public void TestIsElementTrue() { var prime = BigPrime.CreateWithoutChecks(11); var field = new BigIntegerField(prime); Assert.IsTrue(field.IsElement(7)); }
public CurveGroupAlgebraTests() { curveEquationMock = new Mock <CurveEquation>( BigPrime.CreateWithoutChecks(23), BigInteger.Zero, BigInteger.One ) { CallBase = true }; curveParameters = new CurveParameters( curveEquation: curveEquationMock.Object, generator: TestCurveParameters.WeierstrassParameters.Generator, order: TestCurveParameters.WeierstrassParameters.Order, cofactor: TestCurveParameters.WeierstrassParameters.Cofactor ); largeCurveEquationMock = new Mock <CurveEquation>( BigPrime.CreateWithoutChecks(18392027), BigInteger.Zero, BigInteger.One ) { CallBase = true }; // 25 bits prime largeParameters = new CurveParameters( curveEquation: largeCurveEquationMock.Object, generator: new CurvePoint(), order: BigPrime.CreateWithoutChecks(2), cofactor: BigInteger.One ); }
public void TestIsElementFalse(int value) { var prime = BigPrime.CreateWithoutChecks(11); var field = new BigIntegerField(prime); Assert.IsFalse(field.IsElement(new BigInteger(value))); }
public void TestIsSafeElementForNeutralElementCofactorOne() { var groupAlgebra = new MultiplicativeGroupAlgebra(BigPrime.CreateWithoutChecks(11), BigPrime.CreateWithoutChecks(10), 2); Assert.That(groupAlgebra.IsPotentialElement(groupAlgebra.NeutralElement)); Assert.That(!groupAlgebra.IsSafeElement(groupAlgebra.NeutralElement)); }
public void TestConstructor() { var prime = BigPrime.CreateWithoutChecks(11); var field = new BigIntegerField(prime); Assert.AreEqual(prime, field.Modulo); Assert.AreEqual(1, field.ElementByteLength); }
public CurveParametersTests() { equationMock = new Mock <CurveEquation>( BigPrime.CreateWithoutChecks(11), new BigInteger(2), new BigInteger(-3) ); }
public void SetUpAlgebra() { groupAlgebra = new MultiplicativeGroupAlgebra( prime: BigPrime.CreateWithoutChecks(23), order: BigPrime.CreateWithoutChecks(11), generator: 2 ); }
/// <summary> /// Creates a <see cref="CryptoGroup{SecureBigNumber, BigNumber}" /> instance using a <see cref="MultiplicativeGroupAlgebra" /> /// instance with the given parameters. /// </summary> /// <param name="prime">The prime modulo of the group.</param> /// <param name="order">The order of the group</param> /// <param name="generator">The generator of the group.</param> public static CryptoGroup <SecureBigNumber, BigNumber> CreateCryptoGroup( BigPrime prime, BigPrime order, BigInteger generator ) { return(new CryptoGroup <SecureBigNumber, BigNumber>(new MultiplicativeGroupAlgebra( prime, order, generator ))); }
public void SetUpAlgebra() { groupAlgebra = new MultiplicativeGroupAlgebra( prime: BigPrime.CreateWithoutChecks(23), order: BigPrime.CreateWithoutChecks(11), generator: 2 ); // group elements: 1, 2, 3, 4, 6, 8, 9, 12, 13, 16, 18 }
public void TestEqualsFalseForOtherAlgebra() { var curve = TestCurveParameters.WeierstrassParameters.Equation; var otherCurve = new WeierstrassCurveEquation(prime: BigPrime.CreateWithoutChecks(11), 0, 0); bool result = curve.Equals(otherCurve); Assert.IsFalse(result); }
public void TestPowRejectsNegativeExponent() { var prime = BigPrime.CreateWithoutChecks(11); var field = new BigIntegerField(prime); Assert.Throws <ArgumentException>( () => field.Pow(5, -1) ); }
public void TestComputeSecurityLevel() { var mod = BigPrime.CreateWithoutChecks(BigInteger.One << 2047); Assert.AreEqual(115, MultiplicativeGroupAlgebra.ComputeSecurityLevel(mod, mod)); var smallOrder = BigPrime.CreateWithoutChecks(new BigInteger(4)); Assert.AreEqual(2 * NumberLength.GetLength(smallOrder).InBits, MultiplicativeGroupAlgebra.ComputeSecurityLevel(mod, smallOrder)); }
public void TestSquare() { var prime = BigPrime.CreateWithoutChecks(11); var field = new BigIntegerField(prime); var result = field.Square(5); var expected = new BigInteger(3); Assert.AreEqual(expected, result); }
public void TestMod(int value, int expectedRaw) { var prime = BigPrime.CreateWithoutChecks(11); var field = new BigIntegerField(prime); var result = field.Mod(value); var expected = new BigInteger(expectedRaw); Assert.AreEqual(expected, result); }
public void TestModReciprocal() { var numberRaw = 7652; var modulo = BigPrime.CreateWithoutChecks(89237); var number = new BigNumber(numberRaw); var expected = number.ModExp(new BigNumber(modulo - 2), new BigNumber(modulo)); var result = number.ModReciprocal(new BigNumber(modulo)); Assert.That(result.Equals(expected)); }
public void TestEqualsFalseForOtherAlgebra() { var otherAlgebra = new MultiplicativeGroupAlgebra( BigPrime.CreateWithoutChecks(2 * 53 + 1), BigPrime.CreateWithoutChecks(53), 4 ); Assert.IsFalse(groupAlgebra !.Equals(otherAlgebra)); }
public void TestInvertMult() { var prime = BigPrime.CreateWithoutChecks(11); var field = new BigIntegerField(prime); var result = field.InvertMult(5); var expected = new BigInteger(9); Assert.AreEqual(expected, result); Assert.AreEqual(BigInteger.One, field.Mod(result * 5)); }
public void TestEqualsIsFalseForUnrelatedObject() { var order = BigPrime.CreateWithoutChecks(7); var cofactor = new BigInteger(2); var generator = CurvePoint.PointAtInfinity; CurveParameters parameters = new CurveParameters( equationMock.Object, generator, order, cofactor ); Assert.AreNotEqual(parameters, new object()); }
/// <summary> /// Initializes a new instance of the <see cref="CurveParameters"/> struct /// with the given values. /// </summary> /// <returns><see cref="CurveParameters"/> instance with the given /// parameters.</returns> /// <param name="curveEquation">The <see cref="CurveEquation"/> describing the curve.</param> /// <param name="generator">Curve generator point.</param> /// <param name="order">Generator order.</param> /// <param name="cofactor">Curve cofactor.</param> public CurveParameters( CurveEquation curveEquation, CurvePoint generator, BigPrime order, BigInteger cofactor ) { Equation = curveEquation; Generator = generator; Order = order; Cofactor = cofactor; }
public XOnlyMontgomeryCurveAlgebraTests() { largeParameters = new CurveParameters( curveEquation: new MontgomeryCurveEquation( prime: BigPrime.CreateWithoutChecks(18392027), // 25 bits a: 0, b: 0 ), generator: CurvePoint.PointAtInfinity, order: BigPrime.CreateWithoutChecks(3), cofactor: 1 ); }
public void TestEqualsFalseForUnrelatedObject() { var equationMock = new Mock <CurveEquation>( BigPrime.CreateWithoutChecks(23), BigInteger.Zero, BigInteger.One ) { CallBase = true }; Assert.IsFalse(equationMock.Object.Equals(new object())); }
public void TestComputePrimeLengthForSecurityLevel() { // dominated by NFS var l = MultiplicativeGroupAlgebra.ComputePrimeLengthForSecurityLevel(100); var p = BigPrime.CreateWithoutChecks(BigInteger.One << (l.InBits - 1)); var s = MultiplicativeGroupAlgebra.ComputeSecurityLevel(p, p); Assert.AreEqual(100, s); // dominated by Pollard Rho l = MultiplicativeGroupAlgebra.ComputePrimeLengthForSecurityLevel(1); Assert.AreEqual(2, l.InBits); }
public void TestProperties() { var generator = new BigInteger(2); var neutralElement = BigInteger.One; var modulo = BigPrime.CreateWithoutChecks(23); var order = BigPrime.CreateWithoutChecks(11); var cofactor = new BigInteger(2); Assert.AreEqual(neutralElement, groupAlgebra !.NeutralElement, "verifying neutral element"); Assert.AreEqual(generator, groupAlgebra !.Generator, "verifying generator"); Assert.AreEqual(order, groupAlgebra !.Order, "verifying order"); Assert.AreEqual(modulo, groupAlgebra !.Prime, "verifying modulo"); Assert.AreEqual(cofactor, groupAlgebra !.Cofactor, "verifying cofactor"); }
public void TestEqualsIsTrueForEqualObjects() { var order = BigPrime.CreateWithoutChecks(7); var cofactor = new BigInteger(2); var generator = CurvePoint.PointAtInfinity; CurveParameters parameters = new CurveParameters( equationMock.Object, generator, order, cofactor ); CurveParameters otherParameters = new CurveParameters( equationMock.Object, generator, order, cofactor ); Assert.AreEqual(parameters, otherParameters); }
