From ric at digitalmarbles.com Mon Feb 8 19:37:11 2016
From: ric at digitalmarbles.com (Ricardo Newbery)
Date: Mon, 8 Feb 2016 19:37:11 -0500
Subject: [Cryptography-dev] A RSA signature verification use case
Message-ID:
Greetings Cryptographers :)
I'm trying to do some sort of RSA verification as described here:
https://wopi.readthedocs.org/en/latest/scenarios/proofkeys.html#using-the-rsa-modulus-and-exponent-to-retrieve-the-public-key
https://wopi.readthedocs.org/en/latest/scenarios/proofkeys.html#verifying-the-proof-keys
Those instructions show example code using the Crypto library (included below).
1) A valid request contains several attributes that are used to construct a hash (called `expected_proof`).
2) The same request also contains a signed version of the proof (called `signed_proof`) and some attributes to be used to construct the public key (I have no idea why the public key is not just available directly in this case).
3) The public key is then used to validate the signed_proof against the expected_proof.
----------------------------------------------
from base64 import b64decode
from Crypto.PublicKey import RSA
from Crypto.Util import asn1
def generate_key(modulus_b64, exp_b64):
mod = int(b64decode(modulus_b64).encode('hex'), 16)
exp = int(b64decode(exp_b64).encode('hex'), 16)
seq = asn1.DerSequence()
seq.append(mod)
seq.append(exp)
der = seq.encode()
return RSA.importKey(der)
# proof_key_attributes are from the discovery XML
public_key = generate_key(proof_key_attributes['modulus'], proof_key_attributes['exponent'])
from Crypto.Hash import SHA256
from Crypto.Signature import PKCS1_v1_5
def try_verification(expected_proof, signed_proof, public_key):
verifier = PKCS1_v1_5.new(public_key)
h = SHA256.new(expected_proof)
return verifier.verify(h, signed_proof)
# verify the proof
is_valid = try_verification(expected_proof, signed_proof, public_key)
----------------------------------------------
Soo...
Again, it's using Crypto. I'm interested in how to do the equivalent in `cryptography`. I'm studying the docs but since it looks like I'm diving into hazmat territory, I figure I would ask here first.
Thanks.
From stanislaw.pitucha at hpe.com Mon Feb 8 22:11:29 2016
From: stanislaw.pitucha at hpe.com (Pitucha, Stanislaw Izaak)
Date: Tue, 9 Feb 2016 03:11:29 +0000
Subject: [Cryptography-dev] A RSA signature verification use case
In-Reply-To:
References:
Message-ID:
You probably need to use hazmat, but it has a pretty nice API. There's a short example in the docs:
https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/#signing
Best Regards,
Stanis?aw Pitucha
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5801 bytes
Desc: not available
URL:
From daniel at basso.inf.br Mon Feb 8 22:52:01 2016
From: daniel at basso.inf.br (Daniel Monteiro Basso)
Date: Tue, 09 Feb 2016 03:52:01 +0000
Subject: [Cryptography-dev] A RSA signature verification use case
In-Reply-To:
References:
Message-ID: <1454989921.5755.88.camel@basso.inf.br>
On Tue, 2016-02-09 at 03:11 +0000, Pitucha, Stanislaw Izaak wrote:
> You probably need to use hazmat, but it has a pretty nice API.
> There's a short example in the docs:
> https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/#s
> igning
And to build the key he should do something like this:
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.backends import default_backend
def generate_key(modulus_b64, exp_b64):
? ? [...]
? ? pub_num = rsa.RSAPublicNumbers(exp, mod)
? ? return pub_num.public_key(default_backend())
From ric at digitalmarbles.com Tue Feb 9 00:04:59 2016
From: ric at digitalmarbles.com (Ricardo Newbery)
Date: Tue, 9 Feb 2016 00:04:59 -0500
Subject: [Cryptography-dev] A RSA signature verification use case
In-Reply-To: <1454989921.5755.88.camel@basso.inf.br>
References:
<1454989921.5755.88.camel@basso.inf.br>
Message-ID: <2050582D-4B25-4432-9CC8-D162AAD9CC93@digitalmarbles.com>
> On Feb 8, 2016, at 10:52 PM, Daniel Monteiro Basso wrote:
>
> On Tue, 2016-02-09 at 03:11 +0000, Pitucha, Stanislaw Izaak wrote:
>> You probably need to use hazmat, but it has a pretty nice API.
