Release 0.4.2

lonkey · web-flow · commit 2eedc39d9d0a · 2021-07-23T14:11:29.000+02:00
* Add return value for ElGamal homomorphic multiplicative scheme

* Added bash/zsh to README.md

* ElGamal homomorphic multiplicative decryption with identical random value

* ElGamal baby-step giant-step
diff --git a/README.md b/README.md
@@ -31,6 +31,7 @@ Before you can start installing or using packages in your virtual environment yo
 
 | Command-line    | Script                                       |
 |-----------------|----------------------------------------------|
+| bash/zsh        | $ source &lt;venv&gt;/bin/activate           |
 | fish            | $ source &lt;venv&gt;/bin/activate.fish      |
 | csh/tcsh        | $ source &lt;venv&gt;/bin/activate.csh       |
 | PowerShell Core | $ &lt;venv&gt;/bin/Activate.ps1              |
diff --git a/cryptographic_functions/elgamal_calculations.py b/cryptographic_functions/elgamal_calculations.py
@@ -2,6 +2,7 @@
 
 from cryptographic_functions import modulo_inverse_multiplicative
 from cryptographic_functions import shared_functions
+from math import ceil, sqrt
 from tabulate import tabulate
 import random
 
@@ -297,6 +298,7 @@ def homomorphic_multiplicative_scheme(public_key, private_key, c_1, c_2, print_m
         f'<AUXILIARY 1>Achtung: Die Namen der Variablen können abweichen!</AUXILIARY 1>\n'
         f'm = {a_i} * {(b_1 * b_2) % p}\n'
         f'm = {m}', end='\n\n')
+    return m
 
