private ECFieldElement SolveQuadradicEquation(ECFieldElement beta) { if (beta.IsZero) { return(beta); } ECFieldElement eCFieldElement = FromBigInteger(BigInteger.Zero); int fieldSize = FieldSize; ECFieldElement eCFieldElement2; ECFieldElement eCFieldElement5; do { ECFieldElement b = FromBigInteger(BigInteger.Arbitrary(fieldSize)); eCFieldElement2 = eCFieldElement; ECFieldElement eCFieldElement3 = beta; for (int i = 1; i < fieldSize; i++) { ECFieldElement eCFieldElement4 = eCFieldElement3.Square(); eCFieldElement2 = eCFieldElement2.Square().Add(eCFieldElement4.Multiply(b)); eCFieldElement3 = eCFieldElement4.Add(beta); } if (!eCFieldElement3.IsZero) { return(null); } eCFieldElement5 = eCFieldElement2.Square().Add(eCFieldElement2); }while (eCFieldElement5.IsZero); return(eCFieldElement2); }
/** * Solves a quadratic equation <code>z<sup>2</sup> + z = beta</code>(X9.62 * D.1.6) The other solution is <code>z + 1</code>. * * @param beta * The value to solve the quadratic equation for. * @return the solution for <code>z<sup>2</sup> + z = beta</code> or * <code>null</code> if no solution exists. */ private ECFieldElement SolveQuadradicEquation(ECFieldElement beta) { if (beta.IsZero) { return(beta); } ECFieldElement gamma, z, zeroElement = FromBigInteger(BigInteger.Zero); int m = FieldSize; do { ECFieldElement t = FromBigInteger(BigInteger.Arbitrary(m)); z = zeroElement; ECFieldElement w = beta; for (int i = 1; i < m; i++) { ECFieldElement w2 = w.Square(); z = z.Square().Add(w2.Multiply(t)); w = w2.Add(beta); } if (!w.IsZero) { return(null); } gamma = z.Square().Add(z); }while(gamma.IsZero); return(z); }
public void ShouldPassBatchVerifycation() { var vectors = new string[][] { new [] { "0279BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798", "0000000000000000000000000000000000000000000000000000000000000000", "787A848E71043D280C50470E8E1532B2DD5D20EE912A45DBDD2BD1DFBF187EF67031A98831859DC34DFFEEDDA86831842CCD0079E1F92AF177F7F22CC1DCED05" }, new [] { "02DFF1D77F2A671C5F36183726DB2341BE58FEAE1DA2DECED843240F7B502BA659", "243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89", "2A298DACAE57395A15D0795DDBFD1DCB564DA82B0F269BC70A74F8220429BA1D1E51A22CCEC35599B8F266912281F8365FFC2D035A230434A1A64DC59F7013FD" }, new [] { "03FAC2114C2FBB091527EB7C64ECB11F8021CB45E8E7809D3C0938E4B8C0E5F84B", "5E2D58D8B3BCDF1ABADEC7829054F90DDA9805AAB56C77333024B9D0A508B75C", "00DA9B08172A9B6F0466A2DEFD817F2D7AB437E0D253CB5395A963866B3574BE00880371D01766935B92D2AB4CD5C8A2A5837EC57FED7660773A05F0DE142380" } }; var messages = vectors.Select(v => uint256.Parse(v[1])).ToArray(); var pubkeys = vectors.Select(v => new PubKey(Encoders.Hex.DecodeData(v[0]))).ToArray(); var signatures = vectors.Select(v => SchnorrSignature.Parse(v[2])).ToArray(); var randoms = Enumerable.Range(0, 2).Select(x => BigInteger.Arbitrary(256)).ToArray(); var ok = SchnorrSigner.BatchVerify(messages, pubkeys, signatures, randoms); Assert.True(ok); }
public override ECFieldElement Sqrt() { BigInteger integer14; if (this.IsZero || this.IsOne) { return(this); } if (!this.q.TestBit(0)) { throw Platform.CreateNotImplementedException("even value of q"); } if (this.q.TestBit(1)) { BigInteger integer = this.q.ShiftRight(2).Add(BigInteger.One); return(this.CheckSqrt(new FpFieldElement(this.q, this.r, this.x.ModPow(integer, this.q)))); } if (this.q.TestBit(2)) { BigInteger integer2 = this.x.ModPow(this.q.ShiftRight(3), this.q); BigInteger integer3 = this.ModMult(integer2, this.x); if (this.ModMult(integer3, integer2).Equals(BigInteger.One)) { return(this.CheckSqrt(new FpFieldElement(this.q, this.r, integer3))); } BigInteger integer5 = BigInteger.Two.ModPow(this.q.ShiftRight(2), this.q); BigInteger integer6 = this.ModMult(integer3, integer5); return(this.CheckSqrt(new FpFieldElement(this.q, this.r, integer6))); } BigInteger e = this.q.ShiftRight(1); if (!this.x.ModPow(e, this.q).Equals(BigInteger.One)) { return(null); } BigInteger x = this.x; BigInteger n = this.ModDouble(this.ModDouble(x)); BigInteger k = e.Add(BigInteger.One); BigInteger integer11 = this.q.Subtract(BigInteger.One); Label_01A2: integer14 = BigInteger.Arbitrary(this.q.BitLength); if ((integer14.CompareTo(this.q) >= 0) || !this.ModReduce(integer14.Multiply(integer14).Subtract(n)).ModPow(e, this.q).Equals(integer11)) { goto Label_01A2; } BigInteger[] integerArray = this.LucasSequence(integer14, x, k); BigInteger integer12 = integerArray[0]; BigInteger integer13 = integerArray[1]; if (this.ModMult(integer13, integer13).Equals(n)) { return(new FpFieldElement(this.q, this.r, this.ModHalfAbs(integer13))); } if (integer12.Equals(BigInteger.One) || integer12.Equals(integer11)) { goto Label_01A2; } return(null); }
private ECFieldElement SolveQuadradicEquation(ECFieldElement beta) { ECFieldElement element2; if (beta.IsZero) { return(beta); } ECFieldElement element3 = this.FromBigInteger(BigInteger.Zero); int fieldSize = this.FieldSize; do { ECFieldElement b = this.FromBigInteger(BigInteger.Arbitrary(fieldSize)); element2 = element3; ECFieldElement element5 = beta; for (int i = 1; i < fieldSize; i++) { ECFieldElement element6 = element5.Square(); element2 = element2.Square().Add(element6.Multiply(b)); element5 = element6.Add(beta); } if (!element5.IsZero) { return(null); } }while (element2.Square().Add(element2).IsZero); return(element2); }
private static ECFieldElement SolveQuadraticEquation(ECCurve c, ECFieldElement rhs) { if (rhs.IsZero) { return(rhs); } ECFieldElement gamma, z, zeroElement = c.FromBigInteger(BigInteger.Zero); int m = c.FieldSize; do { ECFieldElement t = c.FromBigInteger(BigInteger.Arbitrary(m)); z = zeroElement; ECFieldElement w = rhs; for (int i = 1; i < m; i++) { ECFieldElement w2 = w.Square(); z = z.Square().Add(w2.Multiply(t)); w = w2.Add(rhs); } if (!w.IsZero) { return(null); } gamma = z.Square().Add(z); }while (gamma.IsZero); return(z); }
public override ECFieldElement Sqrt() { if (IsZero || IsOne) { return(this); } if (!q.TestBit(0)) { throw Platform.CreateNotImplementedException("even value of q"); } if (q.TestBit(1)) { BigInteger e = q.ShiftRight(2).Add(BigInteger.One); return(CheckSqrt(new FpFieldElement(q, r, this.x.ModPow(e, q)))); } if (q.TestBit(2)) { BigInteger bigInteger = this.x.ModPow(q.ShiftRight(3), q); BigInteger x = ModMult(bigInteger, this.x); BigInteger bigInteger2 = ModMult(x, bigInteger); if (bigInteger2.Equals(BigInteger.One)) { return(CheckSqrt(new FpFieldElement(q, r, x))); } BigInteger x2 = BigInteger.Two.ModPow(q.ShiftRight(2), q); BigInteger bigInteger3 = ModMult(x, x2); return(CheckSqrt(new FpFieldElement(q, r, bigInteger3))); } BigInteger bigInteger4 = q.ShiftRight(1); if (!this.x.ModPow(bigInteger4, q).Equals(BigInteger.One)) { return(null); } BigInteger bigInteger5 = this.x; BigInteger bigInteger6 = ModDouble(ModDouble(bigInteger5)); BigInteger k = bigInteger4.Add(BigInteger.One); BigInteger obj = q.Subtract(BigInteger.One); while (true) { BigInteger bigInteger7 = BigInteger.Arbitrary(q.BitLength); if (bigInteger7.CompareTo(q) < 0 && ModReduce(bigInteger7.Multiply(bigInteger7).Subtract(bigInteger6)).ModPow(bigInteger4, q).Equals(obj)) { BigInteger[] array = LucasSequence(bigInteger7, bigInteger5, k); BigInteger bigInteger8 = array[0]; BigInteger bigInteger9 = array[1]; if (ModMult(bigInteger9, bigInteger9).Equals(bigInteger6)) { return(new FpFieldElement(q, r, ModHalfAbs(bigInteger9))); } if (!bigInteger8.Equals(BigInteger.One) && !bigInteger8.Equals(obj)) { break; } } } return(null); }
