_sb_ Posted August 22, 2010 Share Posted August 22, 2010 Hello people i am using miracl and i was trying to implement a *SECURE*`elliptic curve standard. So my parameters should be valid. The curve details is: : type binary over 2^n : curve name: SECT-193R2 curve parameters: a: 0163F35A5137C2CE3EA6ED8667190B0BC43ECD69977702709B b: 00C9BB9E8927D4D64C377E2AB2856A5B16E3EFB7F61D4316AE n: 010000000000000000000000015AAB561B005413CCD4EE99D5 q: 02000000000000000000000000000000000000000000008001 Base point: x: 00D9B67D192E0367C803F39E1A7E82CA14A651350AAE617E8F y: 01CE94335607C304AC29E7DEFBD9CA01F596F927224CDECF6C The problem resides in the public point (x,y) are not getting accepted by miracl as members of the current curve i did the math myself and the equation wont match (y^2+x*y=x^3+a*x^2+b over q and q has the representation in pentomial basis as 193,14,13,13 because 2^193+2^14+2^13+2^13 is equal to q). actually this does not fits in numerical integer maths. Anyways the implementation in c++ is here like this: int i=0; int m193=193; int a14=14; int b13=13; int c13=13; miracl *mip; big a, b, p, n, x, d, k, r, s, h,y,y_1; epoint *G; TCHAR name[MAX_NAME]; TCHAR serial[MAX_SERIAL]; TCHAR temp[60]; TCHAR decoded[MAX_SERIAL]; BYTE digest[20]; sha sh; if(GetDlgItemText(hwnd,IDC_NAME,name,MAX_NAME)<MIN_NAME) { SetDlgItemText(hwnd, IDC_SERIAL,"your name is too short"); } else { RtlZeroMemory(temp,60); lstrcat(temp,hardcode); lstrcat(temp,name); lstrcpy(name,temp); RtlZeroMemory(temp,60); mip = mirsys(50, 0); G = epoint_init(); memset(serial,0,MAX_SERIAL); mip->IOBASE = 16; a = mirvar(0); b = mirvar(0); p = mirvar(0); n = mirvar(0); y = mirvar(0); x = mirvar(0); d = mirvar(0); k = mirvar(0); r = mirvar(0); s = mirvar(0); h = mirvar(0); y_1 = mirvar(0); cinstr(y_1, "01CE94335607C304AC29E7DEFBD9CA01F596F927224CDECF6C"); cinstr(x, "00D9B67D192E0367C803F39E1A7E82CA14A651350AAE617E8F"); cinstr(p, "AEBF94CEE3E707"); cinstr(n, "010000000000000000000000015AAB561B005413CCD4EE99D5"); cinstr(d, "5445414D584FDA8E91");//gerada cinstr(a, "0163F35A5137C2CE3EA6ED8667190B0BC43ECD69977702709B"); cinstr(b, "00C9BB9E8927D4D64C377E2AB2856A5B16E3EFB7F61D4316AE"); //ecurve_init(a, b, p, MR_AFFINE); //2^193 + 2^14 + 2^13 + 2^13 + 2^0 for pentominal ecurve2_init(m193,a14,b13,c13,a,b,FALSE,MR_AFFINE); epoint2_set(x, y_1, 0, G); the problem is that when debugged epoint2_set returns al=00 wich is the isomrf boolean for FALSE - in other words he says that (x,y_1) does not belongs to the curve (how come? it should be a member of the active curve), and any math i'll do with it will be purely fake and return allways zero. anyways this is just a portion of my code if you think that i screwed up somewhere on my code here it is the full picture: ocde_ecc parameters ec2n a: 0163F35A5137C2CE3EA6ED8667190B0BC43ECD69977702709B b: 00C9BB9E8927D4D64C377E2AB2856A5B16E3EFB7F61D4316AE n: 010000000000000000000000015AAB561B005413CCD4EE99D5 p: 02000000000000000000000000000000000000000000008001 x: 00D9B67D192E0367C803F39E1A7E82CA14A651350AAE617E8F y: 01CE94335607C304AC29E7DEFBD9CA01F596F927224CDECF6C the public ec2n point: 9F 9E 72 DA 67 0D 16 62 85 94 79 9A DE 8B 32 33 AE 36 C2 36 48 CB 63 8D 01 needs reversing for both 25 2F 04 D6 35 5C A5 F5 1A 60 A5 46 06 F5 B5 2B 5C F9 F6 B5 9B EB 51 32 reversed_public_ec2n_point: 018D63CB4836C236AE33328BDE9A79948562160D67DA729E9F ;Qax 3251EB9BB5F6F95C2BB5F50646A5601AF5A55C35D6042F25 ; Qay */ #include "all.h" #include "miracl.h" DWORD WINAPI GenererSerial(HWND hwnd) { int i=0; int m193=193; int a14=14; int b13=13; int c13=13; miracl *mip; big a, b, p, n, x, d, k, r, s, h,y,y_1; epoint *G; TCHAR name[MAX_NAME]; TCHAR serial[MAX_SERIAL]; TCHAR temp[60]; TCHAR decoded[MAX_SERIAL]; BYTE digest[20]; sha sh; if(GetDlgItemText(hwnd,IDC_NAME,name,MAX_NAME)<MIN_NAME) { SetDlgItemText(hwnd, IDC_SERIAL,"your name is too short"); } else { RtlZeroMemory(temp,60); lstrcat(temp,hardcode); lstrcat(temp,name); lstrcpy(name,temp); RtlZeroMemory(temp,60); mip = mirsys(50, 0); G = epoint_init(); memset(serial,0,MAX_SERIAL); mip->IOBASE = 16; a = mirvar(0); b = mirvar(0); p = mirvar(0); n = mirvar(0); y = mirvar(0); x = mirvar(0); d = mirvar(0); k = mirvar(0); r = mirvar(0); s = mirvar(0); h = mirvar(0); y_1 = mirvar(0); cinstr(y_1, "01CE94335607C304AC29E7DEFBD9CA01F596F927224CDECF6C"); cinstr(x, "00D9B67D192E0367C803F39E1A7E82CA14A651350AAE617E8F"); cinstr(p, "AEBF94CEE3E707"); cinstr(n, "010000000000000000000000015AAB561B005413CCD4EE99D5"); cinstr(d, "5445414D584FDA8E91");//gerada cinstr(a, "0163F35A5137C2CE3EA6ED8667190B0BC43ECD69977702709B"); cinstr(b, "00C9BB9E8927D4D64C377E2AB2856A5B16E3EFB7F61D4316AE"); //ecurve_init(a, b, p, MR_AFFINE); //2^193 + 2^14 + 2^13 + 2^13 + 2^0 for pentominal ecurve2_init(m193,a14,b13,c13,a,b,FALSE,MR_AFFINE); epoint2_set(x, y_1, 0, G); irand(GetTickCount()); do { bigrand(n, k); } while(egcd(k, n, s) != 1); ecurve2_mult(k, G, G); epoint2_get(G, r, r); xgcd(k, n, k, k, k); shs_init(&sh); i = 0; while (name != 0) { shs_process(&sh, name); i++; } shs_hash(&sh, digest); bytes_to_big(20, digest, h); mad(d, r, h, n, n, s); mad(k, s, s, n, n, s); RtlZeroMemory(decoded,MAX_SERIAL); //cotstr(r, serial); //strcat(serial, "-"); //cotstr(s, temp); //strcat(serial, temp); __asm { //D599EED4 CC135400 1B56AB5A 01000000 00000000 00000000 01000000 MOV BYTE PTR dS:[serial],1 MOV DWORD PTR dS:[serial+1],0 MOV DWORD PTR dS:[serial+1+4],0 MOV DWORD PTR dS:[serial+1+4*2],01000000h MOV DWORD PTR dS:[serial+1+4*3],1B56AB5Ah MOV DWORD PTR dS:[serial+1+4*4],0CC135400h MOV DWORD PTR dS:[serial+1+4*5],22222222h XOR EAX,EAX XOR EBX,EBX XOR ECX,ECX decode: mov al, byte ptr ds:[serial+ecx] inc al and al, 0f0h sub al, 30h movsx eax, al shr al, 4 or al,30h mov byte ptr ds:[decoded+ecx*2+1],al mov al, byte ptr ds:[serial+ecx] inc al and al, 0fh or al,30h mov byte ptr ds:[decoded+ecx*2],al inc ecx cmp ecx, 19h jnz decode } cinstr(x, "00D9B67D192E0367C803F39E1A7E82CA14A651350AAE617E8F"); cinstr(y_1, "01CE94335607C304AC29E7DEFBD9CA01F596F927224CDECF6C"); epoint2_set(x, y_1, 0, G); ecurve2_mult(d, G, G); epoint2_get(G, x, y); cotstr(x, serial); strcat(serial, "-"); cotstr(y, temp); strcat(serial, temp); SetDlgItemText(hwnd, IDC_SERIAL,serial); epoint_free(G); mirkill(a); mirkill(; mirkill(p); mirkill(y_1); mirkill(n); mirkill(x); mirkill(d); mirkill(k); mirkillĀ®; mirkill(s); mirkill(y); mirkill(h); mirexit(); } return 0; } thanks in advance and sorry to disturb i just dont know what is happening there. sincerely team xo. Link to comment
qpt^J Posted August 22, 2010 Share Posted August 22, 2010 its because of you choosed bad polytry x^193+x^15+1, not sure though Link to comment
_sb_ Posted August 22, 2010 Author Share Posted August 22, 2010 2^193 + 2^15 + 1 == 2^193 + 2^14 + 2^13 + 2^13 + 1 (true)and miracl does not stand triominal representation. Link to comment
qpt^J Posted August 22, 2010 Share Posted August 22, 2010 (edited) i checked it with ECCTool, and the only good poly forBase point:x: 00D9B67D192E0367C803F39E1A7E82CA14A651350AAE617E8Fy: 01CE94335607C304AC29E7DEFBD9CA01F596F927224CDECF6Cis 2^193 + 2^15 + 1try other blgnumber libs, there are a lots of them in netBR, qpt Edited August 22, 2010 by qpt^J Link to comment
_sb_ Posted August 23, 2010 Author Share Posted August 23, 2010 it got solved with miracl, all it needed to be done would be: blabla_start_a_new_curve_over_2n(integer_m,integer_a,null,null,...i got this by inventing a litle but its ok now that it works fine, thank you for you nice efforts qpt^j may we see each other soon...sincerely,team xo Link to comment
qpt^J Posted August 23, 2010 Share Posted August 23, 2010 np at all if you have another question, just call me Link to comment
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now