-
Notifications
You must be signed in to change notification settings - Fork 1
/
PoC.cpp
82 lines (65 loc) · 1.89 KB
/
PoC.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
#include <iostream>
#include <vector>
// Simulated Lindell17 protocol implementation
class Lindell17Protocol {
public:
// Simulated ECDSA constant
static const int q = 256;
// Simulated server's secret share
int x2;
Lindell17Protocol(int secretShare) : x2(secretShare) {}
// Simulated signature process
bool sign(int msg, int r) {
// Simulate abort mechanism
if (rand() % 10 < 2) {
std::cout << "Signature failed due to abort.\n";
return false;
}
int k1 = 2;
int rho = (r % 2 == 0) ? r + q : r;
int C = hash(msg) + r * x2 * (inverse(k1, q) % q) + rho * x2 * (inverse(k1, q) % q);
// Simulate signature validation
return validateSignature(C);
}
// Simulated hash function
int hash(int input) {
return input % q;
}
// Simulated inverse calculation
int inverse(int num, int mod) {
for (int i = 1; i < mod; ++i) {
if ((num * i) % mod == 1) {
return i;
}
}
return 1;
}
// Simulated signature validation
bool validateSignature(int C) {
return rand() % 2 == 0;
}
};
int main() {
srand(time(0));
// Simulated server's secret share
int secretShare = rand() % Lindell17Protocol::q;
Lindell17Protocol attacker(secretShare);
// Simulate extracting each bit of the secret share
std::vector<int> extractedBits;
for (int i = 0; i < 256; ++i) {
int msg = rand(); // Simulated message
int r = rand(); // Simulated public nonce
if (attacker.sign(msg, r)) {
extractedBits.push_back(0);
} else {
extractedBits.push_back(1);
}
}
// Print the extracted bits
std::cout << "Extracted bits: ";
for (int bit : extractedBits) {
std::cout << bit;
}
std::cout << std::endl;
return 0;
}