In [69]:
import hashlib
import sympy
import os

In [70]:
#This is the message that will be signed.
M = 'This is our message to be encrypted'

#Define the number of bits for prime number size
b = 512

#Define the number of times to try and find your primes.  Generally leave this alone.
tries = 1000

In [71]:
def find_a_prime(b):
    "find a prime p of the given number of bits. this is used to find your primes in find_primes_p_q"
        
    upper_limit = (2**b) - 1
    lower_limit = (2**(b-1))
        
    p = sympy.randprime(lower_limit,upper_limit)
    return p
    
def find_primes_p_q(b, max_tries):
    "given a number of bits, find p and q, such that p is of bit size, p and q are both prime, and p = 2q + 1"
        
    tries = 0
    found = False
        
    while not found:
        q = find_a_prime(b-1)
        p = (2 * q) + 1
            
        if sympy.isprime(p):
            found = True
            break
            
        tries += 1
            
        if tries > max_tries:
            print("maximum tries without finding a p an q")
            return (1, 1)
            
    return (p, q)

In [72]:
(p,q) = find_primes_p_q(b,tries)

In [73]:
def find_generator(p, q):
    "given p and q where p = 2q + 1, start with 2 and find the first generator (generator size does not matter, smallest is best)"

    g = 2
    found = False

    while not found:

        if g == (p - 1):
            break

        if pow(g, q, p) != 1:
            found = True
            return g

        g += 1

In [74]:
a = find_generator(p,q)

In [75]:
s = int.from_bytes(os.urandom(int(b/8)),byteorder='big')
while s > (q-1):
    s = int.from_bytes(os.urandom(int(b/8)),byteorder='big')

In [76]:
def egcd(a, b):
    if a == 0:
        return (b, 0, 1)
    else:
        g, y, x = egcd(b % a, a)
        return (g, x - (b // a) * y, y)

def modinv(a, m):
    g, x, y = egcd(a, m)
    if g != 1:
        raise Exception('modular inverse does not exist')
    else:
        return x % m

In [77]:
pub = pow(modinv(a,p), s, p)

In [78]:
print(a,s,pub,p,q,M)

2 1216188587707199520316861711765930378569762164710693612859272523092204612404751328757529553859695446851295041296704792308112277526067720578632801070846944 6987124333535832028614702793902341658371534061053845400233412381433753756996591697477552367732860705833771258592514463784372989207858987196824130320285761 7645396399921476791100062158812737789924573369691475769875358863807043710369324623569449891417483072481932082305350226702418973092263183027114594738699643 3822698199960738395550031079406368894962286684845737884937679431903521855184662311784724945708741536240966041152675113351209486546131591513557297369349821 This is our message to be encrypted


In [79]:
def signature_generation(M,p,q,a,s):
    #computing e as part of the signature
    r = int.from_bytes(os.urandom(int(b/8)),byteorder='big')
    while r > (q-1):
        r = int.from_bytes(os.urandom(int(b/8)),byteorder='big')

    x = pow(a,r,p)

    hash_string = M + str(x)
    e = hashlib.sha256(hash_string.encode()).hexdigest()

    #computing y as second part of the signature
    y = (r + s*int(e,16)) % q

    return int(e,16),int(y)

In [80]:
(e,y) = signature_generation(M, p, q, a, s)

In [81]:
#Now it's Bob's turn to vaidate the signature
x_prime = (pow(a,y,p) * pow(pub,e,p)) % p

In [82]:
#Confirm that H(M+x_prime) == H(M+x)
hash_string = M + str(x_prime)
verify = hashlib.sha256(hash_string.encode()).hexdigest()
verify = int(verify,16)

In [83]:
if verify == e:
    print('Success! You verified the signature!')
else:
    print('You failed!!')

You failed!!


In [84]:
print(e)

42600583834709031929157495567267450190390729664512655706930513383996705641589


In [85]:
print(verify)

6979969441666574271235414895203923730188745089824397612596298191126354266671
