mirror of
https://github.com/arnaucube/math.git
synced 2026-01-09 23:41:33 +01:00
Add Blind Sig over EC Sage impl
This commit is contained in:
87
blind-sign-over-ec.sage
Normal file
87
blind-sign-over-ec.sage
Normal file
@@ -0,0 +1,87 @@
|
||||
# Implementation of: https://sci-hub.se/10.1109/iccke.2013.6682844
|
||||
# more details at: https://arnaucube.com/blog/blind-signatures-ec.html#the-scheme
|
||||
# A Go implementation of this schema can be found at: https://github.com/arnaucube/go-blindsecp256k1
|
||||
|
||||
from hashlib import sha256
|
||||
|
||||
def hash(m):
|
||||
h_output = sha256(str(m).encode('utf-8'))
|
||||
return int(h_output.hexdigest(), 16)
|
||||
|
||||
|
||||
|
||||
class User:
|
||||
def __init__(self, F, G):
|
||||
self.F = F # Z_q
|
||||
self.G = G # elliptic curve generator
|
||||
|
||||
def blind_msg(self, m, R_):
|
||||
self.a = self.F.random_element()
|
||||
self.b = self.F.random_element()
|
||||
self.R = self.a * R_ + self.b * self.G
|
||||
m_ = self.F(self.a)^(-1) * self.F(self.R.xy()[0]) * self.F(hash(m))
|
||||
return m_
|
||||
|
||||
def unblind_sig(self, s_):
|
||||
s = self.a * s_ + self.b
|
||||
return (self.R, s)
|
||||
|
||||
|
||||
class Signer:
|
||||
def __init__(self, F, G):
|
||||
self.F = F # Z_q
|
||||
self.G = G # elliptic curve generator
|
||||
|
||||
# gen Signer's key pair
|
||||
self.d = self.F.random_element()
|
||||
self.Q = self.G * self.d
|
||||
|
||||
|
||||
def new_request_params(self):
|
||||
self.k = self.F.random_element()
|
||||
R_ = self.G * self.k
|
||||
return R_
|
||||
|
||||
def blind_sign(self, m_):
|
||||
return self.d * m_ + self.k
|
||||
|
||||
def verify(G, Q, sig, m):
|
||||
(R, s) = sig
|
||||
return s*G == R + (Fq(R.xy()[0]) * Fq(hash(m))) * Q
|
||||
|
||||
|
||||
|
||||
# ethereum elliptic curve
|
||||
p = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F
|
||||
a = 0
|
||||
b = 7
|
||||
F = GF(p)
|
||||
E = EllipticCurve(F, [a,b])
|
||||
GX = 0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798
|
||||
GY = 0x483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8
|
||||
g = E(GX,GY)
|
||||
n = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141
|
||||
q = g.order()
|
||||
assert is_prime(p)
|
||||
assert is_prime(q)
|
||||
Fq = GF(q)
|
||||
|
||||
|
||||
|
||||
# protocol flow:
|
||||
|
||||
user = User(Fq, g)
|
||||
signer = Signer(Fq, g)
|
||||
|
||||
R_ = signer.new_request_params()
|
||||
|
||||
m = 12345 # user's message
|
||||
m_ = user.blind_msg(m, R_)
|
||||
|
||||
s_ = signer.blind_sign(m_)
|
||||
|
||||
sig = user.unblind_sig(s_)
|
||||
|
||||
v = verify(g, signer.Q, sig, m)
|
||||
print(v)
|
||||
assert v
|
||||
Reference in New Issue
Block a user