In [103]:
import random

In [104]:
# Biyeccion entre letras y numeros
def f(c):
    cad = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
    return f"{cad.index(c.upper()):02}"

# A partir de una cadena devuelve un array de enteros que codifica la cadena
def F(s):
    return [int(f(c)) for c in s]

def f_inv(n):
    cad = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
    return cad[n]

# A partir de una lista de enteros devuelve la cadena codificada por la lista
def F_inv(l):
    return ''.join([f_inv(n) for n in l])


## Criptosistema afín

### Funciones

In [105]:
class Afin:
    '''
    TODO: 
    - Meter funciones de cifrar y descifrar
    - Guardar la clave y generar la de descifrado automáticamente
    '''
    
    def e(self, K,x):
        a, b, n = K
        return (a*x + b) % n

    def E(self, K, m):
        result = []
        m_number = [ int(f(c)) for c in m ]
        
        for c in m_number:
            result.append(self.e(K, c))
            
        return ''.join([ f_inv(c) for c in result ]) 

### Clave de cifrado

In [106]:
n, a, b = 26, 347, 32780
K = (a, b, n)

In [107]:
afin = Afin()

### Cifrado

In [108]:
m = "BONITOMENSAJE"
m_cifrado = afin.E(K, m)
print("Mensaje cifrado: %s" % m_cifrado)

Mensaje cifrado: DQHOJQYEHAUXE


### Clave de descifrado

In [109]:
a_d = inverse_mod(a,n)
b_d = (-a_d*b) % n

K_d = (a_d, b_d, n)

### Descifrado

In [110]:
m_d = afin.E(K_d, m_cifrado)
print("Mensaje descifrado: %s" % m_d)

Mensaje descifrado: BONITOMENSAJE


## Cifrado de Vigenère

### Funciones

In [111]:
class Vigenere: 
    '''
    TODO: 
    - Meter funciones de cifrar y descifrar
    - Guardar la clave y generar la de descifrado automáticamente
    '''
    
    def __init__(self):
        self.n = 26    # Longitud del alfabeto
    
    
    def yuxtaposicion(self, K, s):
        K_aux = ''.join(K)
        
        while len(K_aux) < len(s):
            K_aux += K
            
        return K_aux[:len(s)]

    
    def e(self, s_j, K_len_s_j):
        return f_inv( (int(f(s_j))+int(f(K_len_s_j))) % self.n )
    

    def E(self, K, s):
        K_len_s = self.yuxtaposicion(K, s)
        
        return ''.join([
            self.e(s_j,K_j) for s_j, K_j in zip(s,K_len_s)
        ])


### Clave de cifrado

In [112]:
K = 'BUENASTARDES'

In [113]:
vigenere = Vigenere()

### Cifrado

In [114]:
m = 'HOLAATODOELMUNDOQUIEROCIFRARESTEMENSAJE'
m_cifrado = vigenere.E(K,m)
m_cifrado

'IIPNALHDFHPEVHHBQMBEIRGAGLEEEKMEDHRKBDI'

### Clave de descifrado

In [115]:
K_d = ''.join([f_inv(-int(f(k)) % n) for k in K])
K_d

'ZGWNAIHAJXWI'

### Descifrado

In [116]:
m_d = vigenere.E(K_d, m_cifrado)
m_d

'HOLAATODOELMUNDOQUIEROCIFRARESTEMENSAJE'

## Cifrado de Hill

### Funciones

In [117]:
class Hill: 
    '''
    TODO: 
    - Meter funciones de cifrar y descifrar
    - Guardar la clave y generar la de descifrado automáticamente
    '''
    
    def __init__(self):
        self.n = 26 # Longitud del alfabeto

        
    def amplia(self, s):
        if(len(s) % m != 0):
            veces = -len(s) % m
            s += ''.join(['W' for i in range(veces)])
            
        return s

    
    def E(self, m, T, s):
        s = self.amplia(s)
        
        blocks  = [s[m*i : m*(i+1)] for i in range(len(s)//m)]
        
        blocks_n = [ vector([int(f(c)) for c in block]) for block in blocks ]
        
        blocks_cipher = [ T*block for block in blocks_n ]
        blocks_cipher = [ [f_inv(k) for k in block] for block in blocks_cipher ]
        
        s_cipher = ''.join([''.join(block) for block in blocks_cipher])
        
        return s_cipher

### Clave de cifrado

In [118]:
m = 5
T = matrix(Integers(n), m,
          [
               3, 24, 12,  1,  2,
               5,  3, 10, 22, 21,
              36,  1,  2,  5,  6,
              19, 18, 17, 16,  1,
               7,  6, 12,  0,  1
          ])

