### Ideál ###

$R$ gyűrű esetén az $I\subset R$ ideál, ha
- $I+I\subset I$ és
- $IR\subset I$ (bal oldali).

In [ ]:
6*ZZ

In [ ]:
3*ZZ

In [ ]:
I = 6*GF(7); I # test esetén egyszerű
[(e, e in I) for e in GF(7)]

In [ ]:
ZZ.ideal(6,14)


### Maradékgyűrű/faktorgyűrű ###

Ha $I$ (kétoldali) ideál, akkor a faktorgyűrű elemei azok a halmazok, melyek elemeire $(a-b)\in I$ (ekvivalenciareláció $\to$ osztályozása $R$-nek).

In [ ]:
Z6 = ZZ.quotient_ring(6); Z6

In [ ]:
Z6.is_field()

In [ ]:
ZZ.quotient_ring(2).is_field()

### Polinomok ###

$R$ egységelemes kommutatív gyűrű

Ekkor a $f = (f_0, f_1, f_2, \dots)$ $R$ fölötti polinom ($f(x)\in R[x]$), ha $f_i\in R$ és van olyan $n$, amelyre $k>n:f_k = 0$. Az $f$ fokszáma (deg($f$)) $n$ vagy $-\infty$.

In [ ]:
R.<x> = PolynomialRing(ZZ)
R

In [ ]:
#utána dolgozunk benne (a fent megadott x jelöli a határozatlant)
f = x^2 + 1

In [ ]:
g = 7*x^2 - 1

In [ ]:
f*g

In [ ]:
factor(_)

In [ ]:
#Akár ideálokat is létrehozhatunk
I = f * R

In [ ]:
I

In [ ]:
x^3+x in I

In [ ]:
K.<y> = R.quotient_by_principal_ideal(f)

In [ ]:
K

In [ ]:
# Egy másik példa polinomgyűrűre
R.<x> = PolynomialRing(GF(3))
R

In [ ]:
factor(x^2+2)

In [ ]:
K.<t> = R.quotient_ring(x^2-2) # (x^2+1)
K

In [ ]:
K.is_field()

In [ ]:
K.is_finite()

In [ ]:
K2.<t> = GF(9)
K2.multiplication_table(names='elements')

In [ ]:
reset('x')
K.<y> = NumberField(x^2+5)
K

In [ ]:
R = ZZ[y]

In [ ]:
I = (6)* R
I

In [ ]:
I.is_principal()

# Blokk titkosítók #

...

padding!

Módok:
| Mód                        | Rule                                               | CipherText                     |
| -------------------------- | -------------------------------------------------- | ------------------------------ |
| Electronic Codebook (ECB)  | $Y_i=F(PT_i,Key)$                                  | $Y$                            |
| Cipher Block Chaining (CBC)| $Y_i=PT_i \otimes CT_{i-1}$                        | $F(Y,Key); CT_0=IV$            |
| Propagating CBC (PCBC)     | $Y_i=PT_i \otimes(CT_{i-1} \otimes PT_{i-1})$      | $F(Y,Key); CT_0=IV$            |
| Cipher Feedback (CFB)      | $Y_i=CT_{i-1}$                                     | $PT \otimes F(Y,Key); CT_0=IV$ |
| Output Feedback (OFB)      | $Y_i=F(Y_{i-1},Key);Y_0=IV$                        | $PT \otimes Y$                 |
| Counter (CTR)              | $Y_i=F(IV + g(i),Key);IV=token();$                 | $PT \otimes Y$                 |


# Feladatok #

1. Adjuk meg $\mathbb{Z}_6$  és $\mathbb{Z}_7$ szorzótábláját!
1. Adjuk meg $x^5+3x^3+x^2 - 1$ osztóit $\mathbb{Z}, \mathbb{Z}_2, \mathbb{Z}_3$ fölött!
2. Test lesz-e a $\mathbb{Z}_3 /_{< x^2-1>}$ vagy a $\mathbb{Z}_6 /_{< x^2+1>}$?
1. Készítsük el a Shamir féle titokmegosztást megfelelő méretű véges test fölött!
1. Készítsünk blokk titkosítót Vigenere alapján (ECB, CBC, PCBC)! *XOR művelet helyett lehet használni a karakterek összeadását*
1. Chosen PT attack on Vigenere ECB (Visegnere Classic), ha tudom a kulcs méretét és ha nem.
1. Titkosítsunk egy mondatot [Simplified DES](http://doc.sagemath.org/html/en/reference/cryptography/sage/crypto/block_cipher/sdes.html) segítségével!
1. Titkosítsunk egy mondatot [Mini-AES](http://doc.sagemath.org/html/en/reference/cryptography/sage/crypto/block_cipher/miniaes.html) segítségével!
1. Titkosítsunk egy mondatot [PRESENT](http://doc.sagemath.org/html/en/reference/cryptography/sage/crypto/block_cipher/present.html) segítségével!

