CoCalc Shared Filesspec256k1 .sagewsOpen in CoCalc with one click!
Author: 皓正 王
Views : 139
F = FiniteField (0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F) C = EllipticCurve ([F (0), F (7)]) #G = C.lift_x(0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798) base_x = 0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798 base_y = 0x483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8 G = C(base_x, base_y) N = FiniteField (C.order()) d = 922034 print "My student ID number: r06922034, d =", d identity = C.order()*G G4 = 4*G G5 = 5*G dG = d*G print "\nNo.1:" print "4G:(", hex(int(G4.xy()[0])), ",", hex(int(G4.xy()[1])), ")" print "\nNo.2:" print "5G:(", hex(int(G5.xy()[0])), ",", hex(int(G5.xy()[1])), ")" print "\nNo.3:" print "dG:(", hex(int(dG.xy()[0])), ",", hex(int(dG.xy()[1])), ")" print "\nNo.4 & 5:" print "My d:",d,", in binary representation:" print d.binary() #print "n:" #print C.order() e = 0xfb81b5a03ecfdaf64512ac45a7471c89f862e2e0ffc1aa7a72097d2677bc6209 print "\nNo.6:" k = N.random_element() r = (int(k)*G).xy()[0] s = (1/k)*(e+N(r)*d) print "transaction hash value - " print "e:", hex(e) #print "n in binary:" #print (C.order()).binary() print "\nL_n = " print len((C.order()).binary()) #print "e in binary:" #print e.binary() print "length of e in binary:" print len(e.binary()) print "Because the length of e in binary <= L_n," print "I pick the whole e as z" #print "public key - " #print "dG:(", hex(int(dG.xy()[0])), ",", hex(int(dG.xy()[1])), ")" print "\nsignature pair - " print "(r, s): (", hex(int(r)), ",", hex(int(s)), ")" #print hex(int(G.order()*G.xy()[0])), ",", hex(int(G.order()*G.xy()[1])) print "\nNo.7:" #print "check whether dG is identity:", (dG == identity) w = 1/N(s) u1 = int(w*e) u2 = int(N(r)*w) ans = (u1*G + u2*dG) print "Verify:", (r == ans.xy()[0])
My student ID number: r06922034, d = 922034 No.1: 4G:( 0xe493dbf1c10d80f3581e4904930b1404cc6c13900ee0758474fa94abe8c4cd13L , 0x51ed993ea0d455b75642e2098ea51448d967ae33bfbdfe40cfe97bdc47739922L ) No.2: 5G:( 0x2f8bde4d1a07209355b4a7250a5c5128e88b84bddc619ab7cba8d569b240efe4L , 0xd8ac222636e5e3d6d4dba9dda6c9c426f788271bab0d6840dca87d3aa6ac62d6L ) No.3: dG:( 0x3ad633b7a57586bfbf7ff6138152b6e19cf4e60099d74f6216036ee9c5946ee6L , 0xbb9a042c345b71c153f1c6ee59b5e5074b6e653f059b133bd0d07c90c9d5475aL ) No.4 & 5: My d: 922034 , in binary representation: 11100001000110110010 No.6: transaction hash value - e: fb81b5a03ecfdaf64512ac45a7471c89f862e2e0ffc1aa7a72097d2677bc6209 L_n = 256 length of e in binary: 256 Because the length of e in binary <= L_n, I pick the whole e as z signature pair - (r, s): ( 0x3f45c2abe0d26411ba4ea81c0bdca5db9aad5eec2b38bc4fbdcb179aa0df5394L , 0x78552924b5d2d76a654b313909425b3ce4ffebc306de354af62d48502068a8b2L ) No.7: Verify: True