changwu-tw/Sage.ECDSA.ipynb Secret

## Sage.ECDSA.ipynb
{
 "cells": [
  {
   "cell_type": "code",
   "execution_count": 1,
   "metadata": {},
   "outputs": [
    {
     "name": "stdout",
     "output_type": "stream",
     "text": [
      "2.7.15 (default, Jul 10 2018, 10:33:10) \n",
      "[GCC 7.2.0]\n"
     ]
    }
   ],
   "source": [
    "import sys\n",
    "print(sys.version)"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": 2,
   "metadata": {},
   "outputs": [
    {
     "data": {
      "text/plain": [
       "True"
      ]
     },
     "execution_count": 2,
     "metadata": {},
     "output_type": "execute_result"
    }
   ],
   "source": [
    "# https://github.com/TheBlueMatt/bitcoinninja/blob/master/secp256k1.ecdsa.sage\n",
    "# Parameters for secp256k1\n",
    "# https://en.bitcoin.it/wiki/Secp256k1\n",
    "F = FiniteField(0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F)\n",
    "C = EllipticCurve([F(0), F(7)])                                # y^2=x^3+ax+b\n",
    "G = C.lift_x(0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798)\n",
    "N = FiniteField(C.order())                                     # how many points on the curve\n",
    "\n",
    "# primitive\n",
    "d = int(F.random_element())                                    # privkey\n",
    "pd = G*d                                                       # pubkey\n",
    "e = int(''.join(i.encode('hex') for i in 'hello'), 16)         # message('hello')\n",
    "\n",
    "# sign\n",
    "k = N.random_element()                                         # nonce\n",
    "r = (int(k)*G).xy()[0]                                         # r = kG.x\n",
    "s = (1/k)*(e+N(r)*d)                                           # s = k^-1(e+dr)\n",
    "\n",
    "# verify\n",
    "w = 1/N(s)                                                     # w = s^-1\n",
    "r == (int(w*e)*G + int(N(r)*w)*pd).xy()[0]                     # r == (we*G+wr*pd).x"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": 3,
   "metadata": {},
   "outputs": [
    {
     "data": {
      "text/plain": [
       "True"
      ]
     },
     "execution_count": 3,
     "metadata": {},
     "output_type": "execute_result"
    }
   ],
   "source": [
    "from sage.rings.finite_rings.finite_field_constructor import is_PrimeFiniteField\n",
    "is_PrimeFiniteField(F)"
   ]
  }
 ],
 "metadata": {
  "kernelspec": {
   "display_name": "SageMath 8.3",
   "language": "",
   "name": "sagemath"
  },
  "language_info": {
   "codemirror_mode": {
    "name": "ipython",
    "version": 2
   },
   "file_extension": ".py",
   "mimetype": "text/x-python",
   "name": "python",
   "nbconvert_exporter": "python",
   "pygments_lexer": "ipython2",
   "version": "2.7.15"
  }
 },
 "nbformat": 4,
 "nbformat_minor": 2
}
	{
	"cells": [
	{
	"cell_type": "code",
	"execution_count": 1,
	"metadata": {},
	"outputs": [
	{
	"name": "stdout",
	"output_type": "stream",
	"text": [
	"2.7.15 (default, Jul 10 2018, 10:33:10) \n",
	"[GCC 7.2.0]\n"
	]
	}
	],
	"source": [
	"import sys\n",
	"print(sys.version)"
	]
	},
	{
	"cell_type": "code",
	"execution_count": 2,
	"metadata": {},
	"outputs": [
	{
	"data": {
	"text/plain": [
	"True"
	]
	},
	"execution_count": 2,
	"metadata": {},
	"output_type": "execute_result"
	}
	],
	"source": [
	"# https://github.com/TheBlueMatt/bitcoinninja/blob/master/secp256k1.ecdsa.sage\n",
	"# Parameters for secp256k1\n",
	"# https://en.bitcoin.it/wiki/Secp256k1\n",
	"F = FiniteField(0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F)\n",
	"C = EllipticCurve([F(0), F(7)]) # y^2=x^3+ax+b\n",
	"G = C.lift_x(0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798)\n",
	"N = FiniteField(C.order()) # how many points on the curve\n",
	"\n",
	"# primitive\n",
	"d = int(F.random_element()) # privkey\n",
	"pd = G*d # pubkey\n",
	"e = int(''.join(i.encode('hex') for i in 'hello'), 16) # message('hello')\n",
	"\n",
	"# sign\n",
	"k = N.random_element() # nonce\n",
	"r = (int(k)*G).xy()[0] # r = kG.x\n",
	"s = (1/k)(e+N(r)d) # s = k^-1(e+dr)\n",
	"\n",
	"# verify\n",
	"w = 1/N(s) # w = s^-1\n",
	"r == (int(we)G + int(N(r)w)pd).xy()[0] # r == (weG+wrpd).x"
	]
	},
	{
	"cell_type": "code",
	"execution_count": 3,
	"metadata": {},
	"outputs": [
	{
	"data": {
	"text/plain": [
	"True"
	]
	},
	"execution_count": 3,
	"metadata": {},
	"output_type": "execute_result"
	}
	],
	"source": [
	"from sage.rings.finite_rings.finite_field_constructor import is_PrimeFiniteField\n",
	"is_PrimeFiniteField(F)"
	]
	}
	],
	"metadata": {
	"kernelspec": {
	"display_name": "SageMath 8.3",
	"language": "",
	"name": "sagemath"
	},
	"language_info": {
	"codemirror_mode": {
	"name": "ipython",
	"version": 2
	},
	"file_extension": ".py",
	"mimetype": "text/x-python",
	"name": "python",
	"nbconvert_exporter": "python",
	"pygments_lexer": "ipython2",
	"version": "2.7.15"
	}
	},
	"nbformat": 4,
	"nbformat_minor": 2
	}