kris
/
SIDH_p751
1
0
Forka 0
Codice Problemi 0 Pull Requests 0 Rilasci 0 Wiki Attività
Non puoi selezionare più di 25 argomenti Gli argomenti devono iniziare con una lettera o un numero, possono includere trattini ('-') e possono essere lunghi fino a 35 caratteri.
105 Commit
14 Rami (Branch)
653 KiB
 
 
 
Ramo (Branch): trials/prep_p503_trial5_context
Rami (Branch) Tag
${ item.name }
Crea branch ${ searchTerm }
da 'trials/prep_p503_trial5_context'
${ noResults }
SIDH_p751/sidh/sidh_test.go

343 righe
12 KiB
Originale Permalink Blame Cronologia 

  1. package sidh

  2. 

  3. import (

  4. 	"bytes"

  5. 	"crypto/rand"

  6. 	"encoding/hex"

  7. 	"testing"

  8. )

  9. 

  10. const (

  11. 	// PrA - Alice's Private Key: 2*randint(0,2^371)

  12. 	PrA = "C09957CC83045FB4C3726384D784476ACB6FFD92E5B15B3C2D451BA063F1BD4CED8FBCF682A98DD0954D3" +

  13. 		"7BCAF730E00"

  14. 	// PrB - Bob's Private Key: 3*randint(0,3^238)

  15. 	PrB = "393E8510E78A16D2DC1AACA9C9D17E7E78DB630881D8599C7040D05BB5557ECAE8165C45D5366ECB37B00" +

  16. 		"969740AF201"

  17. 	PkA = "74D8EF08CB74EC99BF08B6FBE4FB3D048873B67F018E44988B9D70C564D058401D20E093C7DF0C66F022C" +

  18. 		"823E5139D2EA0EE137804B4820E950B046A90B0597759A0B6A197C56270128EA089FA1A2007DDE3430B37" +

  19. 		"A3E6350BD47B7F513863741C125FA63DEDAFC475C13DB59E533055B7CBE4B2F32672DF2DF97E03E29617B" +

  20. 		"0E9B6A35B58ABB26527A721142701EB147C7050E1D9125DA577B08CD51C8BB50627B8B47FACFC9C7C07DD" +

  21. 		"00DD75115DD83719FD5F96115DED23ECAA50B1044C6BF3F27442DA284BA4A272D850F414FB185801BF2EF" +

  22. 		"7E628EDB5643E35694B992CF30A2C5120CAF9434F09ACFCA3645B3FFC3A308901FAC7B8955FD5C98576AE" +

  23. 		"FD03F5806CB7430F75B3431B75BEC080596ABCA26E637E6E8D4C25175A8C052C9CBE77900A863F83FAB00" +

  24. 		"95B32D9C3858EF8A35B9F163D429E71DBA47539EB4791D117FE39DDE94EA7801A42DB12D84DE4740ACF51" +

  25. 		"CD7C32BB854569D7D94E11E69D9663CC7ED02E78CF48F4069DF3D3E86198B307095C6B11D46C0DC849F9D" +

  26. 		"94C7693209E5B3848AFAA6DA6A8D73362D779CBC43515902ED2BCE3A748C537DE2FCF092FD3E91B790AF5" +

  27. 		"4E1092C5E5B89BE5BE23B955A52F769D97277EF69F820109042F28C316AC90AE69EB374C9280300B816E6" +

  28. 		"2494B2E01072D1CA96E4B284D2BE1368D6969744B614FACBC8C165864E26E33481D4FDC47B6E523954A25" +

  29. 		"C1A096A37CD23FB81AE64FB11BD0A439609F1CE40673B06DD96F698A910E935219D840F3D411EDFB00D98" +

  30. 		"065AB9868C32D3DA05FF415"

