ALBANESE Research Lab 🔍
Software Engineering & Systems Integration Solutions
"Every man has some reminiscences which he would not tell to everyone, but only to his friends. He has others which he would not reveal even to his friends, but only to himself, and that in secret. But finally there are still others which a man is even afraid to tell himself, and every decent man has a considerable number of such things stored away. That is, one can even say that the more decent he is, the greater the number of such things in his mind." -Fyodor Dostoyevsky
Dossier
Github Profile
Main Thesis (or Hypothesis)
This is a checking algorithm that validates a user's private key without revealing it. Is Zero-Knowledge Proof (ZKP) Schnorr-like, Fiat-Shamir Heuristic-like, i.e. non-interactive (NIZK), designed to work with bilinear curves. It ensures that the user knows a valid \( sk \), and that \( sk \) is correctly linked to the \( pk \):
Key Generation
1. Private Key: \( sk \in \mathbb{Z}_n \), where \( \mathbb{Z}_n \) is the finite field used for private keys and \( n \) is the order of the elliptic curve.
2. Public Key: \( pk = sk \cdot G_2 \), where \( G_2 \) is the base point of the elliptic curve, and \( pk \) is the public key.
Zero-Knowledge Proof (ZKP) for Bilinear Elliptic Curves
1. Commitment: \(C = r \cdot G_2\), where \(r\) is a secure random number, \(G_2\) is the elliptic curve base point.
2. Challenge: \(\chi = H(C \parallel m)\), where \(H\) is a cryptographic hash function, \(m\) is the message/context.
3. Response: \(s = r + \chi \cdot sk\), where \(sk\) is the user's private key and \(\chi\) is the computed challenge.
4. Verification: Check if \(e(s \cdot G_1, G_2) \stackrel{?}{=} e(G_1, C + (\chi \cdot pk))\), where \(e\) is the bilinear pairing.
5. Validation: If the equality holds, the proof is valid.
Verification relies on the properties of bilinear pairing
1. Linearity: \(e(s \cdot G_1, G_2) = e(G_1, G_2)^{s} = e(G_1, G_2)^{r + \chi \cdot sk}\)
2. Substitution: \(e(G_1, G_2)^{r + \chi \cdot sk} = e(G_1, C + \chi \cdot pk)\)
3. Expansion: \(e(G_1, C + \chi \cdot pk) = e(G_1, r \cdot G_2 + \chi \cdot sk \cdot G_2) = e(G_1, G_2)^{r + \chi \cdot sk}\)
Go Playground
Test this algorithm here.
Boneh-Franklin Identity-Based Encryption (IBE)
The Boneh-Franklin Identity-Based Encryption (IBE) scheme is a public key cryptosystem that allows a user's public key to be derived directly from a unique identifier, such as an email address. The system consists of a trusted authority (the Private Key Generator, or PKG) that holds a master secret key. During setup, the PKG generates a public key and master secret, and publishes system parameters. To derive a user's private key, the PKG applies a cryptographic hash function to the user's identity to map it to a point on an elliptic curve, then multiplies this point by the master secret. To encrypt a message for a given identity, the sender selects a random scalar, computes an ephemeral public value, and evaluates a bilinear pairing between the identity point and the system's public key raised to the random scalar. This result is hashed to derive a session key, which is then used to symmetrically encrypt the message. Decryption is done using the recipient's private key, which allows reconstruction of the pairing result and recovery of the session key. Boneh-Franklin IBE offers the advantage of simplified key management, particularly useful in environments where a traditional public key infrastructure (PKI) is impractical.
Setup
1. Master Secret Key: \( s \in \mathbb{Z}_q \), chosen by the Private Key Generator (PKG).
2. Public Parameters: includes \( P \in \mathbb{G}_1 \), \( P_{\text{pub}} = s \cdot P \in \mathbb{G}_2 \), and hash functions \( H_1, H_2 \).
Key Extraction
1. User provides identity string: \( \text{ID} \in \{0,1\}^* \).
2. Compute identity point: \( Q_{\text{ID}} = H_1(\text{ID}) \in \mathbb{G}_1 \).
3. Private Key for user: \( sk_{\text{ID}} = s \cdot Q_{\text{ID}} \in \mathbb{G}_1 \).
Encryption
1. Message: \( m \in \{0,1\}^* \).
2. Nonce: Choose random \( r \in \mathbb{Z}_q \).
3. Compute ephemeral key: \( U = r \cdot P \in \mathbb{G}_2 \).
4. Compute identity point: \( Q_{\text{ID}} = H_1(\text{ID}) \in \mathbb{G}_1 \).
5. Compute pairing: \( g = e(Q_{\text{ID}}, P_{\text{pub}})^r \in \mathbb{G}_T \).
6. Derive session key: \( S = H_2(g) \), where \( H_2 \) is a KDF (e.g., Lyra2RE2).
7. Encrypt message: \( V[i] = m[i] \oplus S[i \bmod \text{len}(S)] \).
8. Compute hash for integrity: \( H = H_2(S \parallel V \parallel U) \).
9. Ciphertext: \( (U, V, H) \), where \( U \in \mathbb{G}_2 \), \( V \) is ciphertext, and \( H \) is a MAC.
Decryption
1. Input: ciphertext \( (U, V, H) \), private key \( sk_{\text{ID}} = s \cdot Q_{\text{ID}} \in \mathbb{G}_1 \).
2. Compute pairing: \( g' = e(sk_{\text{ID}}, U) = e(s \cdot Q_{\text{ID}}, r \cdot P) = e(Q_{\text{ID}}, P_{\text{pub}})^r \in \mathbb{G}_T \).