>> There's a short example in the docs:
>> https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/#s
>> igning
>
> And to build the key he should do something like this:
>
> from cryptography.hazmat.primitives.asymmetric import rsa
> from cryptography.hazmat.backends import default_backend
>
> def generate_key(modulus_b64, exp_b64):
> [...]
> pub_num = rsa.RSAPublicNumbers(exp, mod)
> return pub_num.public_key(default_backend())
Thanks, I think the fog is clearing...
from cryptography.exceptions import InvalidSignature
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import rsa, padding
def generate_key(exp_b64, modulus_b64):
exp = int(b64decode(exp_b64).encode('hex'), 16)
mod = int(b64decode(modulus_b64).encode('hex'), 16)
pub_num = rsa.RSAPublicNumbers(exp, mod)
return pub_num.public_key(default_backend())
def verify(expected_proof, signed_proof, public_key):
verifier = public_key.verifier(
signed_proof, padding.PKCS1v15(), hashes.SHA256())
verifier.update(expected_proof)
try:
verifier.verify()
except InvalidSignature:
return False
return True
From shiv.29.94 at gmail.com Thu Feb 11 05:11:27 2016
From: shiv.29.94 at gmail.com (Shivraj Singh)
Date: Thu, 11 Feb 2016 15:41:27 +0530
Subject: [Cryptography-dev] Visual Cryptography[Proposal]
Message-ID:
Greetings, everyone.
My name is Shivraj Singh. I have been working on Visual Cryptography as a
part of a project that I have undertaken in Uni.
It's a relatively new field of cryptography with a lot of potential for
application. A lot of research is going on in this field and quite a lot of
research papers have been published on this as well, but not a lot has been
done from an application point of view. This method of encryption had been
introduced by Shamir, one of the founders of RSA, himself. Here's the wiki
link to it : wiki .
One of the primary applications of Visual Cryptography is Secret Sharing
. The
implementation of it requires knowledge about (linear) algebra to
understand the working and opencv and python for the implementation.
I am new to the open source environment in terms of contribution so I
apologise in case this isn't the standard procedure. Do let me know what
you think about this project. Also, in case there is some other procedure
required for me to present this idea to the community, please let me know.
I have written a small python program to implement a (2,4)2VCS scheme : a
secret is hared between 4 participants where each is given one share. If
any two participants combine their share, they can obtain the secret image.
Hoping to hear from you soon.
Thank you.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
From shiv.29.94 at gmail.com Sun Feb 14 08:14:31 2016
From: shiv.29.94 at gmail.com (Shivraj Singh)
Date: Sun, 14 Feb 2016 18:44:31 +0530
Subject: [Cryptography-dev] Visual Cryptography[Proposal]
Message-ID:
Below is the code in python to implement a (2,4)2VCS scheme. Here "img.jpg"
is the image that is to be shared. For testing purpose, save an image with
the same name in the directory that you'll be running the program in.
share1, share2, share3, share4 are the 4 shares that are generated. If you
combine any of these two using the cv2.add() function in python, you'll get
the secret image. I have added the code for the combination below as well.
The results are saved as res12 and so on. The program takes around 1-5
minutes depending on the size of the image.