  31. 	PkB = "F6C260C4141E418457CB442E11F0F5558375437576E55D211D19EF83E2839E51D07A82765D8E7B6366FA7" +

  32. 		"0B56CDE3AD3B629ACF542A433369496EDA51EDFBE16EFA1B8DEE1CE46B37820ECBD0CD674AACD4F21FABC" +

  33. 		"2436651E3AF604356FF3EB2CA87976890E34A56FAEC9A2ACD9559B1BB67B69AC1A521342E1E787DA5D709" +

  34. 		"32B0F5842ECA1C99B269DB6C2ED8397F0FC49F114CF8B5AF327A698C0251575CDD1D67732668109A91A3B" +

  35. 		"FA5B47D413C7FAB8817FCBEBFE9BDD9C0B1F3B1934A7028A65233E8B58A92E7E9F66B68B2057ECBF7E44A" +

  36. 		"0EF6EFCC3C8AA5414E100FA0C24F7545324AD17062FC11377A2A4749DEE27E192460E099DBDA8E840EA11" +

  37. 		"AD9D5C83DF065AF77030E7FE18CE24CFC71D356B9B9601811B93676C12CB6B41747133D5259E7A20CC065" +

  38. 		"FAB99DF944FDB34ABB9A374F9E9CC8F9C186BD2181DC2771F69C02629C3E4801A7E7C21F6F3CFF7D257E2" +

  39. 		"257C88C015F0CC8DC0E7FB3373CF4ED6A786AB329E7F16895CA147AD91F6EAE1DFE38116580DF52381599" +

  40. 		"E4246278CB1848FE4A56ABF98652E9E7C2E681551A3D78FA033D932087D8B6567D779A56B726B153033D7" +

  41. 		"2231A1B5C16ED7DC4458308D6B64AF6723CC0F52C94E04C58FCA9739E890AA40CC05E22321F10129D2B59" +

  42. 		"1F317102034C109A56D711591E5B44C717CFC9C9B9461894767CAFA42D2B394194B03999C2A9EF48868F3" +

  43. 		"FB03D1A40F596613AF97F4ED7643A1C2D12692E959C6DEB8E72403ADC0E42204DBCE5056EEF0CC60B0C6E" +

  44. 		"83B8B55AC01F6C85644EE49"

  45. )

  46. 

  47. var params *SidhParams

  48. 

  49. // Use init() function to initialize params in order to avoid

  50. // static initialization order fiasco.

  51. func init() {

  52. 	params = Params(FP_751)

  53. }

  54. 

  55. // Fail if err !=nil. Display msg as an error message

  56. func checkErr(t testing.TB, err error, msg string) {

  57. 	if err != nil {

  58. 		t.Error(msg)

  59. 	}

  60. }

  61. 

  62. // Converts string to private key

  63. func convToPrv(s string, v KeyVariant) *PrivateKey {

  64. 	key := NewPrivateKey(params.Id, v)

  65. 	hex, e := hex.DecodeString(s)

  66. 	if e != nil {

  67. 		panic("non-hex number provided")

  68. 	}

  69. 	e = key.Import(hex)

  70. 	if e != nil {

  71. 		panic("Can't import private key")

  72. 	}

  73. 	return key

  74. }

  75. 

  76. // Converts string to public key

  77. func convToPub(s string, v KeyVariant) *PublicKey {

  78. 	key := NewPublicKey(params.Id, v)

  79. 	hex, e := hex.DecodeString(s)

  80. 	if e != nil {

  81. 		panic("non-hex number provided")

  82. 	}

  83. 	e = key.Import(hex)

  84. 	if e != nil {

  85. 		panic("Can't import public key")

  86. 	}

  87. 	return key

  88. }

  89. 

  90. func testKeygen(s *SidhParams, t *testing.T) {

  91. 	alicePrivate := convToPrv(PrA, KeyVariant_SIDH_A)

  92. 	bobPrivate := convToPrv(PrB, KeyVariant_SIDH_B)

  93. 	expPubA := convToPub(PkA, KeyVariant_SIDH_A)

  94. 	expPubB := convToPub(PkB, KeyVariant_SIDH_B)

  95. 

  96. 	pubA := alicePrivate.GeneratePublicKey()

  97. 	pubB := bobPrivate.GeneratePublicKey()

  98. 

  99. 	if !bytes.Equal(pubA.Export(), expPubA.Export()) {

  100. 		t.Fatalf("unexpected value of public key A")

  101. 	}

  102. 	if !bytes.Equal(pubB.Export(), expPubB.Export()) {

  103. 		t.Fatalf("unexpected value of public key B")

  104. 	}

  105. }

  106. 

  107. func testRoundtrip(s *SidhParams, t *testing.T) {

  108. 	var err error

  109. 

  110. 	prvA := NewPrivateKey(params.Id, KeyVariant_SIDH_A)

  111. 	prvB := NewPrivateKey(params.Id, KeyVariant_SIDH_B)

  112. 

  113. 	// Generate private keys

  114. 	err = prvA.Generate(rand.Reader)

  115. 	checkErr(t, err, "key generation failed")

  116. 	err = prvB.Generate(rand.Reader)

  117. 	checkErr(t, err, "key generation failed")

  118. 

  119. 	// Generate public keys

  120. 	pubA := prvA.GeneratePublicKey()

  121. 	pubB := prvB.GeneratePublicKey()

  122. 

