private void IsValid()
        {
            // test valid key pairs
            NtruSign ntru = null;
            SignatureKeyPair kp = null;
            SignatureParameters[] paramSets = new SignatureParameters[] { SignatureParameters.TEST157, SignatureParameters.TEST157_PROD };
            foreach (SignatureParameters param in paramSets)
            {
                ntru = new NtruSign(param);
                kp = ntru.generateKeyPair();
                Assert.True(kp.isValid());
            }

            // test an invalid key pair
            int q = kp.pub.q;
            kp.pub.h.Multiply(101);   // make h invalid
            kp.pub.h.ModPositive(q);
            Assert.False(kp.isValid());
            int inv101 = IntEuclidean.Calculate(101, q).X;
            kp.pub.h.Multiply(inv101);   // restore h
            kp.pub.h.ModPositive(q);
            IntegerPolynomial f = kp.priv.getBasis(0).f.ToIntegerPolynomial();
            f.Multiply(3);   // make f invalid
            kp.priv.getBasis(0).f = f;
            Assert.False(kp.isValid());
        }
Example #2
0
        private void CreateBasis(SignatureParameters param)
        {
            NtruSign ntru = new NtruSign(param);
            FGBasis basis = (FGBasis)ntru.generateBoundedBasis();
            Assert.True(EqualsQ(basis.f, basis.fPrime, basis.F, basis.G, param.q, param.N));

            // test KeyGenAlg.FLOAT (default=RESULTANT)
            param.keyGenAlg = KeyGenAlg.FLOAT;
            ntru = new NtruSign(param);
            basis = (FGBasis)ntru.generateBoundedBasis();
            Assert.True(EqualsQ(basis.f, basis.fPrime, basis.F, basis.G, param.q, param.N));
        }
        private void Encode(SignatureParameters param)
        {
            NtruSign ntru = new NtruSign(param);
            SignatureKeyPair kp = ntru.generateKeyPair();

            // encode to byte[] and reconstruct
            byte[] pub = kp.pub.getEncoded();
            byte[] priv = kp.priv.getEncoded();
            SignatureKeyPair kp2 = new SignatureKeyPair(new SignaturePrivateKey(priv), new SignaturePublicKey(pub));
            Assert.Equals(kp.pub, kp2.pub);
            Assert.Equals(kp.priv, kp2.priv);

            // encode to OutputStream and reconstruct
            MemoryStream bos1 = new MemoryStream();
            MemoryStream bos2 = new MemoryStream();
            kp.priv.writeTo(bos1);
            kp.pub.writeTo(bos2);
            MemoryStream bis1 = new MemoryStream(bos1.ToArray());
            MemoryStream bis2 = new MemoryStream(bos2.ToArray());
            SignatureKeyPair kp3 = new SignatureKeyPair(new SignaturePrivateKey(bis1), new SignaturePublicKey(bis2));
            Assert.Equals(kp.pub, kp3.pub);
            Assert.Equals(kp.priv, kp3.priv);
           // Assert.assertNull(kp3.priv.getBasis(0).h); ToDo: why?
        }
Example #4
0
        private void GetOutputLength()
        {
            SignatureParameters[] paramSets = new SignatureParameters[] { SignatureParameters.TEST157, SignatureParameters.TEST157_PROD, SignatureParameters.APR2011_439_PROD };
            byte[] msg = ArrayUtils.ToBytes("test message 12345");

            foreach (SignatureParameters param in paramSets)
            {
                NtruSign ntru = new NtruSign(param);
                SignatureKeyPair kp = ntru.generateKeyPair();
                byte[] s = ntru.sign(msg, kp);
                Assert.Equals(param.getOutputLength(), s.Length);
            }
        }
Example #5
0
        private void CreateMsgRep(SignatureParameters param)
        {
            NtruSign ntru = new NtruSign(param);
            byte[] msgHash = ArrayUtils.ToBytes("adfsadfsdfs23234234");

            // verify that the message representative is reproducible
            IntegerPolynomial i1 = ntru.createMsgRep(msgHash, 1);
            IntegerPolynomial i2 = ntru.createMsgRep(msgHash, 1);
            Assert.ArrayEquals(i1.Coeffs, i2.Coeffs);
            i1 = ntru.createMsgRep(msgHash, 5);
            i2 = ntru.createMsgRep(msgHash, 5);
            Assert.ArrayEquals(i1.Coeffs, i2.Coeffs);

            i1 = ntru.createMsgRep(msgHash, 2);
            i2 = ntru.createMsgRep(msgHash, 3);
            Assert.False(Compare.AreEqual(i1.Coeffs, i2.Coeffs));
        }
Example #6
0
        private void InitUpdateSign(SignatureParameters param)
        {
            NtruSign ntru = new NtruSign(param);

            SignatureKeyPair kp = ntru.generateKeyPair();

