You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@milagro.apache.org by sa...@apache.org on 2020/05/14 22:47:31 UTC
[incubator-milagro-MPC] 15/27: Amend model and test vector
generation for double schnorr
This is an automated email from the ASF dual-hosted git repository.
sandreoli pushed a commit to branch update-model-no-replay
in repository https://gitbox.apache.org/repos/asf/incubator-milagro-MPC.git
commit 4690dbe888409702157398fb6400b81aea005265
Author: Samuele Andreoli <sa...@yahoo.it>
AuthorDate: Thu Feb 6 13:29:58 2020 +0000
Amend model and test vector generation for double schnorr
---
model/examples/run_schnorr.py | 13 +++++--------
model/sec256k1/schnorr.py | 27 +++++++++++++++++++--------
model/vectors/schnorr/genDSCHNORR.py | 29 +++++++++++++++--------------
model/vectors/schnorr/genVector.py | 13 ++++++-------
4 files changed, 45 insertions(+), 37 deletions(-)
diff --git a/model/examples/run_schnorr.py b/model/examples/run_schnorr.py
index 4cb5de8..7f929b9 100755
--- a/model/examples/run_schnorr.py
+++ b/model/examples/run_schnorr.py
@@ -94,26 +94,23 @@ if __name__ == "__main__":
# C is the commitment, a and b are kept secret
a, b, C = schnorr.d_commit(R, a, b)
- print("[Alice] Commit")
+ print("Commit")
print("\ta {}".format(hex(a)[2:].zfill(64)))
print("\tb {}".format(hex(b)[2:].zfill(64)))
print("\tC {}\n".format(C))
# Challenge
- if DETERMINISTIC:
- c = 0x52fad3d74fd4589f5792dd045626e23dd596b6e4c24c5af6dbb15cfa3c71b55a
- else:
- c = schnorr.d_challenge()
+ c = schnorr.d_challenge(R, V, C)
- print("[Bob] Challenge {}\n".format(hex(c)[2:].zfill(64)))
+ print("Challenge {}\n".format(hex(c)[2:].zfill(64)))
# Proof
t, u = schnorr.d_prove(a, b, c, s, l)
- print("[Alice] Prove\n\tt {}\n\tu {}\n".format(
+ print("Prove\n\tt {}\n\tu {}\n".format(
hex(t)[2:].zfill(64), hex(u)[2:].zfill(64)))
# Verification
ok = schnorr.d_verify(R, V, C, c, t, u)
- print("[Bob] Verify: {}".format(ok))
+ print("Verify: {}".format(ok))
diff --git a/model/sec256k1/schnorr.py b/model/sec256k1/schnorr.py
index 1d10084..6cc54be 100644
--- a/model/sec256k1/schnorr.py
+++ b/model/sec256k1/schnorr.py
@@ -25,26 +25,37 @@ def d_commit(R, a=None, b=None):
return a, b, C
-def d_challenge():
- return big.rand(curve.r)
+def d_challenge(R, V, C):
+ H = hashlib.new("sha256")
+
+ H.update(ecp.generator().toBytes(True))
+ H.update(R.toBytes(True))
+ H.update(C.toBytes(True))
+ H.update(V.toBytes(True))
+
+ e_bytes = H.digest()
+ e = big.from_bytes(e_bytes)
+ e = e % curve.r
+
+ return e
-def d_prove(a, b, c, s, l):
- t = (a + c * s) % curve.r
- u = (b + c * l) % curve.r
+def d_prove(a, b, e, s, l):
+ t = (a + e * s) % curve.r
+ u = (b + e * l) % curve.r
return t, u
-def d_verify(R, V, C, c, t, u):
+def d_verify(R, V, C, e, t, u):
'''
- Verify t.R + u.G = C + c.V
+ Verify t.R + u.G = C + e.V
'''
P = ecp.ECp.mul(R, t, ecp.generator(), u)
Q = C.copy()
- Q.add(c * V)
+ Q.add(e * V)
if DEBUG:
print("P {}".format(P))
diff --git a/model/vectors/schnorr/genDSCHNORR.py b/model/vectors/schnorr/genDSCHNORR.py
index 4e5f81a..da1931c 100755
--- a/model/vectors/schnorr/genDSCHNORR.py
+++ b/model/vectors/schnorr/genDSCHNORR.py
