From 38a15f79ed2bd7ebeb36cf77f71dd1178276c895 Mon Sep 17 00:00:00 2001 From: sangge <2251250136@qq.com> Date: Wed, 18 Oct 2023 20:51:57 +0800 Subject: [PATCH 1/3] fix: fix some bugs --- src/tpre.py | 18 +++++------------- 1 file changed, 5 insertions(+), 13 deletions(-) diff --git a/src/tpre.py b/src/tpre.py index 2e277df..90bd2b2 100644 --- a/src/tpre.py +++ b/src/tpre.py @@ -174,16 +174,12 @@ def hash4(triple_G: Tuple[point, point, point], Zp: int) -> int: def KDF(G: point) -> int: sm3 = Sm3() # pylint: disable=e0602 - print(G) for i in G: sm3.update(i.to_bytes(32)) digest = sm3.digest() - digest = digest digest = int.from_bytes(digest, "big") % sm2p256v1.P mask_128bit = (1 << 128) - 1 digest = digest & mask_128bit - print("key =", digest) - traceback.print_stack() return digest @@ -208,10 +204,6 @@ def GenerateKeyPair(lamda_parma: int, public_params: tuple) -> Tuple[point, int] return public_key, secret_key -# 生成A和B的公钥和私钥 -# pk_A, sk_A = GenerateKeyPair(0, ()) -# pk_B, sk_B = GenerateKeyPair(0, ()) - def Encrypt(pk: point, m: bytes) -> Tuple[capsule, bytes]: enca = Encapsulate(pk) @@ -235,7 +227,7 @@ def Decapsulate(ska: int, capsule: capsule) -> int: return K -def Decrypt(sk_A: int, C: Tuple[Tuple[point, point, int], bytes]) -> int: +def Decrypt(sk_A: int, C: Tuple[capsule, bytes]) -> bytes: """ params: sk_A: secret key @@ -296,9 +288,11 @@ def GenerateReKey(sk_A: int, pk_B: point, N: int, T: int) -> list: # 计算临时密钥对(x_A, X_A) x_A = random.randint(0, G.P - 1) X_A = multiply(g, x_A) + + pk_A = multiply(g, sk_A) # d是Bob的密钥对与临时密钥对的非交互式Diffie-Hellman密钥交换的结果 - d = hash3((X_A, pk_B, multiply(pk_B, x_A))) + d = hash3((pk_A, pk_B, multiply(pk_B, x_A))) # 计算多项式系数, 确定代理节点的ID(一个点) f_modulus = [] @@ -332,7 +326,7 @@ def Encapsulate(pk_A: point) -> Tuple[int, capsule]: E = multiply(g, r) V = multiply(g, u) s = u + r * hash2((E, V)) - s = s % sm2p256v1.P + #s = s % sm2p256v1.P pk_A_ru = multiply(pk_A, r + u) K = KDF(pk_A_ru) capsule = (E, V, s) @@ -359,8 +353,6 @@ def ReEncapsulate(kFrag: list, capsule: capsule) -> Tuple[point, point, int, poi E, V, s = capsule if not Checkcapsule(capsule): raise ValueError("Invalid capsule") - flag = Checkcapsule(capsule) - assert flag == True # 断言,判断胶囊capsule的有效性 E1 = multiply(E, rk) V1 = multiply(V, rk) cfrag = E1, V1, id, Xa From 1e23dd6a3aa12eca8eff59f2459ae8a0aafd639a Mon Sep 17 00:00:00 2001 From: sangge <2251250136@qq.com> Date: Thu, 19 Oct 2023 08:14:18 +0800 Subject: [PATCH 2/3] feat: update git ignore --- .gitignore | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.gitignore b/.gitignore index 80d5f5f..1e6c292 100644 --- a/.gitignore +++ b/.gitignore @@ -6,3 +6,5 @@ test.py example.py ReEncrypt.py +src/temp_message_file +src/temp_key_file From ff4579d9bcac824b82e3c953488e5b85b69c78a7 Mon Sep 17 00:00:00 2001 From: sangge <2251250136@qq.com> Date: Thu, 19 Oct 2023 10:42:33 +0800 Subject: [PATCH 3/3] fix: fix all bugs --- src/tpre.py | 51 +++++++++++++++++++++++---------------------------- 1 file changed, 23 insertions(+), 28 deletions(-) diff --git a/src/tpre.py b/src/tpre.py index 90bd2b2..989cae7 100644 --- a/src/tpre.py +++ b/src/tpre.py @@ -138,7 +138,7 @@ def jacobianMultiply( # 生成元 -U = multiply(g, random.randint(0, sm2p256v1.P)) +U = multiply(g, random.randint(0, sm2p256v1.N - 1)) def hash2(double_G: Tuple[point, point]) -> int: @@ -147,7 +147,7 @@ def hash2(double_G: Tuple[point, point]) -> int: for j in i: sm3.update(j.to_bytes(32)) digest = sm3.digest() - digest = int.from_bytes(digest, "big") % sm2p256v1.P + digest = int.from_bytes(digest, "big") % sm2p256v1.N return digest @@ -157,7 +157,7 @@ def hash3(triple_G: Tuple[point, point, point]) -> int: for j in i: sm3.update(j.to_bytes(32)) digest = sm3.digest() - digest = int.from_bytes(digest, "big") % sm2p256v1.P + digest = int.from_bytes(digest, "big") % sm2p256v1.N return digest @@ -168,7 +168,7 @@ def hash4(triple_G: Tuple[point, point, point], Zp: int) -> int: sm3.update(j.to_bytes(32)) sm3.update(Zp.to_bytes(32)) digest = sm3.digest() - digest = int.from_bytes(digest, "big") % sm2p256v1.P + digest = int.from_bytes(digest, "big") % sm2p256v1.N return digest @@ -177,18 +177,14 @@ def KDF(G: point) -> int: for i in G: sm3.update(i.to_bytes(32)) digest = sm3.digest() - digest = int.from_bytes(digest, "big") % sm2p256v1.P + digest = int.from_bytes(digest, "big") % sm2p256v1.N mask_128bit = (1 << 128) - 1 digest = digest & mask_128bit return digest -def GenerateKeyPair(lamda_parma: int, public_params: tuple) -> Tuple[point, int]: +def GenerateKeyPair() -> Tuple[point, int]: """ - params: - lamda_param: an init safety param - public_params: curve params - return: public_key, secret_key """ @@ -248,7 +244,7 @@ def hash5(id: int, D: int) -> int: sm3.update(id.to_bytes(32)) sm3.update(D.to_bytes(32)) hash = sm3.digest() - hash = int.from_bytes(hash, "big") % G.P + hash = int.from_bytes(hash, "big") % G.N return hash @@ -258,7 +254,7 @@ def hash6(triple_G: Tuple[point, point, point]) -> int: for j in i: sm3.update(j.to_bytes(32)) hash = sm3.digest() - hash = int.from_bytes(hash, "big") % G.P + hash = int.from_bytes(hash, "big") % G.N return hash @@ -274,7 +270,7 @@ def f(x: int, f_modulus: list, T: int) -> int: res = 0 for i in range(T): res += f_modulus[i] * pow(x, i) - res = res % sm2p256v1.P + res = res % sm2p256v1.N return res @@ -286,30 +282,30 @@ def GenerateReKey(sk_A: int, pk_B: point, N: int, T: int) -> list: rki(0 <= i <= N-1) """ # 计算临时密钥对(x_A, X_A) - x_A = random.randint(0, G.P - 1) + x_A = random.randint(0, sm2p256v1.N - 1) X_A = multiply(g, x_A) pk_A = multiply(g, sk_A) # d是Bob的密钥对与临时密钥对的非交互式Diffie-Hellman密钥交换的结果 - d = hash3((pk_A, pk_B, multiply(pk_B, x_A))) + d = hash3((X_A, pk_B, multiply(pk_B, x_A))) # 计算多项式系数, 确定代理节点的ID(一个点) f_modulus = [] # 计算f0 - f0 = (sk_A * inv(d, G.P)) % G.P + #f0 = (sk_A * inv(d, G.P)) % G.P + f0 = (sk_A * inv(d, sm2p256v1.N)) % sm2p256v1.N f_modulus.append(f0) # 计算fi(1 <= i <= T - 1) for i in range(1, T): - f_modulus.append(random.randint(0, G.P - 1)) + f_modulus.append(random.randint(0, sm2p256v1.N - 1)) # 计算D - D = hash6((X_A, pk_B, multiply(pk_B, sk_A))) - + D = hash6((pk_A, pk_B, multiply(pk_B, sk_A))) # 计算KF KF = [] for i in range(N): - y = random.randint(0, G.P - 1) + y = random.randint(0, sm2p256v1.N - 1) Y = multiply(g, y) s_x = hash5(i, D) # id需要设置 r_k = f(s_x, f_modulus, T) @@ -321,12 +317,11 @@ def GenerateReKey(sk_A: int, pk_B: point, N: int, T: int) -> list: def Encapsulate(pk_A: point) -> Tuple[int, capsule]: - r = random.randint(0, G.P - 1) - u = random.randint(0, G.P - 1) + r = random.randint(0, sm2p256v1.N - 1) + u = random.randint(0, sm2p256v1.N - 1) E = multiply(g, r) V = multiply(g, u) - s = u + r * hash2((E, V)) - #s = s % sm2p256v1.P + s = (u + r * hash2((E, V))) % sm2p256v1.N pk_A_ru = multiply(pk_A, r + u) K = KDF(pk_A_ru) capsule = (E, V, s) @@ -411,12 +406,12 @@ def DecapsulateFrags(sk_B: int, pk_B: point, pk_A: point, cFrags: list) -> int: bis = [] # b ==> λ bi = 1 for i in range(len(cFrags)): + bi = 1 for j in range(len(cFrags)): if j != i: - # bi = bi * (Sx[j] // (Sx[j] - Sx[i])) # 暂定整除 - Sxj_sub_Sxi = (Sx[j] - Sx[i]) % sm2p256v1.P - Sxj_sub_Sxi_inv = inv(Sxj_sub_Sxi, sm2p256v1.P) - bi = (bi * Sx[j] * Sxj_sub_Sxi_inv) % sm2p256v1.P + Sxj_sub_Sxi = (Sx[j] - Sx[i]) % sm2p256v1.N + Sxj_sub_Sxi_inv = inv(Sxj_sub_Sxi, sm2p256v1.N) + bi = (bi * Sx[j] * Sxj_sub_Sxi_inv) % sm2p256v1.N bis.append(bi) E2 = multiply(Elist[0], bis[0]) # E^ 便于计算