Author: 皓正 王
Views : 85
F = FiniteField (0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F)
C = EllipticCurve ([F (0), F (7)])
#G = C.lift_x(0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798)
base_x = 0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798
G = C(base_x, base_y)
N = FiniteField (C.order())
d = 922034
print "My student ID number: r06922034, d =", d
identity = C.order()*G
G4 = 4*G
G5 = 5*G
dG = d*G

print "\nNo.1:"
print "4G:(", hex(int(G4.xy())), ",", hex(int(G4.xy())), ")"
print "\nNo.2:"
print "5G:(", hex(int(G5.xy())), ",", hex(int(G5.xy())), ")"
print "\nNo.3:"
print "dG:(", hex(int(dG.xy())), ",", hex(int(dG.xy())), ")"

print "\nNo.4 & 5:"
print "My d:",d,", in binary representation:"
print d.binary()

#print "n:"
#print C.order()

e = 0xfb81b5a03ecfdaf64512ac45a7471c89f862e2e0ffc1aa7a72097d2677bc6209

print "\nNo.6:"
k = N.random_element()
r = (int(k)*G).xy()
s = (1/k)*(e+N(r)*d)
print "transaction hash value - "
print "e:", hex(e)

#print "n in binary:"
#print (C.order()).binary()
print "\nL_n = "
print len((C.order()).binary())
#print "e in binary:"
#print e.binary()
print "length of e in binary:"
print len(e.binary())

print "Because the length of e in binary <= L_n,"
print "I pick the whole e as z"
#print "public key - "
#print "dG:(", hex(int(dG.xy())), ",", hex(int(dG.xy())), ")"
print "\nsignature pair - "
print "(r, s): (", hex(int(r)), ",", hex(int(s)), ")"
#print hex(int(G.order()*G.xy())), ",", hex(int(G.order()*G.xy()))

print "\nNo.7:"
#print "check whether dG is identity:", (dG == identity)
w = 1/N(s)
u1 = int(w*e)
u2 = int(N(r)*w)
ans = (u1*G + u2*dG)
print "Verify:", (r == ans.xy())

My student ID number: r06922034, d = 922034 No.1: 4G:( 0xe493dbf1c10d80f3581e4904930b1404cc6c13900ee0758474fa94abe8c4cd13L , 0x51ed993ea0d455b75642e2098ea51448d967ae33bfbdfe40cfe97bdc47739922L ) No.2: 5G:( 0x2f8bde4d1a07209355b4a7250a5c5128e88b84bddc619ab7cba8d569b240efe4L , 0xd8ac222636e5e3d6d4dba9dda6c9c426f788271bab0d6840dca87d3aa6ac62d6L ) No.3: dG:( 0x3ad633b7a57586bfbf7ff6138152b6e19cf4e60099d74f6216036ee9c5946ee6L , 0xbb9a042c345b71c153f1c6ee59b5e5074b6e653f059b133bd0d07c90c9d5475aL ) No.4 & 5: My d: 922034 , in binary representation: 11100001000110110010 No.6: transaction hash value - e: fb81b5a03ecfdaf64512ac45a7471c89f862e2e0ffc1aa7a72097d2677bc6209 L_n = 256 length of e in binary: 256 Because the length of e in binary <= L_n, I pick the whole e as z signature pair - (r, s): ( 0x3f45c2abe0d26411ba4ea81c0bdca5db9aad5eec2b38bc4fbdcb179aa0df5394L , 0x78552924b5d2d76a654b313909425b3ce4ffebc306de354af62d48502068a8b2L ) No.7: Verify: True