#Key Generation steps

Choose a L-bit prime p, such that it satifies the following

512 <= L <= 1024

64 divides L

p-1 has a 160-bit prime factor, eg. q.

Choose a g that belongs to group Zp* such that order of g is q.

Choose a number uniformly at random from set {2,3,...,q-1}.

Compute h = g^a mod p. (using square and multiply)

Verification Key = (p,q,g,h)

Signing key = a

#Signing process The input to this algorithm is a message-file F, verification key and signing key. The output is the signature on file in signature.txt.

Choose a random element r in 1 <= r <= q-1
Compute C1 = ( g^r mod p) mod q. (using square and multiply)
Compute C2 = (int(SHA1(F)) + aC1)r^-1 mod q. (r^-1 using extended Euclidean algorithm)
If C1=0 or C2=0, a new random value of r should be chosen and C1, C2 to be recomputed.
Output (C1, C2) as signature on the file F.
#Verification process The input to this algorithm is a message-signature pair (F, (C1, C2)) and the VerKey (p, q, g, h).

Compute t1 = int(SHA1(F))C2^-1 mod q. (C2^-1 using extended Euclidean algorithm)
Compute t1 = C1C2^-1 mod q.
if (g^t1 * h^t2 mod p) mod q = C1 then output "valid signature" else output "invalid signature".
python version : 3.4.3

In [None]:
import rsa

# Implementing helper methods to generate private and public keys


def generateKeys():
    (publicKey, privateKey) = rsa.newkeys(1024)
    with open('pub.pem', 'wb') as p:
        p.write(publicKey.save_pkcs1('PEM'))
    with open('priv.pem', 'wb') as p:
        p.write(privateKey.save_pkcs1('PEM'))

# Implementing method to load the keys


def loadKeys():
    with open('pub.pem', 'rb') as p:
        publicKey = rsa.PublicKey.load_pkcs1(p.read())
    with open('priv.pem', 'rb') as p:
        privateKey = rsa.PrivateKey.load_pkcs1(p.read())
    return privateKey, publicKey

# Implementing the encryption method


def encrypt(message, key):
    return rsa.encrypt(message.encode('ascii'), key)

# Implementing the decryption method


def decrypt(ciphertext, key):
    try:
        return rsa.decrypt(ciphertext, key).decode('ascii')
    except:
        return False


def sign(message, key):
    return rsa.sign(message.encode('ascii'), key, 'SHA-1')


def verify(message, signature, key):
    try:
        return rsa.verify(message.encode('ascii'), signature, key) == 'SHA-1'
    except:
        return False


generateKeys()
privateKey, publicKey = loadKeys()

message = input('Write your message here: ')
ciphertext = encrypt(message, publicKey)

signature = sign(message, privateKey)

text = decrypt(ciphertext, privateKey)

print('\n')

print(f'Cipher Text: {ciphertext}')

print('\n')

print(f'Signature: {signature}')

print('\n')

if text:
    print(f'Message Text: {text}')
else:
    print(f'Unable to decrpyt the message.')

print('\n')

if verify(text, signature, publicKey):
    print('Successfully verified signature')
else:
    print('The message signature could not be verified')


Write your message here: hi


Cipher Text: b'6o\x9cH\xdc\xc0\xca\xbf)\xe6\xa6\x86\x94Y\xfb\xea\x0f\xad=t_\xff\xa8r7\xed)\x85\xd4#\xca\x8cD8?\x83\xc1W\xb0\xc7\xfeqa\r\x18i\x19uFj\xcb\x83\xc4\xb4\x19\x9dXr9B\xeb\x16\xb8u\xab\x8d\xe22|\xad~a\x90\xe66\xea\xec\x19\x14h=\x9a\x95c\xda\x03P\xd2\xaf\xa6\x03]\xb3\xdd\x0c\x8aw\x9a\xc5j\xb6Eup\xf1\xba]^\x8d\x15\x8c\xd4\xc9Z\xbc+\x0f\x85Z\xf0\xddX\xa1B\xc9 \xdf\xcc'


Signature: b'p>ce\xd5\xb1yK\x94\xd7\x82\xb6\x00\x94M\x04\nu\xcc{.<A\xb8^\xa2K\xca\n\x9d\xf2\xb9\x02fr\x1a.V9\xd2\x83\xa2\x9e\xe5\x87\xc3\xf8\xc8,\xbc\xd4K-\xa85\xdc\x8c,\x80\xa9BxQ\xabn3EM\x00\x16\xd7\xc3K\xb0n\xac\x87\xd3J\x81\x83\xe5v\xd3\xe5\x15\\xo\xaf\xc9\x0f\xdelS\x89\x88F)\xb4c\x1d\xe3\xd4\xe5\xb2\xd5R\x88\xbd\xca.\xd4\x82\xf5J\x92V]\xfa\xdd\xef\xe3KL\xb1\xf7\x83'


Message Text: hi


Successfully verified signature