import numpy as np
import cv2
import random
e1 = cv2.getTickCount()
# your code execution
#loading image in grayscale : 0
image = cv2.imread('img.jpg',0)
#converting the image to bw; threshold determined by Otsu's method
(thresh, img_s) = cv2.threshold(image, 128, 255, cv2.THRESH_BINARY |
cv2.THRESH_OTSU)
#saving bw image
cv2.imwrite('bw_image.jpg', img_s)
#size of the image
size = img_s.shape
h = size[0]
b = size[1]
#print img_s.dtype
#size of share : proportional to pixel exapnsion
H = h*2
B = (b/2)*3
#creating blank shares
share1 = np.zeros((H,B),np.uint8)
cv2.imwrite('share1.jpg', share1)
share2 = np.zeros((H,B),np.uint8)
cv2.imwrite('share2.jpg', share2)
share3 = np.zeros((H,B),np.uint8)
cv2.imwrite('share3.jpg', share3)
share4 = np.zeros((H,B),np.uint8)
cv2.imwrite('share4.jpg', share4)
#white : 255; black : o
l = 0
w = 255
#basis matrices :
s0 = [[l,l,l,w,w,w],
[l,l,l,w,w,w],
[l,l,l,w,w,w],
[l,l,l,w,w,w]]
s1 = [[l,l,l,w,w,w],
[l,w,w,l,l,w],
[w,l,w,l,w,l],
[w,w,l,w,l,l]]
s2 = [[l,l,l,w,w,w],
[l,l,w,l,w,w],
[l,l,w,w,l,w],
[l,l,w,w,w,l]]
#for generation of random permutation
arr = random.sample([0,1,2,3,4,5],6)
#i moves by 1, j moves by 2 since 2 consecutive pixels are being encrypted
each time
for i in range(0,h):
for j in range(0,(b-1)):
arr = random.sample([0,1,2,3,4,5],6)
p1 = img_s[i,j]
p2 = img_s[i,j+1]
ps1 = i*2
ps2 = (j/2)*3
print arr
if (p1==255 and p2==255):
#both pixels are black
#share1
share1[ps1,ps2] = s1[0][arr[0]]
share1[ps1,(ps2+1)] = s1[0][arr[1]]
share1[ps1,(ps2+2)] = s1[0][arr[2]]
share1[(ps1+1),ps2] = s1[0][arr[3]]
share1[(ps1+1),(ps2+1)] = s1[0][arr[4]]
share1[(ps1+1),(ps2+2)] = s1[0][arr[5]]
#share2
share2[ps1,ps2] = s1[1][arr[0]]
share2[ps1,(ps2+1)] = s1[1][arr[1]]
share2[ps1,(ps2+2)] = s1[1][arr[2]]
share2[(ps1+1),ps2] = s1[1][arr[3]]
share2[(ps1+1),(ps2+1)] = s1[1][arr[4]]
share2[(ps1+1),(ps2+2)] = s1[1][arr[5]]
#share3
share3[ps1,ps2] = s1[2][arr[0]]
share3[ps1,(ps2+1)] = s1[2][arr[1]]
share3[ps1,(ps2+2)] = s1[2][arr[2]]
share3[(ps1+1),ps2] = s1[2][arr[3]]
share3[(ps1+1),(ps2+1)] = s1[2][arr[4]]
share3[(ps1+1),(ps2+2)] = s1[2][arr[5]]
#share4
share4[ps1,ps2] = s1[3][arr[0]]
share4[ps1,(ps2+1)] = s1[3][arr[1]]
share4[ps1,(ps2+2)] = s1[3][arr[2]]
share4[(ps1+1),ps2] = s1[3][arr[3]]
share4[(ps1+1),(ps2+1)] = s1[3][arr[4]]
share4[(ps1+1),(ps2+2)] = s1[3][arr[5]]
elif (p1==0 and p2==0):
#both pixels are white
#share1
share1[ps1,ps2] = s0[0][arr[0]]
share1[ps1,(ps2+1)] = s0[0][arr[1]]
share1[ps1,(ps2+2)] = s0[0][arr[2]]
share1[(ps1+1),ps2] = s0[0][arr[3]]
share1[(ps1+1),(ps2+1)] = s0[0][arr[4]]
share1[(ps1+1),(ps2+2)] = s0[0][arr[5]]
#share2
share2[ps1,ps2] = s0[1][arr[0]]
share2[ps1,(ps2+1)] = s0[1][arr[1]]
share2[ps1,(ps2+2)] = s0[1][arr[2]]
share2[(ps1+1),ps2] = s0[1][arr[3]]
