6 değiştirilmiş dosya ile 123 ekleme ve 14 silme
Görünümü Böl
Diff Seçenekleri
-
+1 -0Makefile
-
+6 -0internal/utils/utils.go
-
+41 -0p751toolbox/api.go
-
+1 -0sidh/api.go
-
+7 -0sidh/params.go
-
+67 -14sidh/sidh.go
+ 1
- 0
Makefile
Dosyayı Görüntüle
| @@ -33,6 +33,7 @@ build_env: | |||
| GOPATH=$(GOPATH_LOCAL) go get $(CSHAKE_PKG) | |||
| mkdir -p $(GOPATH_LOCAL)/src/$(GOPATH_DIR) | |||
| cp -rf etc $(GOPATH_LOCAL)/src/$(GOPATH_DIR) | |||
| cp -rf internal $(GOPATH_LOCAL)/src/$(GOPATH_DIR) | |||
| copy-target-%: | |||
| cp -rf $* $(GOPATH_LOCAL)/src/$(GOPATH_DIR) | |||
+ 6
- 0
internal/utils/utils.go
Dosyayı Görüntüle
| @@ -0,0 +1,6 @@ | |||
| package internal | |||
| type OperationContext interface { | |||
| LoadBasePoints() | |||
| ScalarMul(scalar []byte, scalarSz uint) | |||
| } | |||
+ 41
- 0
p751toolbox/api.go
Dosyayı Görüntüle
| @@ -0,0 +1,41 @@ | |||
| package p751toolbox | |||
| import ( | |||
| . "github.com/cloudflare/p751sidh/internal/utils" | |||
| ) | |||
| type context struct { | |||
| xPA, xQA, xRA ProjectivePoint | |||
| xPB, xQB, xRB ProjectivePoint | |||
| xR ProjectivePoint | |||
| curve ProjectiveCurveParameters | |||
| } | |||
| func (c *context) LoadBasePoints() { | |||
| // Load points for A | |||
| c.xPA.FromAffine(&P751_affine_PA) | |||
| c.xPA.Z.One() | |||
| c.xQA.FromAffine(&P751_affine_QA) | |||
| c.xQA.Z.One() | |||
| c.xRA.FromAffine(&P751_affine_RA) | |||
| c.xRA.Z.One() | |||
| // Load points for B | |||
| c.xRB.FromAffine(&P751_affine_RB) | |||
| c.xRB.Z.One() | |||
| c.xQB.FromAffine(&P751_affine_QB) | |||
| c.xQB.Z.One() | |||
| c.xPB.FromAffine(&P751_affine_PB) | |||
| c.xPB.Z.One() | |||
| } | |||
| func (c *context) ScalarMul(scalar []byte, sz uint) { | |||
| c.curve.A.Zero() | |||
| c.curve.C.One() | |||
| // OZAPTF: PA QA RA -> PB QB ... if used for B | |||
| c.xR = RightToLeftLadder(&tmp, &c.xPA, &c.xQA, &c.xRA, sz, scalar) | |||
| } | |||
| func NewCtx() OperationContext { | |||
| return new(context) | |||
| } | |||
+ 1
- 0
sidh/api.go
Dosyayı Görüntüle
| @@ -3,6 +3,7 @@ package sidh | |||
| import ( | |||
| "errors" | |||
| p751 "github.com/cloudflare/p751sidh/p751toolbox" | |||
| // . "github.com/cloudflare/p751sidh/internal/utils" | |||
| "io" | |||
| ) | |||
+ 7
- 0
sidh/params.go
Dosyayı Görüntüle
| @@ -3,8 +3,11 @@ package sidh | |||
| import ( | |||
| // p503 "github.com/cloudflare/p751sidh/p503toolbox" | |||
| p751 "github.com/cloudflare/p751sidh/p751toolbox" | |||
| . "github.com/cloudflare/p751sidh/internal/utils" | |||
| ) | |||
| type ctxCtor func() OperationContext | |||
| type DomainParams struct { | |||
| // P, Q and R=P-Q base points | |||
| Affine_P, Affine_Q, Affine_R p751.ExtensionFieldElement | |||
| @@ -33,6 +36,8 @@ type SidhParams struct { | |||
| MsgLen uint | |||
| // Length of SIKE ephemeral KEM key (see [SIKE], 1.4 and 5.1) | |||
| KemSize uint | |||
| // Creates operation context | |||
| op ctxCtor | |||
| } | |||
| // Keeps mapping: SIDH prime field ID to domain parameters | |||
| @@ -54,6 +59,7 @@ func init() { | |||
| PublicKeySize: p751.P751_PublicKeySize, | |||
| SharedSecretSize: p751.P751_SharedSecretSize, | |||
| A: DomainParams{ | |||
| // OZAPTF: Probably not needed | |||
| Affine_P: p751.P751_affine_PA, | |||
| Affine_Q: p751.P751_affine_QA, | |||
| Affine_R: p751.P751_affine_RA, | |||
| @@ -73,6 +79,7 @@ func init() { | |||
| // SIKEp751 provides 192 bit of classical security ([SIKE], 5.1) | |||
| KemSize: 24, | |||
| SampleRate: p751.P751_SampleRate, | |||
| op: p751.NewCtx, | |||
| } | |||
| /* | |||
| p503 := SidhParams{ | |||
+ 67
- 14
sidh/sidh.go
Dosyayı Görüntüle
| @@ -52,6 +52,50 @@ func traverseTreePublicKeyA(curve *p751.ProjectiveCurveParameters, xR, phiP, phi | |||
| } | |||
| } | |||
| // ----------------------------------------------------------------------------- | |||
| // Functions for traversing isogeny trees acoording to strategy. Key type 'A' is | |||