  123. 	// Derive shared secret

  124. 	s1, err := DeriveSecret(prvB, pubA)

  125. 	checkErr(t, err, "")

  126. 

  127. 	s2, err := DeriveSecret(prvA, pubB)

  128. 	checkErr(t, err, "")

  129. 

  130. 	if !bytes.Equal(s1[:], s2[:]) {

  131. 		t.Fatalf("Tthe two shared keys: \n%X, \n%X do not match", s1, s2)

  132. 	}

  133. }

  134. 

  135. func testKeyAgreement(s *SidhParams, t testing.TB, pkA, pkB, prA, prB string) {

  136. 	var e error

  137. 

  138. 	// KeyPairs

  139. 	alicePublic := convToPub(pkA, KeyVariant_SIDH_A)

  140. 	bobPublic := convToPub(pkB, KeyVariant_SIDH_B)

  141. 	alicePrivate := convToPrv(prA, KeyVariant_SIDH_A)

  142. 	bobPrivate := convToPrv(prB, KeyVariant_SIDH_B)

  143. 

  144. 	// Do actual test

  145. 	s1, e := DeriveSecret(bobPrivate, alicePublic)

  146. 	checkErr(t, e, "derivation s1")

  147. 	s2, e := DeriveSecret(alicePrivate, bobPublic)

  148. 	checkErr(t, e, "derivation s1")

  149. 

  150. 	if !bytes.Equal(s1[:], s2[:]) {

  151. 		t.Fatalf("two shared keys: %d, %d do not match", s1, s2)

  152. 	}

  153. 

  154. 	// Negative case

  155. 	dec, e := hex.DecodeString(PkA)

  156. 	if e != nil {

  157. 		t.FailNow()

  158. 	}

  159. 	dec[0] = ^dec[0]

  160. 	e = alicePublic.Import(dec)

  161. 	if e != nil {

  162. 		t.FailNow()

  163. 	}

  164. 

  165. 	s1, e = DeriveSecret(bobPrivate, alicePublic)

  166. 	checkErr(t, e, "derivation of s1 failed")

  167. 	s2, e = DeriveSecret(alicePrivate, bobPublic)

  168. 	checkErr(t, e, "derivation of s2 failed")

  169. 

  170. 	if bytes.Equal(s1[:], s2[:]) {

  171. 		t.Fatalf("The two shared keys: %d, %d match", s1, s2)

  172. 	}

  173. }

  174. 

  175. func TestKeygenP751(t *testing.T) {

  176. 	testKeygen(Params(FP_751), t)

  177. }

  178. 

  179. func TestKeyAgreementP751(t *testing.T) {

  180. 	testKeyAgreement(Params(FP_751), t, PkA, PkB, PrA, PrB)

  181. }

  182. 

  183. func TestRoundtripP751(t *testing.T) {

  184. 	testRoundtrip(Params(FP_751), t)

  185. }

  186. 

  187. func TestKeyAgreementP751_AliceEvenNumber(t *testing.T) {

  188. 	// even alice

  189. 	prE := "C09957CC83045FB4C3726384D784476ACB6FFD92E5B15B3C2D451BA063F1BD4CED8FBCF682A98DD0954D37BCAF730F00"

  190. 	pkE := "8A2DE6FD963C475F7829B689C8B8306FC0917A39EBBC35CA171546269A85698FEC0379E2E1A3C567BE1B8EF5639F81F304889737E6CC444DBED4579DB204DC8C7928F5CBB1ECDD682A1B5C48C0DAF34208C06BF201BE4E6063B1BFDC42413B0537F8E76BEE645C1A24118301BAB17EB8D6E0F283BCB16EFB833E4BB3463953C93165A0DDAC55B385059F27FF7228486D0A733812C81C792BE9EC3A16A5DB0EB099EEA76AC0E59612251A3AD19F7CC567DA2AEBD7733171F48E471D17648692355164E27B515D2A47D7BA34B3B48A047BE7C09C4ABEE2FCC9ACA7396C8A8C9E73E29533FC7369094DFA7988778E55E53F309922C6E233F8F9C7936C3D29CEA640406FCA06450AA1978FF39F227BF06B1E072F1763447C6F513B23CDF3B0EC0379070AEE5A02D9AD8E0EB023461D631F4A9643A4C79921334945F6B33DDFC11D9703BD06B047B4DA404AB12EFD2C3A49E5C42D10DA063352748B21DE41C32A5693FE1C0DCAB111F4990CD58BECADB1892EE7A7E99C9DB4DA4E69C96E57138B99038BC9B877ECE75914EFB98DD08B9E4A2DCCB948A8F7D2F26678A9952BA0EFAB1E9CF6E51B557480DEC2BA30DE0FE4AFE30A6B30765EE75EF64F678316D81C72755AD2CFA0B8C7706B07BFA52FBC3DB84EF9E79796C0089305B1E13C78660779E0FF2A13820CE141104F976B1678990F85B2D3D2B89CD5BC4DD52603A5D24D3EFEDA44BAA0F38CDB75A220AF45EAB70F2799875D435CE50FC6315EDD4BB7AA7260AFD7CD0561B69B4FA3A817904322661C3108DA24"