share2[(ps1+1),(ps2+1)] = s0[1][arr[4]]
share2[(ps1+1),(ps2+2)] = s0[1][arr[5]]
#share3
share3[ps1,ps2] = s0[2][arr[0]]
share3[ps1,(ps2+1)] = s0[2][arr[1]]
share3[ps1,(ps2+2)] = s0[2][arr[2]]
share3[(ps1+1),ps2] = s0[2][arr[3]]
share3[(ps1+1),(ps2+1)] = s0[2][arr[4]]
share3[(ps1+1),(ps2+2)] = s0[2][arr[5]]
#share4
share4[ps1,ps2] = s0[3][arr[0]]
share4[ps1,(ps2+1)] = s0[3][arr[1]]
share4[ps1,(ps2+2)] = s0[3][arr[2]]
share4[(ps1+1),ps2] = s0[3][arr[3]]
share4[(ps1+1),(ps2+1)] = s0[3][arr[4]]
share4[(ps1+1),(ps2+2)] = s0[3][arr[5]]
else:
#b/w
#share1
share1[ps1,ps2] = s2[0][arr[0]]
share1[ps1,(ps2+1)] = s2[0][arr[1]]
share1[ps1,(ps2+2)] = s2[0][arr[2]]
share1[(ps1+1),ps2] = s2[0][arr[3]]
share1[(ps1+1),(ps2+1)] = s2[0][arr[4]]
share1[(ps1+1),(ps2+2)] = s2[0][arr[5]]
#share2
share2[ps1,ps2] = s2[1][arr[0]]
share2[ps1,(ps2+1)] = s2[1][arr[1]]
share2[ps1,(ps2+2)] = s2[1][arr[2]]
share2[(ps1+1),ps2] = s2[1][arr[3]]
share2[(ps1+1),(ps2+1)] = s2[1][arr[4]]
share2[(ps1+1),(ps2+2)] = s2[1][arr[5]]
#share3
share3[ps1,ps2] = s2[2][arr[0]]
share3[ps1,(ps2+1)] = s2[2][arr[1]]
share3[ps1,(ps2+2)] = s2[2][arr[2]]
share3[(ps1+1),ps2] = s2[2][arr[3]]
share3[(ps1+1),(ps2+1)] = s2[2][arr[4]]
share3[(ps1+1),(ps2+2)] = s2[2][arr[5]]
#share4
share4[ps1,ps2] = s2[3][arr[0]]
share4[ps1,(ps2+1)] = s2[3][arr[1]]
share4[ps1,(ps2+2)] = s2[3][arr[2]]
share4[(ps1+1),ps2] = s2[3][arr[3]]
share4[(ps1+1),(ps2+1)] = s2[3][arr[4]]
share4[(ps1+1),(ps2+2)] = s2[3][arr[5]]
#2pixels has been encoded
j+=2
i+=1
pass
#generating shares
cv2.imwrite('share1.jpg', share1)
cv2.imwrite('share2.jpg', share2)
cv2.imwrite('share3.jpg', share3)
cv2.imwrite('share4.jpg', share4)
e2 = cv2.getTickCount()
time = (e2 - e1)/ cv2.getTickFrequency()
#combining the shares :
res12 = cv2.add(share1,share2)
cv2.imwrite('res12.jpg', res12)
res23 = cv2.add(share2,share3)
cv2.imwrite('res23.jpg', res23)
res34 = cv2.add(share3,share4)
cv2.imwrite('res34.jpg', res34)
print time
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
From alex.gaynor at gmail.com Sun Feb 28 09:09:44 2016
From: alex.gaynor at gmail.com (Alex Gaynor)
Date: Sun, 28 Feb 2016 09:09:44 -0500
Subject: [Cryptography-dev] New release on Tuesday
Message-ID:
Hi all,
This is an advanced notice that on Tuesday we'll be issuing a new release,
1.2.3. The only change will be upgrading the bundled version of OpenSSL on
Windows and OS X for
https://mta.openssl.org/pipermail/openssl-announce/2016-February/000063.html
Alex
--
"I disapprove of what you say, but I will defend to the death your right to
say it." -- Evelyn Beatrice Hall (summarizing Voltaire)
"The people's good is the highest law." -- Cicero
GPG Key fingerprint: 125F 5C67 DFE9 4084
-------------- next part --------------
An HTML attachment was scrubbed...
URL: