Example 11 with GF2Vector
use of com.github.zhenwei.core.pqc.math.linearalgebra.GF2Vector in project LinLong-Java by zhenwei1108.
the class McEliecePointchevalCipher method messageDecrypt.
public byte[] messageDecrypt(byte[] input) throws InvalidCipherTextException {
if (forEncryption) {
throw new IllegalStateException("cipher initialised for decryption");
}
int c1Len = (n + 7) >> 3;
int c2Len = input.length - c1Len;
// split cipher text (c1||c2)
byte[][] c1c2 = ByteUtils.split(input, c1Len);
byte[] c1 = c1c2[0];
byte[] c2 = c1c2[1];
// decrypt c1 ...
GF2Vector c1Vec = GF2Vector.OS2VP(n, c1);
GF2Vector[] c1Dec = McElieceCCA2Primitives.decryptionPrimitive((McElieceCCA2PrivateKeyParameters) key, c1Vec);
byte[] rPrimeBytes = c1Dec[0].getEncoded();
// ... and obtain error vector z
GF2Vector z = c1Dec[1];
// get PRNG object
DigestRandomGenerator sr0 = new DigestRandomGenerator(new SHA1Digest());
// seed PRNG with r'
sr0.addSeedMaterial(rPrimeBytes);
// generate random sequence
byte[] mrBytes = new byte[c2Len];
sr0.nextBytes(mrBytes);
// XOR with c2 to obtain (m||r)
for (int i = 0; i < c2Len; i++) {
mrBytes[i] ^= c2[i];
}
// compute H(m||r)
messDigest.update(mrBytes, 0, mrBytes.length);
byte[] hmr = new byte[messDigest.getDigestSize()];
messDigest.doFinal(hmr, 0);
// compute Conv(H(m||r))
c1Vec = Conversions.encode(n, t, hmr);
// check that Conv(H(m||r)) = z
if (!c1Vec.equals(z)) {
throw new InvalidCipherTextException("Bad Padding: Invalid ciphertext.");
}
// split (m||r) to obtain m
int kDiv8 = k >> 3;
byte[][] mr = ByteUtils.split(mrBytes, c2Len - kDiv8);
// return plain text m
return mr[0];
}
Also used :
InvalidCipherTextException(com.github.zhenwei.core.crypto.InvalidCipherTextException)
GF2Vector(com.github.zhenwei.core.pqc.math.linearalgebra.GF2Vector)
SHA1Digest(com.github.zhenwei.core.crypto.digests.SHA1Digest)
DigestRandomGenerator(com.github.zhenwei.core.crypto.prng.DigestRandomGenerator)
Example 12 with GF2Vector
use of com.github.zhenwei.core.pqc.math.linearalgebra.GF2Vector in project LinLong-Java by zhenwei1108.
the class McElieceCCA2Primitives method encryptionPrimitive.
/**
* The McEliece encryption primitive.
*
* @param pubKey the public key
* @param m the message vector
* @param z the error vector
* @return <tt>m*G + z</tt>
*/
public static GF2Vector encryptionPrimitive(McElieceCCA2PublicKeyParameters pubKey, GF2Vector m, GF2Vector z) {
GF2Matrix matrixG = pubKey.getG();
Vector mG = matrixG.leftMultiplyLeftCompactForm(m);
return (GF2Vector) mG.add(z);
}Example 13 with GF2Vector
use of com.github.zhenwei.core.pqc.math.linearalgebra.GF2Vector in project LinLong-Java by zhenwei1108.
the class McElieceCipher method messageEncrypt.
/**
* Encrypt a plain text.
*
* @param input the plain text
* @return the cipher text
*/
public byte[] messageEncrypt(byte[] input) {
if (!forEncryption) {
throw new IllegalStateException("cipher initialised for decryption");
}
GF2Vector m = computeMessageRepresentative(input);
GF2Vector z = new GF2Vector(n, t, sr);
GF2Matrix g = ((McEliecePublicKeyParameters) key).getG();
Vector mG = g.leftMultiply(m);
GF2Vector mGZ = (GF2Vector) mG.add(z);
return mGZ.getEncoded();
}Example 14 with GF2Vector
use of com.github.zhenwei.core.pqc.math.linearalgebra.GF2Vector in project LinLong-Java by zhenwei1108.
the class McElieceKobaraImaiCipher method messageEncrypt.
public byte[] messageEncrypt(byte[] input) {
if (!forEncryption) {
throw new IllegalStateException("cipher initialised for decryption");
}
int c2Len = messDigest.getDigestSize();
int c4Len = k >> 3;
int c5Len = (IntegerFunctions.binomial(n, t).bitLength() - 1) >> 3;
int mLen = c4Len + c5Len - c2Len - PUBLIC_CONSTANT.length;
if (input.length > mLen) {
mLen = input.length;
}
int c1Len = mLen + PUBLIC_CONSTANT.length;
int c6Len = c1Len + c2Len - c4Len - c5Len;
// compute (m||const)
byte[] mConst = new byte[c1Len];
System.arraycopy(input, 0, mConst, 0, input.length);
System.arraycopy(PUBLIC_CONSTANT, 0, mConst, mLen, PUBLIC_CONSTANT.length);
// generate random r of length c2Len bytes
byte[] r = new byte[c2Len];
sr.nextBytes(r);
// get PRNG object
// get PRNG object
DigestRandomGenerator sr0 = new DigestRandomGenerator(new SHA1Digest());
// seed PRNG with r'
sr0.addSeedMaterial(r);
// generate random sequence ...
