from Crypto.PublicKey import ECC from Crypto.Protocol.KDF import scrypt from Crypto.Random import get_random_bytes from Crypto.Cipher import AES from secrets import randbelow prime = 0xffffffffffffffffffffffffffffffff000000000000000000000001 def generate_secret(c = 0): # 'DER' format for byte output return ECC.generate(curve='NIST P-224').export_key(format='DER') def H(secret): # secret should be bytearray[], pref. from generate_secret() function salt = get_random_bytes(16) key = scrypt(bytes(secret), salt, 16, N=2**14, r=8, p=1) return key[:32] # first 32 bytes of generated key def coin_toss(): x = randbelow(2 ** 64) if x & 1: return False else: return True def encrypt(key, data): cipher = AES.new(key, AES.MODE_CTR) ct = cipher.encrypt(data) nonce = cipher.nonce return ct, nonce def decrypt(ct, nonce, key): cipher = AES.new(key, AES.MODE_CTR, nonce=nonce) pt = cipher.decrypt(ct) return pt