-
Notifications
You must be signed in to change notification settings - Fork 12
/
ecc_param.sage
66 lines (58 loc) · 1.23 KB
/
ecc_param.sage
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
#!/usr/bin/env sage -python
load('cryptosage/prime192v1.sage')
load('cryptosage/digest.sage')
load('cryptosage/mathhelper.sage')
def ecc_curve_gen(p, l):
t = math.ceil(math.log(p, 2))
s = math.floor((t-1)/l)
v = t - s*l
minnum = math.pow(2, l+1)
S = randint(minnum, 2*minnum)
h = digest(S)
mask = math.pow(2, v) - 1
r0 = h & mask
r = r0
for i in range(1, s+1):
si = s + i
ri = digest(si)
r = (r << l) | ri
if r == 0 or (4*r + 27)%p == 0:
print "fail, please retry"
return
a = randint(1, p-1)
b = randint(1, p-1)
while (r*b*b - a*a*a)%p == 0:
a = randint(1, p-1)
b = randint(1, p-1)
return [S, a, b]
def verify_ecc_curve(p, S, a, b, l):
t = math.ceil(math.log(p, 2))
s = math.floor((t-1)/l)
v = t - s*l
h = digest(S)
mask = math.pow(2, v) - 1
r0 = h & mask
r = r0
for i in range(1, s+1):
si = s + i
ri = digest(si)
r = (r << l) | ri
if (r*b*b - a*a*a)%p == 0:
return "Accept"
else:
return "Reject"
def param_gen(q, L):
[S, a, b] = ecc_curve_gen(q, L)
F = GF(q)
E = EllipticCurve(F, [a, b])
N = E.order()
n = prime_gen(L)
for k in (1, 21):
modu = math.pow(q, k) - 1
if n%modu == 0:
print "fail, please retry"
return
h = N / n
PP = E.gens()
P = h * PP
return [q, S, a, b, P, n, h]