Comments (21)
:= appeared in python 3.8
now stands in sage 3.8 python 3.7.10
from crypto-attacks.
Smart_attack.py
p_ = 0x79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798#(0x79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798,0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8)
r_ = 0xdf713e4a49dd8b474ca6a1ebe11f757b5e69a380ef1bd06112a035ce1219c8b3#(0xd11a650e0618d0901466dc22a1014e858c06e95de5077051af6e92cf9900ef71,0x677fc5dce98a343d3ab0156faf6eadd4607b630c0028efb6b5da17e1d1931cc0)
res = attack(p_,r_)
print(res)
from crypto-attacks.
What's the python version of your system? Not the sage one. Try installing the latest python, then reinstalling sage (to version 9.4, the newest sage version).
from crypto-attacks.
windows only 9.3 version
from crypto-attacks.
Right, I don't have a lot of experience with Windows. It is possible that the Windows binaries only use Python 3.7 right now. In that case, you'll have to modify the script yourself to remove the walrus operator.
from crypto-attacks.
i started sagemath.
experimenting with mov_attack.attack
tells me why P = E(0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798,0x483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D04B8) is throwing an error
raise TypeError("%s coordinates do not specify a point on %s" % (list(v), curve))
Error type: Coordinates [55066263022277343669578718895168534326250603453777594175500187360389116729240, 32670510020758816978083085130507043184471273380659243275938904335757337482424 1] does not define a point on the elliptic curve defined by y ^ 2 = x ^ 3 + 7 over a finite field size 115792089237316195423570985008687907852837564279074904382605163141518161494337
I specify the base point of the curve.
from crypto-attacks.
I need to know the parameters you used to call the attack.
from crypto-attacks.
p = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141 a = 0x0 b = 0x7 E = EllipticCurve(GF(p), [a, b]) P = E(0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798,0x483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8) R = E(0xcb3c7c1573671ba4ea94b3835a6315d4e06ded5582068497b87996a9c5ec1493, 0xa475696ec02f4c93c4d2b88ea14eb301e7a7ac8564897eb2720da210874c54e2) l_ = mov_attack.attack(P, R)
from crypto-attacks.
The problem is not with the script, it's with:
P = E(0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798,0x483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8)
This is not a valid point for the curve. If you got this point somewhere, it's wrong. If you generated it yourself, you generated it wrongly.
from crypto-attacks.
i use:
Gx=0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798, # Base point x
Gy=0x483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8, # Base point y
pubkey: 04cb3c7c1573671ba4ea94b3835a6315d4e06ded5582068497b87996a9c5ec1493a475696ec02f4c93c4d2b88ea14eb301e7a7ac8564897eb2720da210874c54e2
Pubx = 0xcb3c7c1573671ba4ea94b3835a6315d4e06ded5582068497b87996a9c5ec1493
Puby = 0xa475696ec02f4c93c4d2b88ea14eb301e7a7ac8564897eb2720da210874c54e2
from crypto-attacks.
Where did you get that Gx
and Gy
from?
from crypto-attacks.
https://en.bitcoin.it/wiki/Secp256k1
from crypto-attacks.
Your p
is wrong.
from crypto-attacks.
I'm sorry to interrupt you. but not at all you can figure it out yourself without help.
All basic documentation is in English.
so practice is the best way to understand.
so I turn to you to explain my mistakes.
thank you in advance.
from crypto-attacks.
yes. sorry
0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F
from crypto-attacks.
sage: p = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F
sage: a = 0x0
sage: b = 0x7
sage: E = EllipticCurve(GF(p), [a, b])
sage: P = E(0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798,0x483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47
....: D08FFB10D4B8)
sage: R = E(0xcb3c7c1573671ba4ea94b3835a6315d4e06ded5582068497b87996a9c5ec1493, 0xa475696ec02f4c93c4d2b88ea14eb301e7a7ac8564897eb2720
....: da210874c54e2)
it all works when you change p
.
from crypto-attacks.
yes you are right, i already figured it out
smart_attac error
Traceback (most recent call last): File "/home/jo/crypto-attacks/attacks/ecc/main.py", line 32, in <module> l_ = smart_attack.attack(G, l * G) File "/home/jo/crypto-attacks/attacks/ecc/smart_attack.py", line 26, in attack assert E.trace_of_frobenius() == 1, f"Curve should have trace of Frobenius = 1." AssertionError: Curve should have trace of Frobenius = 1.
E = EllipticCurve(GF(0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141), \ [0xcb3c7c1573671ba4ea94b3835a6315d4e06ded5582068497b87996a9c5ec1493, 0xa475696ec02f4c93c4d2b88ea14eb301e7a7ac8564897eb2720da210874c54e2]) G = E.gen(0) n = int(G.order()) l = randrange(1, n) l_ = smart_attack.attack(G, l * G)
from crypto-attacks.
Smart's attack doesn't work on that curve.
from crypto-attacks.
what attacks work ? secp256k1
to know in advance and not to disturb you
from crypto-attacks.
:param max_k: the maximum value of embedding degree to try (default: 6)
:param max_tries: the maximum amount of times to try to find l (default: 10)
how to understand these parameters?
from crypto-attacks.
what attacks work ? secp256k1 to know in advance and not to disturb you
None that I know of
:param max_k: the maximum value of embedding degree to try (default: 6) :param max_tries: the maximum amount of times to try to find l (default: 10)
how to understand these parameters?
Read the code
from crypto-attacks.
Related Issues (16)
- Any C/C++ implementation HOT 1
- Frey ruck attack test HOT 1
- something wrong when I run the code:rsa/wiener_attack_common_rsa_prime.py HOT 2
- AMM method function rth_roots() get same roots HOT 1
- A faster function to solve the DLP question in ecc's singular_curve.py HOT 5
- Generate Anomalous Curve with Given order HOT 4
- shared.ecc.generate_with_order speed up HOT 2
- how to use HOT 7
- memory usage in hencel lift HOT 2
- Short Nonces in ECDSA HOT 3
- coppersmith timings vary a lot HOT 4
- Extended partial key exposure attacks on RSA: Improvement up to full size decryption exponents HOT 3
- adding aes cpa and dpa attacks HOT 2
- how to use "Branch and prune for the case with p, q, and d bits known"? HOT 1
- TypeError in Example code rsa/boneh_durfee.py HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from crypto-attacks.