            Random rng = new Random();
            byte[] msg = new byte[10 + rng.Next(1000)];
            rng.NextBytes(msg);

            // sign and verify a message in two pieces each
            ntru.initSign(kp);
            int splitIdx = rng.Next(msg.Length);
            ntru.update(ArrayUtils.CopyOf(msg, splitIdx));   // part 1 of msg
            byte[] s = ntru.sign(ArrayUtils.CopyOfRange(msg, splitIdx, msg.Length));   // part 2 of msg
            ntru.initVerify(kp.pub);
            splitIdx = rng.Next(msg.Length);
            ntru.update(ArrayUtils.CopyOf(msg, splitIdx));   // part 1 of msg
            ntru.update(ArrayUtils.CopyOfRange(msg, splitIdx, msg.Length));   // part 2 of msg
            bool valid = ntru.verify(s);
            Assert.True(valid);
            // verify the same signature with the one-step method
            valid = ntru.verify(msg, s, kp.pub);
            Assert.True(valid);

            // sign using the one-step method and verify using the multi-step method
            s = ntru.sign(msg, kp);
            ntru.initVerify(kp.pub);
            splitIdx = rng.Next(msg.Length);
            ntru.update(ArrayUtils.CopyOf(msg, splitIdx));   // part 1 of msg
            ntru.update(ArrayUtils.CopyOfRange(msg, splitIdx, msg.Length));   // part 2 of msg
            valid = ntru.verify(s);
            Assert.True(valid);
        }
Example #7
0
        private void SignVerify(SignatureParameters param)
        {
            NtruSign ntru = new NtruSign(param);
            SignatureKeyPair kp = ntru.generateKeyPair();
            Assert.Equals(param.B + 1, kp.priv.getNumBases());

            Random rng = new Random();
            byte[] msg = new byte[10 + rng.Next(1000)];
            rng.NextBytes(msg);

            // sign and verify
            byte[] s = ntru.sign(msg, kp);
            bool valid = ntru.verify(msg, s, kp.pub);
            Assert.True(valid);

            // altering the signature should make it invalid
            s[rng.Next(param.N)] += 1;
            valid = ntru.verify(msg, s, kp.pub);
            Assert.False(valid);

            // test that a random signature fails
            rng.NextBytes(s);
            valid = ntru.verify(msg, s, kp.pub);
            Assert.False(valid);

            // encode, decode keypair, test
            SignaturePrivateKey priv = new SignaturePrivateKey(kp.priv.getEncoded());
            SignaturePublicKey pub = new SignaturePublicKey(kp.pub.getEncoded());
            kp = new SignatureKeyPair(priv, pub);
            s = ntru.sign(msg, kp);
            valid = ntru.verify(msg, s, kp.pub);
            Assert.True(valid);

            // altering the signature should make it invalid
            s[rng.Next(s.Length)] += 1;
            valid = ntru.verify(msg, s, kp.pub);
            Assert.False(valid);

            // sparse/dense
            param.sparse = !param.sparse;
            s = ntru.sign(msg, kp);
            valid = ntru.verify(msg, s, kp.pub);
            Assert.True(valid);
            s[rng.Next(s.Length)] += 1;
            valid = ntru.verify(msg, s, kp.pub);
            Assert.False(valid);
            param.sparse = !param.sparse;

            // decrease NormBound to force multiple signing attempts
            SignatureParameters params2 = param.Clone();
            params2.normBoundSq *= (float)4.0 / 9;   // works for APR2011_439_PROD but may need to be increased for different params
            params2.signFailTolerance = 10000;
            ntru = new NtruSign(params2);
            s = ntru.sign(msg, kp);
            valid = ntru.verify(msg, s, kp.pub);
            Assert.True(valid);

            // test KeyGenAlg.FLOAT (default=RESULTANT)
            params2 = param.Clone();
            param.keyGenAlg = KeyGenAlg.FLOAT;
            ntru = new NtruSign(param);
            kp = ntru.generateKeyPair();
            s = ntru.sign(msg, kp);
            valid = ntru.verify(msg, s, kp.pub);
            Assert.True(valid);
            s[rng.Next(s.Length)] += 1;
            valid = ntru.verify(msg, s, kp.pub);
            Assert.False(valid);
        }
        private void Encode(SignatureParameters param)
        {
            NtruSign ntru = new NtruSign(param);
            SignatureKeyPair kp = ntru.generateKeyPair();

            // encode to byte[] and reconstruct
            byte[] enc = kp.getEncoded();
            SignatureKeyPair kp2 = new SignatureKeyPair(enc);
            Assert.Equals(kp, kp2);

            // encode to OutputStream and reconstruct
            MemoryStream bos = new MemoryStream();
            kp.writeTo(bos);
            MemoryStream bis = new MemoryStream(bos.ToArray());
            SignatureKeyPair kp3 = new SignatureKeyPair(bis);
            Assert.Equals(kp, kp3);
        }