  191. 	testKeyAgreement(Params(FP_751), t, pkE, PkB, prE, PrB)

  192. }

  193. 

  194. func TestImportExport(t *testing.T) {

  195. 	var err error

  196. 	a := NewPublicKey(params.Id, KeyVariant_SIDH_A)

  197. 	b := NewPublicKey(params.Id, KeyVariant_SIDH_B)

  198. 

  199. 	// Import keys

  200. 	a_hex, err := hex.DecodeString(PkA)

  201. 	checkErr(t, err, "invalid hex-number provided")

  202. 

  203. 	err = a.Import(a_hex)

  204. 	checkErr(t, err, "import failed")

  205. 

  206. 	b_hex, err := hex.DecodeString(PkB)

  207. 	checkErr(t, err, "invalid hex-number provided")

  208. 

  209. 	err = b.Import(b_hex)

  210. 	checkErr(t, err, "import failed")

  211. 

  212. 	// Export and check if same

  213. 	if !bytes.Equal(b.Export(), b_hex) || !bytes.Equal(a.Export(), a_hex) {

  214. 		t.Fatalf("export/import failed")

  215. 	}

  216. 

  217. 	if (len(b.Export()) != b.Size()) || (len(a.Export()) != a.Size()) {

  218. 		t.Fatalf("wrong size of exported keys")

  219. 	}

  220. }

  221. 

  222. func TestMultiplyByThree(t *testing.T) {

  223. 	// sage: repr((3^238 -1).digits(256))

  224. 	var three238minus1 = [48]byte{

  225. 		248, 132, 131, 130, 138, 113, 205, 237, 20, 122, 66, 212, 191, 53, 59, 115, 56, 207,

  226. 		215, 148, 207, 41, 130, 248, 214, 42, 124, 12, 153, 108, 197, 99, 199, 34, 66, 143,

  227. 		126, 168, 88, 184, 245, 234, 37, 181, 198, 201, 84, 2}

  228. 	// sage: repr((3*(3^238 -1)).digits(256))

  229. 	var threeTimesThree238minus1 = [48]byte{

  230. 		232, 142, 138, 135, 159, 84, 104, 201, 62, 110, 199, 124, 63, 161, 177, 89, 169, 109,

  231. 		135, 190, 110, 125, 134, 233, 132, 128, 116, 37, 203, 69, 80, 43, 86, 104, 198, 173,

  232. 		123, 249, 9, 41, 225, 192, 113, 31, 84, 93, 254, 6}

  233. 

  234. 	multiplyByThree(three238minus1[:])

  235. 

  236. 	for i := 0; i < 48; i++ {

  237. 		if three238minus1[i] != threeTimesThree238minus1[i] {

  238. 			t.Error("Digit", i, "error: found", three238minus1[i],

  239. 				"expected", threeTimesThree238minus1[i])

  240. 		}

  241. 	}

  242. }

  243. 

  244. func TestCheckLessThanThree238(t *testing.T) {

  245. 	var three238minus1 = [48]byte{

  246. 		248, 132, 131, 130, 138, 113, 205, 237, 20, 122, 66, 212, 191, 53, 59, 115,

  247. 		56, 207, 215, 148, 207, 41, 130, 248, 214, 42, 124, 12, 153, 108, 197, 99,

  248. 		199, 34, 66, 143, 126, 168, 88, 184, 245, 234, 37, 181, 198, 201, 84, 2}

  249. 	var three238 = [48]byte{

  250. 		249, 132, 131, 130, 138, 113, 205, 237, 20, 122, 66, 212, 191, 53, 59, 115,

  251. 		56, 207, 215, 148, 207, 41, 130, 248, 214, 42, 124, 12, 153, 108, 197, 99, 199,

  252. 		34, 66, 143, 126, 168, 88, 184, 245, 234, 37, 181, 198, 201, 84, 2}

  253. 	var three238plus1 = [48]byte{250, 132, 131, 130, 138, 113, 205, 237, 20, 122, 66,