### Cifrado

In [119]:
hill = Hill()

s = 'COMOESTANUSTEDES'
s_cipher = hill.E(m, T, s)
print("Mensaje cifrado: %s" % s_cipher)

Mensaje cifrado: OSWUMRVUCAXZMYGCWUEY


### Clave de descifrado

In [120]:
T_d = T**(-1)

### Descifrado

In [121]:
s_d = hill.E(m, T_d, s_cipher)
s_d

'COMOESTANUSTEDESWWWW'

---

## Cosas de Polinomios que no recuerdo

In [15]:
K = PolynomialRing(GF(2), 'x')
m = K(x**5+x**2+1)
a = K(x**2+1)
b = K(x+1)

In [16]:
def div(a,b):
    return a//b, a%b

In [17]:
div(a,b)

(x + 1, 0)

In [18]:
div(K(2*x**2+2),K(4*x+3))

(0, 0)

In [19]:
div(K(3*x+4),K(3))

(x, 0)

In [20]:
xgcd(m,a)

(1, x, x^4 + x^2 + x + 1)

In [21]:
xgcd(5,17)

(1, 7, -2)

In [22]:
35%14

7

In [23]:
(5-590)%85

10

## AES

In [13]:
R = PolynomialRing(GF(2), 'x').quotient('x^8 + x^4 + x^3 + x + 1', 'x')
R

Univariate Quotient Polynomial Ring in x over Finite Field of size 2 with modulus x^8 + x^4 + x^3 + x + 1

### Transformaciones entre las distintas formas de representar un byte

In [5]:
def bin_to_hex(binary):
    return hex(int(binary,2))[2:].zfill(2)

def hex_to_bin(hexadecimal):
    return bin(int(hexadecimal, 16))[2:].zfill(8)

def bin_to_pol(binary):
    binary_list_int = [int(c) for c in binary[::-1]]
    return R(binary_list_int)

def pol_to_bin(pol):
    return ''.join([str(c) for c in pol.list()[::-1]])

def pol_to_hex(pol):
    return bin_to_hex(pol_to_bin(pol))

def hex_to_pol(hexadecimal):
    return bin_to_pol(hex_to_bin(hexadecimal))

In [42]:
binary = '00110010'
bin_to_hex(binary), bin_to_pol(binary), hex_to_bin(bin_to_hex(binary)), pol_to_bin(bin_to_pol(binary))

('32', x^5 + x^4 + x, '00110010', '00110010')

In [43]:
pol = R(x**5+x**3+x**2)
pol_to_bin(pol), pol_to_hex(pol), bin_to_pol(pol_to_bin(pol)), hex_to_pol(pol_to_hex(pol))

('00101100', '2c', x^5 + x^3 + x^2, x^5 + x^3 + x^2)

In [44]:
hexadecimal = 'D0'
hex_to_bin(hexadecimal), hex_to_pol(hexadecimal), bin_to_hex(hex_to_bin(hexadecimal)), pol_to_hex(hex_to_pol(hexadecimal))

('11010000', x^7 + x^6 + x^4, 'd0', 'd0')

In [45]:
print(hex_to_bin(pol_to_hex(bin_to_pol(binary))))
print(pol_to_hex(bin_to_pol(hex_to_bin(hexadecimal))))
print(hex_to_pol(bin_to_hex(pol_to_bin(pol))))

00110010
d0
x^5 + x^3 + x^2


### `SubBytes()`

In [50]:
n = R(x^6+x^4+x+1)
n_inv = R(n**(-1))
n_inv

x^7 + x^6 + x^3 + x

In [51]:
n_bin = pol_to_bin(n_inv)
n_bin

'11001010'

In [71]:
def s_box_transform(xy):
    byte_pol = hex_to_pol(xy)
    if(xy != '00'):    
        byte_pol_inv = R(byte_pol**(-1))
        byte_pol_inv_bin = pol_to_bin(byte_pol_inv)
        b = vector(Integers(2), [int(c) for c in byte_pol_inv_bin[::-1]])
    else:
        b = vector(Integers(2), [0,0,0,0,0,0,0,0])
    M = matrix(Integers(2),8,[
        1,0,0,0,1,1,1,1,
        1,1,0,0,0,1,1,1,
        1,1,1,0,0,0,1,1,
        1,1,1,1,0,0,0,1,
        1,1,1,1,1,0,0,0,
        0,1,1,1,1,1,0,0,
        0,0,1,1,1,1,1,0,
        0,0,0,1,1,1,1,1,
    ])
    c = vector(Integers(2), [1,1,0,0,0,1,1,0])
    res = M*b + c
    res_bin_list = list(res[::-1])
    res_bin = ''.join([str(c) for c in res_bin_list])
    return bin_to_hex(res_bin)

s_box_transform('53')

