Split work to Alice and Bob, Alice sends salt for KDF

This commit is contained in:
Robert Bendun 2024-04-17 23:13:02 +02:00
parent 1aca203119
commit 27ccbc0141

62
main.py
View File

@ -4,47 +4,77 @@ import pickle
import Crypto.Random import Crypto.Random
import Crypto.Cipher.AES import Crypto.Cipher.AES
import Crypto.Protocol.KDF import Crypto.Protocol.KDF
import contextlib
m0 = b"alice" curve = curves.Curve.get_curve("NIST-P224")
m1 = b"bob"
c = False
curve = curves.Curve.get_curve('NIST-P224')
q = curve.size q = curve.size
g = curve.generator g = curve.generator
salt = Crypto.Random.get_random_bytes(16)
def H(p: curves.Point) -> bytes: def H(p: curves.Point, salt: bytes) -> bytes:
print("H({p})")
secret = pickle.dumps((p.x, p.y), protocol=4) secret = pickle.dumps((p.x, p.y), protocol=4)
key = Crypto.Protocol.KDF.scrypt(secret, salt, 16, N=2**14, r=8, p=1) key = Crypto.Protocol.KDF.scrypt(secret, salt, 16, N=2**14, r=8, p=1)
return key[:32] # first 32 bytes of generated key return key[:32] # first 32 bytes of generated key
def E(key: bytes, message: bytes) -> tuple[bytes, bytes]: def E(key: bytes, message: bytes) -> tuple[bytes, bytes]:
cipher = Crypto.Cipher.AES.new(key, Crypto.Cipher.AES.MODE_CTR) cipher = Crypto.Cipher.AES.new(key, Crypto.Cipher.AES.MODE_CTR)
ct = cipher.encrypt(message) ct = cipher.encrypt(message)
return (ct, cipher.nonce) return (ct, cipher.nonce)
def D(key: bytes, encrypted_with_nonce: tuple[bytes, bytes]) -> bytes: def D(key: bytes, encrypted_with_nonce: tuple[bytes, bytes]) -> bytes:
ct, nonce = encrypted_with_nonce ct, nonce = encrypted_with_nonce
cipher = Crypto.Cipher.AES.new(key, Crypto.Cipher.AES.MODE_CTR, nonce=nonce) cipher = Crypto.Cipher.AES.new(key, Crypto.Cipher.AES.MODE_CTR, nonce=nonce)
return cipher.decrypt(ct) return cipher.decrypt(ct)
########################################################
# Workers
########################################################
def alice(m0: bytes, m1: bytes):
a = 1 + secrets.randbelow(q) a = 1 + secrets.randbelow(q)
b = 1 + secrets.randbelow(q)
A = curve.mul_point(a, g) A = curve.mul_point(a, g)
B = yield A
salt = Crypto.Random.get_random_bytes(16)
k0 = H(curve.mul_point(a, B), salt)
k1 = H(curve.mul_point(a, curve.sub_point(B, A)), salt)
e0 = E(k0, m0)
e1 = E(k1, m1)
yield e0, e1, salt
def bob(c: bool):
b = 1 + secrets.randbelow(q)
A = yield
B = curve.mul_point(b, g) B = curve.mul_point(b, g)
if c: if c:
B = curve.add_point(A, B) B = curve.add_point(A, B)
k0 = H(curve.mul_point(a, B)) e0, e1, salt = yield B
k1 = H(curve.mul_point(a, curve.sub_point(B, A))) kc = H(curve.mul_point(b, A), salt)
e0 = E(k0, m0)
e1 = E(k1, m1)
kc = H(curve.mul_point(b, A))
print(D(kc, e1 if c else e0)) print(D(kc, e1 if c else e0))
########################################################
# Arrows
########################################################
def main():
with contextlib.suppress(StopIteration):
a = alice(b"msg one", b"msg two")
b = bob(True)
A = a.send(None)
b.send(None)
B = b.send(A)
encrypted = a.send(B)
b.send(encrypted)
if __name__ == "__main__":
main()