 
 # ElGamal homomorphic multiplicative decryption
@@ -360,3 +362,115 @@ def homomorphic_multiplicative_decryption(public_key, private_key, m_1, c_1, c_2
         f'{m} = {m_1} * {m_2} mod {p}\n'
         f'{m} = {(m_1 * m_2) % p}', end='\n\n')
     return m_2
+
+
+# ElGamal homomorphic multiplicative decryption with identical random value
+def homomorphic_multiplicative_decryption_k(public_key, m_1, c_1, c_2, print_matrix=False,
+                                            print_linear_factorization=True):
+    print(tabulate([['Homomorphe multiplikative Entschlüsselung mit identischem Zufallswert']], tablefmt='fancy_grid'))
+
+    # Unpack the public key into its components
+    p, g, e = public_key
+
+    # Unpack both ciphertexts into its components
+    a_1, b_1 = c_1
+    a_2, b_2 = c_2
+
+    # Calculation of m_2 assuming that the random numbers of both ciphertexts are identical
+    b_1_i = modulo_inverse_multiplicative.mim(p, b_1, print_matrix, print_linear_factorization, 1)
+    m_2 = (b_1_i * b_2 * m_1) % p
+
+    # Calculation of m_1_i
+    m_1_i = modulo_inverse_multiplicative.mim(p, m_1, print_matrix, print_linear_factorization, 2)
+
+    # Calculation path output
+    print(
+        f'Gegeben sind K(pub) = {{p, g, e}} = {{{p}, {g}, {e}}} mit den Geheimtexten c_1 = {{a_1, b_1}} = '
+        f'{{{a_1}, {b_1}}} und c_2 = {{a_2, b_2}} = {{{a_2}, {b_2}}}. Ebenfalls bekannt ist der zu c_1 zugehörige '
+        f'Klartext m_1 = {m_1}. Unter Ausnutzung des Zugriffs auf die Verschlüsselungsfunktion mit einem identischen '
+        f'Zufallswert k für die Berechnung der Geheimtexte kann nun der Klartext m_2 des Geheimtextes c_2 ermittelt '
+        f'werden.', end='\n\n')
+    print(
+        f'Der zum Geheimtext c_2 gehörende Klartext m_2 ergibt sich aus:\n'
+        f'm_2 = b_1^-1 * b_2 * m_1 mod p\n'
+        f'<AUXILIARY 1>Achtung: Die Namen der Variablen können abweichen!</AUXILIARY 1>\n'
+        f'm_2 = {b_1_i} * {b_2} * {m_1} mod {p}\n'
+        f'm_2 = {b_1_i * b_2 * m_1} mod {p}\n'
+        f'm_2 = {m_2}', end='\n\n')
+    print(
+        f'Verifikation:\n'
+        f'b_1^-1 * b_2 = m_1^-1 * m_2 mod p\n'
+        f'<AUXILIARY 2>Achtung: Die Namen der Variablen können abweichen!</AUXILIARY 2>\n'
+        f'{b_1_i} * {b_2} = {m_1_i} * {m_2} mod {p}\n'
+        f'{(b_1_i * b_2) % p} = {(m_1_i * m_2) % p}', end='\n\n')
+    return m_2
+
+
+# ElGamal baby-step giant-step
+def bsgs(public_key, print_matrix=False, print_linear_factorization=True):
+    print(tabulate([['ElGamal Babystep-Giantstep-Algorithmus']], tablefmt='fancy_grid'))
+
+    # Unpack the public key into its components
+    p, g, e = public_key
+
+    # Print calculation message
+    print('Berechnung, bitte warten...', end='\r')
+
+    # Calculation of g_i
+    g_i = modulo_inverse_multiplicative.mim(p, g, print_matrix, print_linear_factorization, 1)
+
+    # Calculation of m
+    m = ceil(sqrt(p - 1))
+
+    # Calculation of g^{0...(m-1)} mod p (baby-step)
+    tab = {(g ** r) % p: r for r in range(m)}
+
+    # Calculation of y
+    y = (g ** (m * (p - 2))) % p
+
+    # Find match in table (giant-step)
+    for q in range(m):
+        z = (e * (y ** q)) % p
+        if z in tab:
+            d = q * m + tab[z]
+            break
+
+    # Removal of the calculation message
+    print(' ' * len('Berechnung, bitte warten...'), end='\r')
+
+    # The value of p must be identical in both keys
+    if not 'd' in locals():
+        print(f'Der zum öffentlichen Schlüssel K(pub) = {{p, g, e}} = {{{p}, {g}, {e}}} zugehörige private Schlüssel '
+              f'K(priv) = {{p, d}} konnte nicht mittels des Babystep-Giantstep-Algorithmus bestimmt werden.')
+        return -1
+
+    # Calculation path output
+    print(
+        f'Gegeben ist der öffentliche Schlüssel K(pub) = {{p, g, e}} = {{{p}, {g}, {e}}}. Unter Verwendung des'
+        f'Babystep-Giantstep-Algorithmus zur Berechnung des diskreten Logarithmus im endlichen Zahlenkörper wird '
+        f'nachfolgend der private Schlüssel K(priv) = {{p, d}} bestimmt.', end='\n\n')
+    print(
+        f'Zunächst ist die Menge der Paare M = {{(e * g^-r, r) | 0 ≤ r < m}} mod p zu bestimmen.\n'
+        f'm = ⌈√(p - 1)⌉\n'
+        f'm = ⌈√({p - 1})⌉\n'
+        f'm = ⌈{sqrt(p - 1)}⌉\n'
+        f'm = {m}', end='\n\n')
+    print(
+        f'Dabei ergibt sich die folgende Menge der Paare über (e * g^-r, r) mod p\n'
+        f'<AUXILIARY 1>Achtung: Die Namen der Variablen können abweichen!</AUXILIARY 1>\n'
+        f'({e} * {g}^-{0}, {0}) = ({e} * {g_i ** 0}, {0}) = ({(e * (g_i ** 0)) % p}, {0}) mod {p}\n'
+        f'[...]\n'
+        f'({e} * {g}^-{d - 1}, {d - 1}) = ({e} * ({g}^-1)^{d - 1}, {d - 1}) = ({e} * {g_i}^{d - 1}, {d - 1}) = '
+        f'({(e * (g_i ** (d - 1))) % p}, {d - 1}) mod {p}\n'
+        f'({e} * {g}^-{d}, {d}) = ({e} * ({g}^-1)^{d}, {d}) = ({e} * {g_i}^{d}, {d}) = ({(e * (g_i ** d)) % p}, {d}) '
+        f'mod {p}', end='\n\n')
+    print(
+        f'Dabei ist zu erkennen, dass das Paar ({(e * (g_i ** d)) % p}, {d}) die Lösung für den diskreten Logarithmus '
+        f'darstellt. Folglich entspricht der private Schlüssel K(priv) = {{p, d}} = {{{p}, {d}}}.', end='\n\n')
+    print(
+        f'Verifikation mit K(pub) = {{p, g, e}} = {{{p}, {g}, {e}}}:\n'
+        f'e = g^d mod p\n'
+        f'e = {g}^{d} mod {p}\n'
+        f'e = {(g ** d) % p}\n'
+        f'{e} = {(g ** d) % p}', end='\n\n')
+    return d
diff --git a/main.py b/main.py
@@ -116,6 +116,10 @@
     #                                                            elgamal_homomorphic_m_1, elgamal_homomorphic_c_1,
     #                                                            elgamal_homomorphic_c_2, print_matrix,
     #                                                            print_linear_factorization)
+    # elgamal_calculations.homomorphic_multiplicative_decryption_k(elgamal_public_key, elgamal_homomorphic_m_1,
+    #                                                              elgamal_homomorphic_c_1, elgamal_homomorphic_c_2,
+    #                                                              print_matrix, print_linear_factorization)
+    # elgamal_calculations.bsgs(elgamal_public_key, print_matrix, print_linear_factorization)
 
     #########################################
     # Fermat's factorization initial values #