'ed'

### S-Box

In [73]:
hex_digits = [hex(i)[2:] for i in range(16)]
s_box = []
for x in hex_digits:
    row = []
    for y in hex_digits:
        row.append(s_box_transform(x+y))
    s_box.append(row)
    
for row in s_box:
    print(row)

['63', '7c', '77', '7b', 'f2', '6b', '6f', 'c5', '30', '01', '67', '2b', 'fe', 'd7', 'ab', '76']
['ca', '82', 'c9', '7d', 'fa', '59', '47', 'f0', 'ad', 'd4', 'a2', 'af', '9c', 'a4', '72', 'c0']
['b7', 'fd', '93', '26', '36', '3f', 'f7', 'cc', '34', 'a5', 'e5', 'f1', '71', 'd8', '31', '15']
['04', 'c7', '23', 'c3', '18', '96', '05', '9a', '07', '12', '80', 'e2', 'eb', '27', 'b2', '75']
['09', '83', '2c', '1a', '1b', '6e', '5a', 'a0', '52', '3b', 'd6', 'b3', '29', 'e3', '2f', '84']
['53', 'd1', '00', 'ed', '20', 'fc', 'b1', '5b', '6a', 'cb', 'be', '39', '4a', '4c', '58', 'cf']
['d0', 'ef', 'aa', 'fb', '43', '4d', '33', '85', '45', 'f9', '02', '7f', '50', '3c', '9f', 'a8']
['51', 'a3', '40', '8f', '92', '9d', '38', 'f5', 'bc', 'b6', 'da', '21', '10', 'ff', 'f3', 'd2']
['cd', '0c', '13', 'ec', '5f', '97', '44', '17', 'c4', 'a7', '7e', '3d', '64', '5d', '19', '73']
['60', '81', '4f', 'dc', '22', '2a', '90', '88', '46', 'ee', 'b8', '14', 'de', '5e', '0b', 'db']
['e0', '32', '3a', '0a', '49',

### `MixColumns`

In [27]:
K.<y> = PolynomialRing(R)
state = [K.random_element(degree=3) for i in range(4)]
state

[(x^7 + x^6 + x^5 + x^4 + 1)*y^3 + (x^7 + x^3 + x^2 + x + 1)*y^2 + (x^7 + x^6 + x^3 + x + 1)*y + x^7 + x^6 + x^4 + x^2 + 1,
 (x^7 + x^4)*y^3 + (x^7 + x^6 + x^4 + x^2 + 1)*y^2 + (x^7 + x)*y + x^7 + x^6 + x^5 + x^3,
 (x^7 + x^5 + x^3)*y^3 + (x^7 + x^5 + x^4 + x^3 + x^2)*y^2 + (x^7 + x^3 + 1)*y + x^7 + x^5 + x^3 + x^2 + x + 1,
 (x^7 + x^6 + x^3 + x + 1)*y^3 + x^7*y^2 + (x^7 + x^3)*y + x^7 + x^5 + x^4 + x^3 + x^2 + 1]

In [28]:
def MixColumns(state):
    a = K((hex_to_pol('03'))*y^3 + (hex_to_pol('01'))*y^2 + hex_to_pol('01')*y + hex_to_pol('02'))
    res = []
    for s in state:
        res.append(a*s % K(y**4+1))
    return res

In [29]:
MixColumns(state)

[(x^7 + x^6 + x^4 + x^3 + 1)*y^3 + (x^4 + x + 1)*y^2 + (x^5 + x + 1)*y + x^7 + x^3 + 1,
 (x^6 + x^3 + x^2 + x + 1)*y^3 + (x^6 + x^5 + x^4)*y^2 + (x + 1)*y + x^4 + x + 1,
 (x^7 + x^4 + x^2)*y^3 + (x^7 + x^5 + x^2 + x)*y^2 + (x^7 + x^6 + x^4 + 1)*y + x^7 + x^6 + x^4 + 1,
 (x^6 + x^4 + x^3 + 1)*y^3 + (x^6 + x^5 + x^3)*y^2 + (x^7 + x^6 + x^5 + x^2 + x)*y + x^7 + x^5 + x^3 + 1]

## RSA

### Funciones

In [None]:
def E(m, e, n):
    return m**e % n

def D(y, d, n):
    return y**d % n


### Claves de cifrado y descifrado

In [16]:
p = 1597
q = 1087
e = 187

n = p * q
phi_n = euler_phi(n)
d = inverse_mod(e,phi_n)

### Cifrado

In [26]:
M = [170415, 110804, 62004, 1101, 111402, 1400]

In [20]:
M_cifrado = [E(m,e,n) for m in M]
M_cifrado

[1442861, 82626, 690931, 1489385, 363461, 62317]

### Descifrado

In [21]:
M_descifrado = [D(y, d, n) for y in M_cifrado]
M_descifrado

[170415, 110804, 62004, 1101, 111402, 1400]

In [22]:
M == M_descifrado

True

## Diffie-Hellman

In [4]:
n = 83
g = 2
# A
x = 59
# B
y = 41

# A calcula X
X = g**x % n
# B calcula Y
Y = g**y % n

print("X = %d, Y = %d" % (X,Y))

# B envía Y a A y este calcula k
k = Y**x % n
# A envía X a B y este calcula k'
k_ = X**y % n

print("Llave privada: %d, ¿coindiden las llaves? %r" % (k, k==k_))



X = 53, Y = 82
Llave privada: 82, ¿coindiden las llaves? True


## El Gamal

### Funciones

In [47]:
def cifrado_El_Gamal(m, p, g, y, k):
    return (g**k % p, m*(y**k) % p)

def descifrado_El_Gamal(res, p, a):
    r = res[0]**(p-a-1) % p
    return res[1]*r % p

### Claves

In [83]:
# Clave privada
a = 21702

# Clave pública
p = p = (10**11).next_prime()
K = GF(p)
g = K(2)
y = K(g**a)

### Cifrado

In [85]:
# Eleccion de k
k = 281
assert(k >= 2 and k<= p-1 and gcd(k,p-1) == 1)

# Mensaje
mensaje = 'start'
m = int(''.join([f(c) for c in mensaje]))
print("Mensaje sin cifrar: %d" % m)

# Cifrado
res = cifrado_El_Gamal(m, p, g, y, k) # p, g, y claves publicas y k elegido por nosotros
print("Resultado del cifrado: (%d,%d)" % res)

Mensaje sin cifrar: 1819001719
Resultado del cifrado: (89947923179,2714338462)


### Descifrado

In [86]:
m_d = descifrado_El_Gamal(res, p, a)
print("Mensaje descifrado: %d" % m_d)

Mensaje descifrado: 1819001719


In [87]:
m_d_split = [int(str(m_d)[2*i:2*i+2]) for i in range(len(str(m_d))/2) ]
mensaje_descifrado = F_inv(m_d_split)
mensaje_descifrado

'START'

## Firma digital estándar

In [149]:
q = (2**10).next_prime() # 1031
p = 2063
assert(p % q == 1)
g_0 = 396
assert( g_0**((p-1)/q) % p != 1)
g = g_0**((p-1)/q) % p
# Llave secreta
x = 639
# Llave pública
y = g**x % p

In [150]:
h = 534
k = 97
r = (g**k % p) % q
k_inv = inverse_mod(k,q)
s = (k_inv*(h+x*r)) % q
(r,s)

(653, 247)

In [151]:
w = inverse_mod(s,q)
u_1 = h*w % q
u_2 = r*w % q
v = ((g**u_1)*(y**u_2) % p) % q
v

437

## Shamir

### Parámetros

In [18]:
# Secreto
s = 1132
# Número de participantes
n = 10
# Umbral de participantes para recuperar el secreto
t = 7

p = 1499

assert(p.is_prime() and p > s and p > n)
Zp = GF(p)


A = [1096, 904, 474, 885, 590, 1033]
X = [927, 779, 432, 1069, 740, 1445, 1111, 464, 44, 938]
assert(len(A) == t-1 and len(X) == n)

### Generación de claves privadas

In [21]:
def Shamir(X,A):
    K.<x> = PolynomialRing(Zp)
    p = K(A)*x + s
    Y = [p(x) for x in X]
    return [ (x,y) for x, y in zip(X,Y) ]


### Recuperación del secreto

In [17]:
claves_privadas = Shamir(X,A)
participes = claves_privadas[:7] # 7 primeros participes
q = K.lagrange_polynomial(participes)
q(0)

1132

## Massey-Omura

In [None]:
q = (2**20).next_prime() # 1048583
K = GF(q)

### Claves privadas

In [None]:
eA = 279
dA = inverse_mod(eA, q-1)
eB = 439
dB = inverse_mod(eB, q-1)

### Envío de mensajes

In [None]:
# Mensaje
m = 123456
# A envia a B
m_cipher = K(m**eA)
# B envia a A
s = K(m_cipher**eB)
# A vuelve a enviar a B
r = K(s**dA)
# B obtiene el mensaje cifrado
m_d = K(r**dB)
m_d

123456