In [1]:
from package.sphincs import Sphincs

### Instantiate a $SPHINCS^+$ Object and Setting parameters ###

We will be using :
   - Security Parameter: $n=1$
   - Winternitz Parameter: $w=16$
   - Hypertree Height: $h=4$
   - Hypertree Layers: $d=2$
   - $FORS$ Trees Number: $k=4$
   - $FORS$ Trees Height: $a=2$

In [2]:
sphincs = Sphincs()

sphincs.set_n(1)
sphincs.set_h(4)
sphincs.set_d(2)
sphincs.set_k(4)
sphincs.set_a(2)

### Generating a Key Pair ###

In [3]:
sk, pk = sphincs.generate_key_pair()
print("Secret Key: ", sk)
print()
print("Public Key: ", pk)

Secret Key:  b'\xc9\x82\xbc\xa2'

Public Key:  b'\xbc\xa2'


### Signing M ###

In [4]:
m = b'Ripples of paradox spread out across the sea of causality.'

signature = sphincs.sign(m, sk)

print("Signature Size: ", len(signature))

25


In [6]:
print("Is signature Correct ? ", sphincs.verify(signature, m, pk))

Is signature Correct ?  True


### Trying to find secret key with a Brute Force Attack on Secret Key###

In [8]:
sk_crack = bytes()

for i in range(0, 2 ** (sphincs._n * 8)):
    sk_crack = i.to_bytes(sphincs._n, 'big')  # Secret Key
    
    sk_crack += bytes(sphincs._n)   # Random Secret PRF, important to prevent forged messages from actual messages
                                    # But Because we are brute forcing Secret Key, messages are forged before
    sk_crack += pk  # Public Key
    
    sig_crack = sphincs.sign(m, sk_crack)  # Creating a signature
    
    if sphincs.verify(sig_crack, m, pk):  # Check if signature could be trust with the Public Key
        print("Secret Key Found: ", sk_crack)
        print("Cycles: ", i)

Secret Key Found:  b'\xc9\x00\xbc\xa2'
Cycles:  201