public void TestAreNegationsTrueForPointAtInfinity() { var equation = new Mock <CurveEquation>( BigPrime.CreateWithoutChecks(23), BigInteger.Zero, BigInteger.One ) { CallBase = true }; var testElement = CurvePoint.PointAtInfinity; var otherElement = testElement.Clone(); Assert.IsTrue(equation.Object.AreNegations(testElement, otherElement)); }
public void TestAreNegationsTrueForNegation() { var equation = new Mock <CurveEquation>( BigPrime.CreateWithoutChecks(23), BigInteger.Zero, BigInteger.One ) { CallBase = true }; var testElement = new CurvePoint(5, 5); var otherElement = equation.Object.Negate(testElement); Assert.IsTrue(equation.Object.AreNegations(testElement, otherElement)); }
public static void Main(string[] args) { // Instantiating a strong random number generator RandomNumberGenerator randomNumberGenerator = RandomNumberGenerator.Create(); // Choosing parameters for multiplicative group // order 11 subgroup with generator 4 of characteristic 23 multiplicative group BigPrime prime = BigPrime.Create(23, randomNumberGenerator); BigPrime order = BigPrime.Create(11, randomNumberGenerator); BigInteger generator = 4; // Creating the group instance var group = MultiplicativeGroupAlgebra.CreateCryptoGroup(prime, order, generator); DoDiffieHellman(group, randomNumberGenerator); }
/// <summary> /// Initializes a new instance of the <see cref="MultiplicativeGroupAlgebra"/> class /// given the group's parameters. /// </summary> /// <param name="prime">The prime modulo of the group.</param> /// <param name="order">The order of the group.</param> /// <param name="generator">The generator of the group.</param> public MultiplicativeGroupAlgebra(BigPrime prime, BigPrime order, BigInteger generator) : base( generator, order, (prime - 1) / order, BigInteger.One, NumberLength.GetLength(prime).InBits ) { Prime = prime; if (!IsSafeElement(generator)) { throw new ArgumentException("The generator must be an element of the group.", nameof(generator)); } SecurityLevel = ComputeSecurityLevel(prime, order); }
public void TestNegateForPointAtInfinity() { var equation = new Mock <CurveEquation>( BigPrime.CreateWithoutChecks(23), BigInteger.Zero, BigInteger.One ) { CallBase = true }; var testElement = CurvePoint.PointAtInfinity; var expected = CurvePoint.PointAtInfinity; var result = equation.Object.Negate(testElement); Assert.AreEqual(expected, result); }
/// <summary> /// Computes the security level of the multiplicative group. /// /// The security level is determined as the minimum of the respective /// security levels granted by the <paramref name="prime"/> modulus of /// the group and the <paramref name="order"/>. /// /// The first is estimated from the cost of computing the discrete logarithm (cf. [1]) /// using the number field sieve, the second results from Pollard's Rho algorithm /// for discrete logarithms [2]. /// /// [1]: D. Gordon: Discrete Logarithms in GF(P) Using the Number Field Sieve, https://doi.org/10.1137/0406010 /// [2]: J. Pollard: Monte Carlo Methods For Index Computation (mod p), https://doi.org/10.1090/S0025-5718-1978-0491431-9 /// </summary> /// <param name="prime">The prime modulo of the group.</param> /// <param name="order">The order of the group.</param> /// <returns>The security level (in bits).</returns> public static int ComputeSecurityLevel(BigPrime prime, BigPrime order) { // number field sieve strength int primeBits = NumberLength.GetLength(prime).InBits; double natLogPrime = Math.Log(2) * primeBits; double sieveConstant = 1.9; // note(lumip): references give ~1.91+o(1); using 1.9 for a tiny bit of slack // (cf.L. Grémy, Sieve Algorithms for the Discrete Logarithm in Medium Characteristic Finite Fields, // https://tel.archives-ouvertes.fr/tel-01647623/document ) double natLogSieveLevel = sieveConstant * Math.Pow(natLogPrime, 1.0 / 3.0) * Math.Pow(Math.Log(natLogPrime), 2.0 / 3.0); int sieveLevel = (int)(natLogSieveLevel / Math.Log(2)); // pollard rho strength int rhoLevel = NumberLength.GetLength(order).InBits * 2; return(Math.Min(sieveLevel, rhoLevel)); }