byte[] c1 = new byte[c1Len];
sr0.nextBytes(c1);
// ... and XOR with (m||const) to obtain c1
for (int i = c1Len - 1; i >= 0; i--) {
c1[i] ^= mConst[i];
}
// compute H(c1) ...
byte[] c2 = new byte[messDigest.getDigestSize()];
messDigest.update(c1, 0, c1.length);
messDigest.doFinal(c2, 0);
// ... and XOR with r
for (int i = c2Len - 1; i >= 0; i--) {
c2[i] ^= r[i];
}
// compute (c2||c1)
byte[] c2c1 = ByteUtils.concatenate(c2, c1);
// split (c2||c1) into (c6||c5||c4), where c4Len is k/8 bytes, c5Len is
// floor[log(n|t)]/8 bytes, and c6Len is c1Len+c2Len-c4Len-c5Len (may be
// 0).
byte[] c6 = new byte[0];
if (c6Len > 0) {
c6 = new byte[c6Len];
System.arraycopy(c2c1, 0, c6, 0, c6Len);
}
byte[] c5 = new byte[c5Len];
System.arraycopy(c2c1, c6Len, c5, 0, c5Len);
byte[] c4 = new byte[c4Len];
System.arraycopy(c2c1, c6Len + c5Len, c4, 0, c4Len);
// convert c4 to vector over GF(2)
GF2Vector c4Vec = GF2Vector.OS2VP(k, c4);
// convert c5 to error vector z
GF2Vector z = Conversions.encode(n, t, c5);
// compute encC4 = E(c4, z)
byte[] encC4 = McElieceCCA2Primitives.encryptionPrimitive((McElieceCCA2PublicKeyParameters) key, c4Vec, z).getEncoded();
// if c6Len > 0
if (c6Len > 0) {
// return (c6||encC4)
return ByteUtils.concatenate(c6, encC4);
}
// else, return encC4
return encC4;
}
Also used :
GF2Vector(com.github.zhenwei.core.pqc.math.linearalgebra.GF2Vector)
SHA1Digest(com.github.zhenwei.core.crypto.digests.SHA1Digest)
DigestRandomGenerator(com.github.zhenwei.core.crypto.prng.DigestRandomGenerator)
Example 15 with GF2Vector
use of com.github.zhenwei.core.pqc.math.linearalgebra.GF2Vector in project LinLong-Java by zhenwei1108.
the class McElieceCCA2Primitives method decryptionPrimitive.
public static GF2Vector[] decryptionPrimitive(McElieceCCA2PrivateKeyParameters privKey, GF2Vector c) {
// obtain values from private key
int k = privKey.getK();
Permutation p = privKey.getP();
GF2mField field = privKey.getField();
PolynomialGF2mSmallM gp = privKey.getGoppaPoly();
GF2Matrix h = privKey.getH();
PolynomialGF2mSmallM[] q = privKey.getQInv();
// compute inverse permutation P^-1
Permutation pInv = p.computeInverse();
// multiply c with permutation P^-1
GF2Vector cPInv = (GF2Vector) c.multiply(pInv);
// compute syndrome of cP^-1
GF2Vector syndVec = (GF2Vector) h.rightMultiply(cPInv);
// decode syndrome
GF2Vector errors = GoppaCode.syndromeDecode(syndVec, field, gp, q);
GF2Vector mG = (GF2Vector) cPInv.add(errors);
// multiply codeword and error vector with P
mG = (GF2Vector) mG.multiply(p);
errors = (GF2Vector) errors.multiply(p);
// extract plaintext vector (last k columns of mG)
GF2Vector m = mG.extractRightVector(k);
// return vectors
return new GF2Vector[] { m, errors };
}
Also used :
GF2mField(com.github.zhenwei.core.pqc.math.linearalgebra.GF2mField)
PolynomialGF2mSmallM(com.github.zhenwei.core.pqc.math.linearalgebra.PolynomialGF2mSmallM)
GF2Matrix(com.github.zhenwei.core.pqc.math.linearalgebra.GF2Matrix)
Permutation(com.github.zhenwei.core.pqc.math.linearalgebra.Permutation)
GF2Vector(com.github.zhenwei.core.pqc.math.linearalgebra.GF2Vector)
Aggregations
GF2Vector (com.github.zhenwei.core.pqc.math.linearalgebra.GF2Vector)15
GF2Matrix (com.github.zhenwei.core.pqc.math.linearalgebra.GF2Matrix)8
SHA1Digest (com.github.zhenwei.core.crypto.digests.SHA1Digest)6
DigestRandomGenerator (com.github.zhenwei.core.crypto.prng.DigestRandomGenerator)6
GF2mField (com.github.zhenwei.core.pqc.math.linearalgebra.GF2mField)4
Permutation (com.github.zhenwei.core.pqc.math.linearalgebra.Permutation)4
PolynomialGF2mSmallM (com.github.zhenwei.core.pqc.math.linearalgebra.PolynomialGF2mSmallM)4
Vector (com.github.zhenwei.core.pqc.math.linearalgebra.Vector)4
InvalidCipherTextException (com.github.zhenwei.core.crypto.InvalidCipherTextException)3
BigInteger (java.math.BigInteger)1