| // | |||
| // Traverses isogeny tree in order to compute xR, xP, xQ and xQmP needed | |||
| // for public key generation. | |||
| func traverseTreePublicKeyAX(ctx *OperationContext, pub *PublicKey/*curve *p751.ProjectiveCurveParameters, xR, phiP, phiQ, phiR *p751.ProjectivePoint, */) { | |||
| var points = make([]p751.ProjectivePoint, 0, 8) | |||
| var indices = make([]int, 0, 8) | |||
| var i, sidx int | |||
| //cparam := curve.CalcCurveParamsEquiv4() | |||
| phi := p751.NewIsogeny4() | |||
| strat := pub.params.A.IsogenyStrategy | |||
| stratSz := len(strat) | |||
| for j := 1; j <= stratSz; j++ { | |||
| for i <= stratSz-j { | |||
| points = append(points, *xR) | |||
| indices = append(indices, i) | |||
| k := strat[sidx] | |||
| sidx++ | |||
| xR.Pow2k(&cparam, xR, 2*k) | |||
| i += int(k) | |||
| } | |||
| cparam = phi.GenerateCurve(xR) | |||
| for k := 0; k < len(points); k++ { | |||
| points[k] = phi.EvaluatePoint(&points[k]) | |||
| } | |||
| *phiP = phi.EvaluatePoint(phiP) | |||
| *phiQ = phi.EvaluatePoint(phiQ) | |||
| *phiR = phi.EvaluatePoint(phiR) | |||
| // pop xR from points | |||
| *xR, points = points[len(points)-1], points[:len(points)-1] | |||
| i, indices = int(indices[len(indices)-1]), indices[:len(indices)-1] | |||
| } | |||
| } | |||
| // Traverses isogeny tree in order to compute xR needed | |||
| // for public key generation. | |||
| func traverseTreeSharedKeyA(curve *p751.ProjectiveCurveParameters, xR *p751.ProjectivePoint, pub *PublicKey) { | |||
| @@ -223,13 +267,21 @@ func (prv *PrivateKey) generatePrivateKeyB(rand io.Reader) error { | |||
| // Generate a public key in the 2-torsion group | |||
| func publicKeyGenA(prv *PrivateKey) (pub *PublicKey) { | |||
| var xPA, xQA, xRA p751.ProjectivePoint | |||
| var xPB, xQB, xRB, xR p751.ProjectivePoint | |||
| var invZP, invZQ, invZR p751.ExtensionFieldElement | |||
| var tmp p751.ProjectiveCurveParameters | |||
| var phi = p751.NewIsogeny4() | |||
| // var xPA, xQA, xRA p751.ProjectivePoint | |||
| // var xPB, xQB, xRB, xR p751.ProjectivePoint | |||
| // var invZP, invZQ, invZR p751.ExtensionFieldElement | |||
| // var tmp p751.ProjectiveCurveParameters | |||
| // var phi = p751.NewIsogeny4() | |||
| // | |||
| pub = NewPublicKey(prv.params.Id, KeyVariant_SIDH_A) | |||
| ctx := prv.params.op() | |||
| ctx.LoadBasePoints() | |||
| ctx.ScalarMul(prv.Scalar, prv.params.A.SecretBitLen) | |||
| traverseTreePublicKeyA(ctx) | |||
| // ctx.CreateSecretIsogeny() | |||
| // ctx.Store(pub) | |||
| /* | |||
| // Load points for A | |||
| xPA.FromAffine(&prv.params.A.Affine_P) | |||
| xPA.Z.One() | |||
| @@ -266,6 +318,7 @@ func publicKeyGenA(prv *PrivateKey) (pub *PublicKey) { | |||
| pub.affine_xP.Mul(&xPA.X, &invZP) | |||
| pub.affine_xQ.Mul(&xQA.X, &invZQ) | |||
| pub.affine_xQmP.Mul(&xRA.X, &invZR) | |||
| */ | |||
| return | |||
| } | |||
| @@ -278,14 +331,6 @@ func publicKeyGenB(prv *PrivateKey) (pub *PublicKey) { | |||
| var phi = p751.NewIsogeny3() | |||
| pub = NewPublicKey(prv.params.Id, prv.keyVariant) | |||
| // Load points for B | |||
| xRB.FromAffine(&prv.params.B.Affine_R) | |||
| xRB.Z.One() | |||
| xQB.FromAffine(&prv.params.B.Affine_Q) | |||
| xQB.Z.One() | |||
| xPB.FromAffine(&prv.params.B.Affine_P) | |||
| xPB.Z.One() | |||
| // Load points for A | |||
| xPA.FromAffine(&prv.params.A.Affine_P) | |||
| xPA.Z.One() | |||
| @@ -294,6 +339,14 @@ func publicKeyGenB(prv *PrivateKey) (pub *PublicKey) { | |||
| xRA.FromAffine(&prv.params.A.Affine_R) | |||
| xRA.Z.One() | |||
| // Load points for B | |||
| xRB.FromAffine(&prv.params.B.Affine_R) | |||
| xRB.Z.One() | |||
| xQB.FromAffine(&prv.params.B.Affine_Q) | |||
| xQB.Z.One() | |||
| xPB.FromAffine(&prv.params.B.Affine_P) | |||
| xPB.Z.One() | |||
| tmp.A.Zero() | |||
| tmp.C.One() | |||
| xR = p751.RightToLeftLadder(&tmp, &xPB, &xQB, &xRB, prv.params.B.SecretBitLen, prv.Scalar) | |||