asymmetric cryptography
asymm_crypt. 0.1 | 2307
graph LR;
subgraph Alice
seed((A seed
bytes/hex
));
seed-->privk(private key 
);
privk-->|DH or ECC|pubk[public key 
];
privk-->sig(signature
or encrypt
with shared key); pubk-.->verif(verification); msg(message
or hash_msg)-.->sig; msg-.->verif; sig-.->verif; end subgraph Bob seed2((B seed
bytes/hex));
seed2-->privk2(private key 
);
privk2-->|DH or ECC|pubk2[public key 
];
privk2-->sig2(signature
or encrypt
with shared key); pubk2-.->verif2(verification); msg2(message
or hash_msg)-.->sig2; msg2-.->verif2; sig2-.->verif2; end subgraph Shared secret privk-->sharedKA(shared secret
);
pubk2===>sharedKA;
privk2-->sharedKB(shared secret );
pubk-->sharedKB;
sharedKA-. is equal .-sharedKB;
end
sharedKA-..-sig2;
sharedKB-..-sig;
classDef plain fill:#ddd,stroke:#fff,stroke-width:3px,color:#000;
classDef k8s fill:#326ce5,stroke:#fff,stroke-width:3px,color:#fff;
classDef cluster fill:#333,stroke:#00ff00,stroke-width:2px,color:#00ff00;
classDef redB stroke:#f00,stroke-width:3px;
classDef oraB stroke:#f80,stroke-width:3px;
classDef bluB stroke:#00f,stroke-width:3px;
classDef greB stroke:#3f3,stroke-width:3px;
class service,pod1,pod2 k8s;
class client plain;
class cluster cluster;
class privk redB;
class privk2 oraB;
class pubk greB;
class pubk2 bluB;
class addr greB;
bytes/hex
));
seed-->privk(private key );
privk-->|DH or ECC|pubk[public key ];
privk-->sig(signatureor encrypt
with shared key); pubk-.->verif(verification); msg(message
or hash_msg)-.->sig; msg-.->verif; sig-.->verif; end subgraph Bob seed2((B seed
bytes/hex
));
seed2-->privk2(private key );
privk2-->|DH or ECC|pubk2[public key ];
privk2-->sig2(signatureor encrypt
with shared key); pubk2-.->verif2(verification); msg2(message
or hash_msg)-.->sig2; msg2-.->verif2; sig2-.->verif2; end subgraph Shared secret privk-->sharedKA(shared secret
);
pubk2===>sharedKA;
privk2-->sharedKB(shared secret );
pubk-->sharedKB;
sharedKA-. is equal .-sharedKB;
end
sharedKA-..-sig2;
sharedKB-..-sig;
classDef plain fill:#ddd,stroke:#fff,stroke-width:3px,color:#000;
classDef k8s fill:#326ce5,stroke:#fff,stroke-width:3px,color:#fff;
classDef cluster fill:#333,stroke:#00ff00,stroke-width:2px,color:#00ff00;
classDef redB stroke:#f00,stroke-width:3px;
classDef oraB stroke:#f80,stroke-width:3px;
classDef bluB stroke:#00f,stroke-width:3px;
classDef greB stroke:#3f3,stroke-width:3px;
class service,pod1,pod2 k8s;
class client plain;
class cluster cluster;
class privk redB;
class privk2 oraB;
class pubk greB;
class pubk2 bluB;
class addr greB;
Very simple Deffie-Hellman "MATH" generate_public_key pK pK = G ** sk % m -> gen (pk) from secret/private key (sk) A = G**a % m
generate_shared_secret S -> Alice: A: Hba = (Gb)a = Gba = S
BTC
:.:
...
very simple demonstration of Deffie-Hellman with small numbers
m = 17 # p
G = 2 # G
def dh(sk, g=G): # generate_public_key
pk = g ** sk % m
return pk
print("Alice")
a = 5
A = dh(a) = 2*2*2*2*2 / 17 = 32 (% 17) = 15
print("Bob")
b = 3
B = dh(b) = 2*2*2 % 17 = 8 (% 17) = 8
print("Confirm")
dh(a,B)
8**5 = 32768 (% 17) = 9
15**3 = 3375 (% 17) = 9
~ a*b == b*a
more advanced example with larger numbers
# Alice and Bob choose their private keys:
a = 555555555555
b = 333333333333
# Create an instance of the DiffieHellmanKeys class
dh_a = DiffieHellmanKeys()
dh_b = DiffieHellmanKeys()
print(dh_b)
print("--- Alice:")
alice_private_key = a
A = dh_a.generate_public_key(a) ->
A = alice_public_key = dh_a.generate_public_key(alice_private_key)
print("--- Bob:")
bob_private_key = b
B = dh_b.generate_public_key(b) ->
B = bob_public_key = dh_b.generate_public_key(bob_private_key)
shared_secret = dh_a.generate_shared_secret(alice_private_key, bob_public_key)
shared_secret_hex32 = dh_a.get_hex_shared32()
print("\n[ --- SIGN --- ]")
cbc_iv = bytes.fromhex("0c1e24e5917779d297e14d45f14e1a1a") # andreas
cbc_key = bytes.fromhex(shared_secret_hex32)
cbc = CBC_XOR(cbc_key, cbc_iv)
hash_message = sha256(message_plaintext_bytes).digest()
print("Encryption ->")
ciphertext = cbc.encrypt(hash_message)
print(f'Ciphertext: {ciphertext.hex()}')
print("\n[ --- VERIFY --- ]")
decrypted_hash = cbc.decrypt(ciphertext)
# Bob computes the hash of the original message
bob_computed_hash = sha256(message_plaintext_bytes).digest()
# Verification
if decrypted_hash == bob_computed_hash:
print("Verification successful: The decrypted hash matches the original hash.")
"""
[ --- KEY GENERATION --- ]
DiffieHellmanKeys/parameters
(g = 3, p = 170141183460469231731687303715884105727) # Mersenne prime M127=2**127-1
--- Alice:
Private key: 555555555555 | 0x8159b108e3
Public key: 0x236d61d241c8deec988b449371ef59fb :. 38
--- Bob:
Private key: 333333333333 | 0x4d9c370555
Public key: 0x20119b431bf77946dab17b2056cacf56 :. 38
6d299f5dae62c2e9c9f2806ae9ab66cc (32)
[ --- SIGN --- ]
message_plaintext_bytes: b'a short text for signing and subsequent verification | Agama 123'
cbc_key: 6d299f5dae62c2e9c9f2806ae9ab66cc :.. 32
cbc_iv_: 0c1e24e5917779d297e14d45f14e1a1a
cbc_block_size: 16
Encryption ->
Ciphertext: 85f4c1e6017c5ae53accb79a97379a2e094668dff975431b7a777be4d1a1c200747fe792470791e2a395eb9e281ab4dc
[ --- VERIFY --- ]
Verification successful: The decrypted hash matches the original hash.
Hash: e4c37a5e3e69e1de64df7ab58fd2e6f8e19b3664566bdb1789494c14af3d3ee2 :. 64
"""
simple_dh_keys.py |