@@ -16,35 +16,36 @@ from genVector import genDoubleSchnorrVector
from Crypto.Util import number
vector_fields = {
- "commit": ["TEST", "R", "A", "B", "CO"],
- "prove": ["TEST", "A", "B", "CH", "S", "L", "T", "U"],
- "verify": ["TEST", "R", "V", "CO", "CH", "T", "U"],
+ "commit": ["TEST", "R", "A", "B", "C"],
+ "challenge": ["TEST", "R", "V", "C", "E"],
+ "prove": ["TEST", "A", "B", "E", "S", "L", "T", "U"],
+ "verify": ["TEST", "R", "V", "C", "E", "T", "U"],
}
if __name__ == '__main__':
parser = argparse.ArgumentParser()
- parser.add_argument('--type', dest='type', type=str, default='commit',
- help='test vector type', choices=["commit", "prove", "verify"])
- parser.add_argument(
- 'nVec', type=int, help='number of test vectors to generate')
+ parser.add_argument('-t', dest='type', type=str, default='commit',
+ help='test vector type', choices=["commit", "challenge", "prove", "verify"])
+ parser.add_argument('-n', dest='n', type=int, default=10,
+ help='number of test vectors to generate')
args = parser.parse_args()
-
- print("Generate {} vector(s). Type '{}'".format(args.nVec, args.type))
+ vecType = args.type
+ keys = vector_fields[vecType]
vectors = []
- for i in range(args.nVec):
+ for i in range(args.n):
vector = genDoubleSchnorrVector(i)
- vector = {k: vector[k] for k in vector_fields[args.type]}
+ vector = {k: vector[k] for k in keys}
vectors.append(vector)
- json.dump(vectors, open("{}.json".format(args.type), "w"), indent=2)
+ json.dump(vectors, open("d{}.json".format(vecType), "w"), indent=2)
- with open("{}.txt".format(args.type), "w") as f:
+ with open("d{}.txt".format(vecType), "w") as f:
for vector in vectors:
- for field in vector_fields[args.type]:
+ for field in keys:
f.write("{} = {},\n".format(field, vector[field]))
f.write("\n")
diff --git a/model/vectors/schnorr/genVector.py b/model/vectors/schnorr/genVector.py
index bcaf81c..432313b 100644
--- a/model/vectors/schnorr/genVector.py
+++ b/model/vectors/schnorr/genVector.py
@@ -54,7 +54,7 @@ def genSchnorrVector(test_no, x=None, r=None):
return vector
-def genDoubleSchnorrVector(test_no, R=None, s=None, l=None, a=None, b=None, c=None):
+def genDoubleSchnorrVector(test_no, R=None, s=None, l=None, a=None, b=None):
"""Generate a single test vector
Use parameters to generate a single test vector
@@ -93,8 +93,7 @@ def genDoubleSchnorrVector(test_no, R=None, s=None, l=None, a=None, b=None, c=No
# ZK proof
a, b, C = schnorr.d_commit(R, a, b)
- if c is None:
- c = schnorr.d_challenge()
+ c = schnorr.d_challenge(R, V, C)
t, u = schnorr.d_prove(a, b, c, s, l)
@@ -102,14 +101,14 @@ def genDoubleSchnorrVector(test_no, R=None, s=None, l=None, a=None, b=None, c=No
vector = {
"TEST": test_no,
- "R": "{}".format(R),
+ "R": "{}".format(R.toBytes(True).hex()),
"S": hex(s)[2:].zfill(64),
"L": hex(l)[2:].zfill(64),
- "V": "{}".format(V),
+ "V": "{}".format(V.toBytes(True).hex()),
"A": hex(a)[2:].zfill(64),
"B": hex(b)[2:].zfill(64),
- "CO": "{}".format(C),
- "CH": hex(c)[2:].zfill(64),
+ "C": "{}".format(C.toBytes(True).hex()),
+ "E": hex(c)[2:].zfill(64),
"T": hex(t)[2:].zfill(64),
"U": hex(u)[2:].zfill(64),
}