes(sizeof(raw_buf), b_privkey, raw_buf, FALSE);
		htob64(raw_buf, priv_key, len);

		len=big_to_bytes(sizeof(raw_buf), b_pubkey, raw_buf, FALSE);
		htob64(raw_buf, pub_key, len);

		iRet=1;
	}
	else iRet=0;

	ZeroMemory(raw_buf, sizeof(raw_buf));

	mirkill(b_privkey);
	mirkill(b_pubkey);

	return iRet;
}
コード例 #8
0
ファイル: kangaroo.c プロジェクト: asgene/sm2 
int main()
{ /* Pollard's lambda algorithm for finding discrete logs  *
   * which are known to be less than a certain limit LIMIT */
    big x,n,t,trap,table[32];
    int i,j,m;
    long dm,dn,s,distance[32];
    miracl *mip=mirsys(50,0);
    x=mirvar(0);
    n=mirvar(0);
    t=mirvar(0);
    trap=mirvar(0);
    for (s=1L,m=1;;m++)
    { /* find table size */
        distance[m-1]=s;
        s*=2;     
        if ((2*s/m)>(LEAPS/4)) break;
    }
    mip->IOBASE=60;    /* get large modulus */
    cinstr(n,modulus);
    mip->IOBASE=10;
    printf("solve discrete logarithm problem - using Pollard's kangaroos\n");
    printf("finds x in y=%d^x mod n, given y, for fixed n and small x\n",ALPHA);
    printf("known to be less than %ld\n",LIMIT);
    printf("n= ");
    cotnum(n,stdout);
    for (i=0;i<m;i++) 
    { /* create table */
        lgconv(distance[i],t);
        table[i]=mirvar(0);
        powltr(ALPHA,t,n,table[i]);
    }       
    lgconv(LIMIT,t);
    powltr(ALPHA,t,n,x);
    printf("setting trap .... \n");
    for (dn=0L,j=0;j<LEAPS;j++)
    { /* set traps beyond LIMIT using tame kangaroo */
        i=subdiv(x,m,t);    /* random function */
        mad(x,table[i],x,n,n,x);
        dn+=distance[i];
    }
    printf("trap set!\n");
    copy(x,trap);
    forever
    { /* ready to solve */
        printf("Enter x= ");
        cinnum(x,stdin);
        if (size(x)<=0) break;
        powltr(ALPHA,x,n,t);
        printf("y= ");
        cotnum(t,stdout);
        copy(t,x);
        for (dm=0L;;)
        { /* unlease wild kangaroo - boing - boing ... */
            i=subdiv(x,m,t);
            mad(x,table[i],x,n,n,x);
            dm+=distance[i];
            if (compare(x,trap)==0 || dm>LIMIT+dn) break;
        }
        if (dm>LIMIT+dn)
        { /* trap stepped over */
            printf("trap failed\n");
            continue;
        }
        printf("Gotcha!\n");
        printf("Discrete log of y= %ld\n",LIMIT+dn-dm);
    }
    return 0;
}