/** * Solves a quadratic equation <code>z<sup>2</sup> + z = beta</code>(X9.62 * D.1.6) The other solution is <code>z + 1</code>. * * @param beta * The value to solve the quadratic equation for. * @return the solution for <code>z<sup>2</sup> + z = beta</code> or * <code>null</code> if no solution exists. */ internal ECFieldElement SolveQuadraticEquation(ECFieldElement beta) { AbstractF2mFieldElement betaF2m = (AbstractF2mFieldElement)beta; bool fastTrace = betaF2m.HasFastTrace; if (fastTrace && 0 != betaF2m.Trace()) { return(null); } int m = FieldSize; // For odd m, use the half-trace if (0 != (m & 1)) { ECFieldElement r = betaF2m.HalfTrace(); if (fastTrace || r.Square().Add(r).Add(beta).IsZero) { return(r); } return(null); } if (beta.IsZero) { return(beta); } ECFieldElement gamma, z, zeroElement = FromBigInteger(BigInteger.Zero); do { ECFieldElement t = FromBigInteger(BigInteger.Arbitrary(m)); z = zeroElement; ECFieldElement w = beta; for (int i = 1; i < m; i++) { ECFieldElement w2 = w.Square(); z = z.Square().Add(w2.Multiply(t)); w = w2.Add(beta); } if (!w.IsZero) { return(null); } gamma = z.Square().Add(z); }while (gamma.IsZero); return(z); }
public void tt() { var p = new BigInteger("1df7c01a4554fd826c5eb26ed9946a07a8460a36605a26f947a9728db6e47b3132b3520927d7b4009e41bd3be74ed35ca97c5509474b13779f196e7a767402babb2e3e9fcfe60d79dd9db948b3662abdf87153c1206651cdaad3d76dc8abdd05b4a5cb157d15bc9f561a68f0fc4ac4bca0447c445c25904fd5ea2e7ab0fcfba0b4b129bb7fe7bd5a8527887a25195ab6c5cec449e2d24ca87babee526d2e120b672d3663905aa33ed34b73e08072bee519fb7d08514d2e2a012f94506765cc18c27206f0f540fae9203b56cdcc7645ac3d45520e4d2128a5f0b56053fa19188a775793886ea8bf86b8b726748ac9f1ae9610b3c046d229af799da1c059fd76edb", 16); var g = BigInteger.ValueOf(5); var a = BigInteger.Arbitrary(p.BitLength); var A = g.ModPow(a, p); var b = BigInteger.Arbitrary(p.BitLength); var B = g.ModPow(b, p); var kB = A.ModPow(b, p); var kA = B.ModPow(a, p); }
public void t() { var rnd = new RNGCryptoServiceProvider(); var q = BigInteger.ProbablePrime(2048, rnd); var p = BigInteger.Two.Multiply(q).Add(BigInteger.One); var g = BigInteger.ValueOf(5); var a = BigInteger.Arbitrary(q.BitLength); var A = g.ModPow(a, p); var b = BigInteger.Arbitrary(q.BitLength); var B = g.ModPow(b, p); var kB = A.ModPow(b, p); var kA = B.ModPow(a, p); }
/** * return a sqrt root - the routine verifies that the calculation * returns the right value - if none exists it returns null. */ public override ECFieldElement Sqrt() { if (IsZero || IsOne) { return(this); } if (!q.TestBit(0)) { throw Platform.CreateNotImplementedException("even value of q"); } if (q.TestBit(1)) // q == 4m + 3 { BigInteger e = q.ShiftRight(2).Add(BigInteger.One); return(CheckSqrt(new FpFieldElement(q, r, x.ModPow(e, q)))); } if (q.TestBit(2)) // q == 8m + 5 { BigInteger t1 = x.ModPow(q.ShiftRight(3), q); BigInteger t2 = ModMult(t1, x); BigInteger t3 = ModMult(t2, t1); if (t3.Equals(BigInteger.One)) { return(CheckSqrt(new FpFieldElement(q, r, t2))); } // TODO This is constant and could be precomputed BigInteger t4 = BigInteger.Two.ModPow(q.ShiftRight(2), q); BigInteger y = ModMult(t2, t4); return(CheckSqrt(new FpFieldElement(q, r, y))); } // q == 8m + 1 BigInteger legendreExponent = q.ShiftRight(1); if (!(x.ModPow(legendreExponent, q).Equals(BigInteger.One))) { return(null); } BigInteger X = this.x; BigInteger fourX = ModDouble(ModDouble(X));; BigInteger k = legendreExponent.Add(BigInteger.One), qMinusOne = q.Subtract(BigInteger.One); BigInteger U, V; do { BigInteger P; do { P = BigInteger.Arbitrary(q.BitLength); }while (P.CompareTo(q) >= 0 || !ModReduce(P.Multiply(P).Subtract(fourX)).ModPow(legendreExponent, q).Equals(qMinusOne)); BigInteger[] result = LucasSequence(P, X, k); U = result[0]; V = result[1]; if (ModMult(V, V).Equals(fourX)) { return(new FpFieldElement(q, r, ModHalfAbs(V))); } }while (U.Equals(BigInteger.One) || U.Equals(qMinusOne)); return(null); }
public Requester() { _k = new RandomDsaKCalculator(); _k.Init(BigInteger.Arbitrary(256), new SecureRandom()); }
public static byte[] GetPrivateKey() { return(BigInteger.Arbitrary(KeyBits).ToByteArray()); }