3. Derive session key: \( S' = H_2(g') \).
4. Decrypt message: \( m'[i] = V[i] \oplus S'[i \bmod \text{len}(S')] \).
5. Verify integrity: check \( H = H_2(S' \parallel V' \parallel U) \).
6. Verification: If valid, output \( m' \); else reject.
Go Playground
Test this algorithm here, and the FullIdent IND-CCA2 approach here.
Achievement Badges
Achievement Badges on SourceForge are badges that are awarded to projects hosted on the platform in recognition of specific achievements. These achievements may vary based on criteria set by the SourceForge team and can include significant milestones such as the number of downloads, community activity, special recognitions, or participation in specific programs. Below, some badges of my ports:
|
  |
|
  |
|
  |
|
  |
|
  |
|
  |
Main Prototypes:
GOST Toolkit v1.2.7
GOST Security Suite written in Go
Multi-purpose cross-platform cryptography tool for symmetric encryption, cipher-based message authentication code (CMAC), recursive hash digest, hash-based message authentication code (HMAC), digital signature, shared key agreement (VKO), password-based key derivation function (PBKDF2) and TLS 1.2 for small or embedded systems.GOST is GOvernment STandard of Russian Federation:
GOST refers to a set of technical standards maintained by the Euro-Asian Council for Standardization, Metrology and Certification (EASC), a regional standards organization operating under the auspices of the Commonwealth of Independent States (CIS).
Roll of Algorithms:
☠GOST 28147-89 64-bit block cipher (RFC 5830)
☠GOST R 34.11-94 hash function (RFC 5831)
☠GOST R 50739-95 data sanitization method (non-cryptographic)
☠GOST R 34.10-2001 public key signature function (RFC 5832)
☠GOST R 34.10-2001 VKO (выработка ключа общего) key agreement function (RFC 4357)
☠GOST R 34.10-2012 public key signature function (RFC 7091)
☠GOST R 34.10-2012 VKO (выработка ключа общего) key agreement function (RFC 7836)
☠GOST R 34.11-2012 Стрибог (Streebog) hash function (RFC 6986)
☠GOST R 34.12-2015 128-bit block cipher Кузнечик (Kuznechik) (RFC 7801)
☠GOST R 34.12-2015 64-bit block cipher Магма (Magma) (RFC 8891)
☠MGM AEAD mode for 64 and 128 bit ciphers (RFC 9058)
Source code: https://github.com/pedroalbanese/gosttk
Download: Win32 | Win64 | Linux x86 | Linux amd64 | Linux armel
Read more here.
GMSM Toolkit v1.2.3
GMSM Security Suite written in Go
Multi-purpose cross-platform cryptography tool for asymmetric/symmetric encryption, digital signature, shared key agreement, cipher-based message authentication code (CMAC), hash digest, hash-based message authentication code (HMAC), password-based key derivation function (PBKDF2) and TLS 1.2 protocol.
GMSM is Government Standard of People's Republic of China:
National secret SM2/SM3/SM4 algorithms based on Go language. SM2 is a public key cryptographic algorithm based on elliptic curves, used for e.g. generation and verification of digital signatures; SM3, a hashing algorithm comparable to SHA-256; and SM4, a block cipher algorithm for symmetric cryptography comparable to AES-128. These standards are becoming widely used in Chinese commercial applications such as banking and telecommunications and are sometimes made mandatory for products procured by Chinese government agencies. SM4 is part of the ARMv8.4-A expansion to the ARM architecture.
Chinese National Standard Algorithms:
☠GM/T 0003-2012 - SM2 Public key algorithm 256-bit.
☠GM/T 0004-2012 - SM3 Message digest algorithm 256-bit hash value.
☠GM/T 0002-2012 - SM4 Block cipher with 128-bit key.
☠GM/T 0001-2012 - ZUC Zu Chongzhi stream cipher 128/256-bit key.
Source code: https://github.com/pedroalbanese/gmsmtk
Download: Win32 | Linux x86 | Linux amd64 | Linux armel
KISA Toolkit v1.0.0
KISA Security Suite written in Go
Multi-purpose cross-platform cryptography tool for symmetric encryption, cipher-based message authentication code (CMAC), recursive hash digest, hash-based message authentication code (HMAC) and PBKDF2 function.
KISA is Korea Internet & Security Agency:
Golang implementation of cryptographic algorithms designed by Republic of Korea. ARIA is a block cipher that uses a substitution-permutation network structure based on AES, designed in 2003 by a large group of South Korean researchers. In 2004, the Korean Agency for Technology and Standards selected it as a standard cryptographic technique. SEED is a 128-bit block cipher and HIGHT is a 64-bit block cipher both developed by the Korea Internet & Security Agency (KISA).
Korean National Standard Algorithms:
• KS X 1213-1 ARIA 128-bit block cipher with 128/192/256-bit keys.
• TTAK.KO-12.0276 LSH Message digest algorithm 256/512-bit hash value.
• TTAK.KO-12.0223 LEA 128-bit block cipher with 128/192/256-bit keys.
• ISO/IEC 18033-3 SEED 128-bit block cipher with 128/256-bit keys.
• ISO/IEC 18033-3 HIGHT 64-bit block cipher with 128bit key.
Source code: https://github.com/pedroalbanese/kisatk (Come soon)
Download: Win32 | Linux x86 | Linux amd64 | Linux armel
LICENSE
Copyright (c) 2021 Pedro F. Albanese <pedroalbanese@hotmail.com>
Permission to use, copy, modify, and distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
