Beispiel #1
0
        /// <summary>
        /// Used by the initiator. Verifies a transcript of a Chaum-Pedersen protocol instance, using the strong Fiat-Shamir transform.
        /// </summary>
        /// <param name="ecParameters">Curve parameters</param>
        /// <param name="K">The public key point for the token scheme</param>
        /// <param name="P">Point initially submitted by the initiator</param>
        /// <param name="Q">Point received from the token service</param>
        /// <param name="c">Claimed challenge from the Chaum-Pedersen proof</param>
        /// <param name="z">Response from the Chaum-Pedersen proof</param>
        /// <returns>Returns true if the proof is valid and otherwise returns false</returns>
        public bool VerifyProof(X9ECParameters ecParameters, ECPoint K, ECPoint P, ECPoint Q, BigInteger c, BigInteger z)
        {
            // Compute X = z*G + c*K = r*G
            ECPoint?X = ecParameters.G.Multiply(z).Add(K.Multiply(c));

            // Compute Y = z*P + c*Q = r*P
            ECPoint?Y = P.Multiply(z).Add(Q.Multiply(c));

            // Returns true if the challenge from the proof equals the new challenge
            return(c.Equals(CPChallengeGenerator.CreateChallenge(ecParameters.G, P, K, Q, X, Y)));
        }
Beispiel #2
0
        /// <summary>
        /// Used by the token service. Creates a full transcript of a Chaum-Pedersen protocol instance, using the strong Fiat-Shamir transform.
        /// The Chaum-Pedersen proof proves that the same secret key k is used to compute K = k*G and Q = k*P, without revealing k.
        /// </summary>
        /// <param name="ecParameters">Curve parameters</param>
        /// <param name="k">The private key of the token scheme</param>
        /// <param name="K">The public key of the token scheme</param>
        /// <param name="P">Point submitted by the initiator</param>
        /// <param name="Q">Point signed using the secret key</param>
        /// <returns></returns>
        private (BigInteger c, BigInteger z) CreateProof(
            X9ECParameters ecParameters,
            BigInteger k,
            ECPoint K,
            ECPoint P,
            ECPoint Q)
        {
            // Sample a random integer 0 < r < N
            BigInteger r = ECCurveRandomNumberGenerator.GenerateRandomNumber(ecParameters.Curve, _random);

            // Computes X = r*G
            ECPoint X = ecParameters.G.Multiply(r);

            // Computes Y = r*P
            ECPoint Y = P.Multiply(r);

            BigInteger c = CPChallengeGenerator.CreateChallenge(ecParameters.G, P, K, Q, X, Y);

            // Compute proof z = r - ck mod N
            BigInteger z = r.Subtract(c.Multiply(k)).Mod(ecParameters.Curve.Order);

            return(c, z);
        }