  254. 		212, 191, 53, 59, 115, 56, 207, 215, 148, 207, 41, 130, 248, 214, 42, 124, 12,

  255. 		153, 108, 197, 99, 199, 34, 66, 143, 126, 168, 88, 184, 245, 234, 37, 181, 198,

  256. 		201, 84, 2}

  257. 	// makes second 64-bit digits bigger than in three238. checks if carries are correctly propagated

  258. 	var three238plus2power65 = [48]byte{249, 132, 131, 130, 138, 113, 205, 237, 22, 122,

  259. 		66, 212, 191, 53, 59, 115, 56, 207, 215, 148, 207, 41, 130, 248, 214, 42, 124, 12,

  260. 		153, 108, 197, 99, 199, 34, 66, 143, 126, 168, 88, 184, 245, 234, 37, 181, 198,

  261. 		201, 84, 2}

  262. 

  263. 	var result uint8

  264. 

  265. 	result = checkLessThanThree238(three238minus1[:])

  266. 	if result != 0 {

  267. 		t.Error("expected 0, got", result)

  268. 	}

  269. 	result = checkLessThanThree238(three238[:])

  270. 	if result != 1 {

  271. 		t.Error("expected nonzero, got", result)

  272. 	}

  273. 	result = checkLessThanThree238(three238plus1[:])

  274. 	if result != 1 {

  275. 		t.Error("expected nonzero, got", result)

  276. 	}

  277. 	result = checkLessThanThree238(three238plus2power65[:])

  278. 	if result != 1 {

  279. 		t.Error("expected nonzero, got", result)

  280. 	}

  281. }

  282. 

  283. func BenchmarkSidhKeyAgreement(b *testing.B) {

  284. 	// KeyPairs

  285. 	alicePublic := convToPub(PkA, KeyVariant_SIDH_A)

  286. 	bobPublic := convToPub(PkB, KeyVariant_SIDH_B)

  287. 	alicePrivate := convToPrv(PrA, KeyVariant_SIDH_A)

  288. 	bobPrivate := convToPrv(PrB, KeyVariant_SIDH_B)

  289. 

  290. 	for i := 0; i < b.N; i++ {

  291. 		// Derive shared secret

  292. 		DeriveSecret(bobPrivate, alicePublic)

  293. 		DeriveSecret(alicePrivate, bobPublic)

  294. 	}

  295. }

  296. 

  297. func BenchmarkAliceKeyGenPrv(b *testing.B) {

  298. 	prv := NewPrivateKey(params.Id, KeyVariant_SIDH_A)

  299. 	for n := 0; n < b.N; n++ {

  300. 		prv.Generate(rand.Reader)

  301. 	}

  302. }

  303. 

  304. func BenchmarkBobKeyGenPrv(b *testing.B) {

  305. 	prv := NewPrivateKey(params.Id, KeyVariant_SIDH_B)

  306. 	for n := 0; n < b.N; n++ {

  307. 		prv.Generate(rand.Reader)

  308. 	}

  309. }

  310. 

  311. func BenchmarkAliceKeyGenPub(b *testing.B) {

  312. 	prv := NewPrivateKey(params.Id, KeyVariant_SIDH_A)

  313. 	prv.Generate(rand.Reader)

  314. 	for n := 0; n < b.N; n++ {

  315. 		prv.GeneratePublicKey()

  316. 	}

  317. }

  318. 

  319. func BenchmarkBobKeyGenPub(b *testing.B) {

  320. 	prv := NewPrivateKey(params.Id, KeyVariant_SIDH_B)

  321. 	prv.Generate(rand.Reader)

  322. 	for n := 0; n < b.N; n++ {

  323. 		prv.GeneratePublicKey()

  324. 	}

  325. }

  326. 

  327. func BenchmarkSharedSecretAlice(b *testing.B) {

  328. 	aPr := convToPrv(PrA, KeyVariant_SIDH_A)

  329. 	bPk := convToPub(PkB, KeyVariant_SIDH_B)

  330. 	for n := 0; n < b.N; n++ {

  331. 		DeriveSecret(aPr, bPk)

  332. 	}

  333. }

  334. 

  335. func BenchmarkSharedSecretBob(b *testing.B) {

  336. 	// m_B = 3*randint(0,3^238)

  337. 	aPk := convToPub(PkA, KeyVariant_SIDH_A)

  338. 	bPr := convToPrv(PrB, KeyVariant_SIDH_B)

  339. 	for n := 0; n < b.N; n++ {

  340. 		DeriveSecret(bPr, aPk)

  341. 	}

  342. }