<a href="https://colab.research.google.com/github/Mohbajry-77/RSA_Homorphic_Lap1-Sarah-Bajry/blob/main/DigitalSignature_Lab3__%3CSarah_Bajry_9.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

In [11]:
! pip install ecdsa
# =============================================================================
# Digital Signature System using ECDSA
# Seiyun University - Department of Information Security
# Special Topics in Information Security - Lab Assignment 03
#Name:Sara Bajry
# =============================================================================

# Import necessary libraries
import hashlib
import ecdsa
from ecdsa import SigningKey, VerifyingKey, SECP256k1
import binascii

def main():
    print("=" * 60)
    print("Seiyun University - Department of Information Security")
    print("Digital Signature System using ECDSA")
    print("=" * 60)

    # Step 1: Generate ECDSA key pair
    print("\n1. GENERATING ECDSA KEY PAIR")
    print("-" * 40)

    # Generate private key
    private_key = SigningKey.generate(curve=SECP256k1)
    print("Private Key generated successfully")

    # Generate public key from private key
    public_key = private_key.get_verifying_key()
    print("Public Key generated successfully")

    # Display keys in hexadecimal format
    private_key_hex = private_key.to_string().hex()
    public_key_hex = public_key.to_string().hex()

    print(f"Private Key (hex): {private_key_hex[:50]}...")
    print(f"Public Key (hex): {public_key_hex[:50]}...")

    # Step 2: Define transaction message
    print("\n2. TRANSACTION MESSAGE")
    print("-" * 40)

    transaction_message = "Ahmed pays 100 coins to Ali"
    print(f"Transaction Message: {transaction_message}")

    # Step 3: Hash the message using SHA-256
    print("\n3. HASHING THE MESSAGE")
    print("-" * 40)

    # Convert message to bytes and hash
    message_bytes = transaction_message.encode('utf-8')
    message_hash = hashlib.sha256(message_bytes).digest()
    message_hash_hex = message_hash.hex()

    print(f"Message in bytes: {message_bytes}")
    print(f"SHA-256 Hash: {message_hash_hex}")

    # Step 4: Sign the hash using private key
    print("\n4. SIGNING THE HASH")
    print("-" * 40)

    # Sign the hash with ECDSA
    signature = private_key.sign(message_hash)
    signature_hex = signature.hex()

    print(f"Signature generated successfully")
    print(f"Signature (hex): {signature_hex[:50]}...")

    # Step 5: Verify the signature using public key
    print("\n5. VERIFYING THE SIGNATURE")
    print("-" * 40)

    try:
        # Verify the signature
        is_verified = public_key.verify(signature, message_hash)
        print(f"Signature Verified: {is_verified}")

        if is_verified:
            print("✓ SUCCESS: Signature is valid! Transaction authenticated.")
        else:
            print("✗ FAILED: Signature is invalid! Transaction rejected.")

    except ecdsa.BadSignatureError:
        print("✗ FAILED: Signature is invalid! Transaction rejected.")
        is_verified = False

    # Step 6: Demonstrate tampering detection
    print("\n6. TAMPERING DETECTION DEMONSTRATION")
    print("-" * 40)

    # Create a tampered message
    tampered_message = "Ahmed pays 500 coins to Ali"  # Changed amount
    tampered_bytes = tampered_message.encode('utf-8')
    tampered_hash = hashlib.sha256(tampered_bytes).digest()

    print(f"Original Message: {transaction_message}")
    print(f"Tampered Message: {tampered_message}")

    try:
        # Try to verify original signature with tampered hash
        public_key.verify(signature, tampered_hash)
        print("Tampered message verification: True (UNEXPECTED)")
    except ecdsa.BadSignatureError:
        print("Tampered message verification: False (EXPECTED - Security working)")

    # Step 7: Summary of results
    print("\n7. FINAL RESULTS SUMMARY")
    print("-" * 40)
    print(f"Transaction Message: {transaction_message}")
    print(f"SHA-256 Hash: {message_hash_hex}")
    print(f"Signature: {signature_hex[:50]}...")
    print(f"Signature Verified: {is_verified}")

    print("\n" + "=" * 60)
    print("Lab Assignment Completed Successfully!")
    print("=" * 60)

# Run the main function
if __name__ == "__main__":
    main()

# Additional demonstration functions
def demonstrate_key_operations():
    """Demonstrate key operations and formats"""
    print("\n\nADDITIONAL KEY INFORMATION")
    print("-" * 40)

    # Generate new keys for demonstration
    priv_key = SigningKey.generate(curve=SECP256k1)
    pub_key = priv_key.get_verifying_key()

    print("Private Key Operations:")
    print(f" - Can sign messages: Yes")
    print(f" - Must be kept secret: Yes")

    print("\nPublic Key Operations:")
    print(f" - Can verify signatures: Yes")
    print(f" - Can be shared publicly: Yes")

    # Show different key formats
    print(f"\nPrivate Key (DER format): {priv_key.to_der().hex()[:50]}...")
    print(f"Public Key (DER format): {pub_key.to_der().hex()[:50]}...")
    print(f"Public Key (PEM format): {pub_key.to_pem().decode('utf-8')[:50]}...")

# Run additional demonstrations
demonstrate_key_operations()

Seiyun University - Department of Information Security
Digital Signature System using ECDSA

1. GENERATING ECDSA KEY PAIR
----------------------------------------
Private Key generated successfully
Public Key generated successfully
Private Key (hex): 09fd6d98c86732c924561bd379af8554602eaa36c3f5391694...
Public Key (hex): 6ba151261e6d0588aeb2eae947b878e9de8a5f79fef88b374e...

2. TRANSACTION MESSAGE
----------------------------------------
Transaction Message: Ahmed pays 100 coins to Ali

3. HASHING THE MESSAGE
----------------------------------------
Message in bytes: b'Ahmed pays 100 coins to Ali'
SHA-256 Hash: 3f290af40555abd9fdf58239d8eac3b8e5df5c07f36951285df7e4356496d7be

4. SIGNING THE HASH
----------------------------------------
Signature generated successfully
Signature (hex): 22ff4283d04541442e1b2172e74523c1de615df949f0b405b8...

5. VERIFYING THE SIGNATURE
----------------------------------------
Signature Verified: True
✓ SUCCESS: Signature is valid! Transaction authenticated