-
Notifications
You must be signed in to change notification settings - Fork 1
/
Session_1_code.py
72 lines (64 loc) · 1.75 KB
/
Session_1_code.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
from math import floor
from random import random
import numpy as np
from functools import reduce
PRIME = 273389558745553615023177755634264971227
GEN = 191981998178538467192271372964660528157
ROUND_OF_VERIFY = 100
# args: x:secret, g: generator, p: large prime, b: random number
# returns: (y: residue, proof: pf)
def dlogProof(x, g, p):
y = cal_exp(g,x) % p #residue
r_arr = np.array([]) #randoms
for i in range(ROUND_OF_VERIFY):
r_arr = np.append(r_arr, floor(random()*(p-1)))
h = np.array([]) #proof 1
for r in r_arr:
h = np.append(h,cal_exp(g,r) % p)
b = pseudoRandomBits(h,g,p,ROUND_OF_VERIFY)
s = (r_arr + b*x) % (p -1) # proof 3
pf = (h,s)
return (y, pf)
def cal_exp(x,exp):
half = x**(floor(exp/2))
if exp % 2 == 0:
return half*half
else:
return x * half * half
def pseudoRandomBits(h,g,p,ROUND_OF_VERIFY):
seed = np.sum(h)
hash = cal_exp(g,seed) % p
b = np.array([])
for i in range(0,ROUND_OF_VERIFY):
temp = hash & i
bit = 0
if temp > 0:
bit = 1
b = np.append(b, bit)
return b
# Verifier computes A^s(mod p) which should equal hy^b(mod p).
def verify(y,g,p,pf):
(h,s) = pf
b = pseudoRandomBits(h,g,p,ROUND_OF_VERIFY)
lhs = (g**s) % p
rhs = (h*(y**b)) % p
res = reduce(lambda l,r: l and r, lhs == rhs)
return res
def test():
p = 31
g = 3
x = 17
(y,pf) = dlogProof(x,g,p)
res = verify(y,g,p,pf)
print("The proof is: ", res)
res = verify(y-1,g,p,pf)
print("The proof is: ", res)
p = 67
g = 2
x = 10
(y,pf) = dlogProof(x,g,p)
res = verify(y,g,p,pf)
print("The proof is: ", res)
res = verify(y-1,g,p,pf)
print("The proof is: ", res)
test()