In [ ]:
print("4.: 3 pont")
print("5.: 2 pont, kivéve ecb")
print("7+8+9: 1 pont")

print("1.:")

In [ ]:
Z6 = ZZ.quotient_ring(6)
Z7 = ZZ.quotient_ring(7)

Z6.multiplication_table(names="elements")
Z7.multiplication_table(names="elements")

Z6.is_field()
Z7.is_field()

print("2.:")

print("3.:")

Z3 = ZZ.quotient_ring(3)
Z6 = ZZ.quotient_ring(6)
D.<x> = PolynomialRing(Z3)
E.<x> = PolynomialRing(Z6)
p1 = x^2+1
p2 = x^2-1
IPD = p1 * D
IPE = p2 * E
D2.<x> = D.quotient_by_principal_ideal(IPD)
E2.<x> = E.quotient_by_principal_ideal(IPE)

D2.is_field()
E2.is_field()

print("4. Shamir:")
import random
DEGREE = 2
SIZE_OF_FIELD = 103
NUMBER_OF_SHARES = 4

class Shamir:

    def __init__(self, size_of_field):
        self.__size_of_field = size_of_field
        self.__poly = 0

    def set_poly(self, poly):
        self.__poly = poly

    def set_size_of_field(self, size_of_field):
        self.__size_of_field = size_of_field

    def generate(self, degree):
        if(degree is None or degree < 0):
            return None
        R.<x> = PolynomialRing(ZZ)
        poly = 0
        coefficients = random.sample(range(100), degree+1)
        for n in coefficients:
            poly += n*x^degree
            degree=degree-1
        self.__poly = poly
        return poly

    def encode(self, sharenumber):
        poly = self.__poly
        degree = self.__poly.degree()
        if(sharenumber < degree+1):
            sharenumber = degree+1
        points_on_x = random.sample(range(100), sharenumber)
        points_on_y = map(lambda x: poly(x), points_on_x)
        points = list(zip(points_on_x, points_on_y))
        return points

    def decode(self, points):
        F = GF(self.__size_of_field)
        R = F['x']
        poly = R.lagrange_polynomial(points)
        return poly

shamir = Shamir(SIZE_OF_FIELD)
p = shamir.generate(DEGREE); p
points = shamir.encode(NUMBER_OF_SHARES); points
p2 = shamir.decode(points); p2
p == p2

print("5. Blokk titkosító:")


bin = BinaryStrings()
print("7. Simplified DES:")
from sage.crypto.block_cipher.sdes import SimplifiedDES
sdes = SimplifiedDES()
binary_sentence = bin.encoding("Encrypt this using S-DES!")
Mod(len(binary_sentence), 8) == 0 #must be a multiple of 8
key = sdes.list_to_string(sdes.random_key())
encrypted_sentence = sdes(binary_sentence, key, algorithm="encrypt")
decrypted_sentence = sdes(encrypted_sentence, key, algorithm="decrypt")
decrypted_sentence == binary_sentence

print("8. Mini-AES:")
from sage.crypto.block_cipher.miniaes import MiniAES
maes = MiniAES()
key = bin.encoding("KE") #must be 16 bit string
binary_sentence = bin.encoding("Encrypt this secret message!") #must be 16 bit or multiple of 16
encrypted_sentence = maes(binary_sentence, key, algorithm="encrypt")
decrypted_sentence = maes(encrypted_sentence, key, algorithm="decrypt")
decrypted_sentence == binary_sentence

print("9. PRESENT:")
from sage.crypto.block_cipher.present import PRESENT
present = PRESENT()
sentence = b'secccret' #must be 64 bit string or multiple of 64
sentence_block = int.from_bytes(sentence, 'big')
key = 0
encrypted_sentence_block = present.encrypt(sentence_block, key)
decrypted_sentence_block = present.decrypt(encrypted_sentence_block, key)
decrypted_sentence = int(decrypted_sentence_block).to_bytes(8, 'big')
sentence == decrypted_sentence