From ric at digitalmarbles.com Mon Feb 8 19:37:11 2016 From: ric at digitalmarbles.com (Ricardo Newbery) Date: Mon, 8 Feb 2016 19:37:11 -0500 Subject: [Cryptography-dev] A RSA signature verification use case Message-ID: Greetings Cryptographers :) I'm trying to do some sort of RSA verification as described here: https://wopi.readthedocs.org/en/latest/scenarios/proofkeys.html#using-the-rsa-modulus-and-exponent-to-retrieve-the-public-key https://wopi.readthedocs.org/en/latest/scenarios/proofkeys.html#verifying-the-proof-keys Those instructions show example code using the Crypto library (included below). 1) A valid request contains several attributes that are used to construct a hash (called `expected_proof`). 2) The same request also contains a signed version of the proof (called `signed_proof`) and some attributes to be used to construct the public key (I have no idea why the public key is not just available directly in this case). 3) The public key is then used to validate the signed_proof against the expected_proof. ---------------------------------------------- from base64 import b64decode from Crypto.PublicKey import RSA from Crypto.Util import asn1 def generate_key(modulus_b64, exp_b64): mod = int(b64decode(modulus_b64).encode('hex'), 16) exp = int(b64decode(exp_b64).encode('hex'), 16) seq = asn1.DerSequence() seq.append(mod) seq.append(exp) der = seq.encode() return RSA.importKey(der) # proof_key_attributes are from the discovery XML public_key = generate_key(proof_key_attributes['modulus'], proof_key_attributes['exponent']) from Crypto.Hash import SHA256 from Crypto.Signature import PKCS1_v1_5 def try_verification(expected_proof, signed_proof, public_key): verifier = PKCS1_v1_5.new(public_key) h = SHA256.new(expected_proof) return verifier.verify(h, signed_proof) # verify the proof is_valid = try_verification(expected_proof, signed_proof, public_key) ---------------------------------------------- Soo... Again, it's using Crypto. I'm interested in how to do the equivalent in `cryptography`. I'm studying the docs but since it looks like I'm diving into hazmat territory, I figure I would ask here first. Thanks. From stanislaw.pitucha at hpe.com Mon Feb 8 22:11:29 2016 From: stanislaw.pitucha at hpe.com (Pitucha, Stanislaw Izaak) Date: Tue, 9 Feb 2016 03:11:29 +0000 Subject: [Cryptography-dev] A RSA signature verification use case In-Reply-To: References: Message-ID: You probably need to use hazmat, but it has a pretty nice API. There's a short example in the docs: https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/#signing Best Regards, Stanis?aw Pitucha -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5801 bytes Desc: not available URL: From daniel at basso.inf.br Mon Feb 8 22:52:01 2016 From: daniel at basso.inf.br (Daniel Monteiro Basso) Date: Tue, 09 Feb 2016 03:52:01 +0000 Subject: [Cryptography-dev] A RSA signature verification use case In-Reply-To: References: Message-ID: <1454989921.5755.88.camel@basso.inf.br> On Tue, 2016-02-09 at 03:11 +0000, Pitucha, Stanislaw Izaak wrote: > You probably need to use hazmat, but it has a pretty nice API. > There's a short example in the docs: > https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/#s > igning And to build the key he should do something like this: from cryptography.hazmat.primitives.asymmetric import rsa from cryptography.hazmat.backends import default_backend def generate_key(modulus_b64, exp_b64): ? ? [...] ? ? pub_num = rsa.RSAPublicNumbers(exp, mod) ? ? return pub_num.public_key(default_backend()) From ric at digitalmarbles.com Tue Feb 9 00:04:59 2016 From: ric at digitalmarbles.com (Ricardo Newbery) Date: Tue, 9 Feb 2016 00:04:59 -0500 Subject: [Cryptography-dev] A RSA signature verification use case In-Reply-To: <1454989921.5755.88.camel@basso.inf.br> References: <1454989921.5755.88.camel@basso.inf.br> Message-ID: <2050582D-4B25-4432-9CC8-D162AAD9CC93@digitalmarbles.com> > On Feb 8, 2016, at 10:52 PM, Daniel Monteiro Basso wrote: > > On Tue, 2016-02-09 at 03:11 +0000, Pitucha, Stanislaw Izaak wrote: >> You probably need to use hazmat, but it has a pretty nice API. >> There's a short example in the docs: >> https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/#s >> igning > > And to build the key he should do something like this: > > from cryptography.hazmat.primitives.asymmetric import rsa > from cryptography.hazmat.backends import default_backend > > def generate_key(modulus_b64, exp_b64): > [...] > pub_num = rsa.RSAPublicNumbers(exp, mod) > return pub_num.public_key(default_backend()) Thanks, I think the fog is clearing... from cryptography.exceptions import InvalidSignature from cryptography.hazmat.backends import default_backend from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives.asymmetric import rsa, padding def generate_key(exp_b64, modulus_b64): exp = int(b64decode(exp_b64).encode('hex'), 16) mod = int(b64decode(modulus_b64).encode('hex'), 16) pub_num = rsa.RSAPublicNumbers(exp, mod) return pub_num.public_key(default_backend()) def verify(expected_proof, signed_proof, public_key): verifier = public_key.verifier( signed_proof, padding.PKCS1v15(), hashes.SHA256()) verifier.update(expected_proof) try: verifier.verify() except InvalidSignature: return False return True From shiv.29.94 at gmail.com Thu Feb 11 05:11:27 2016 From: shiv.29.94 at gmail.com (Shivraj Singh) Date: Thu, 11 Feb 2016 15:41:27 +0530 Subject: [Cryptography-dev] Visual Cryptography[Proposal] Message-ID: Greetings, everyone. My name is Shivraj Singh. I have been working on Visual Cryptography as a part of a project that I have undertaken in Uni. It's a relatively new field of cryptography with a lot of potential for application. A lot of research is going on in this field and quite a lot of research papers have been published on this as well, but not a lot has been done from an application point of view. This method of encryption had been introduced by Shamir, one of the founders of RSA, himself. Here's the wiki link to it : wiki . One of the primary applications of Visual Cryptography is Secret Sharing . The implementation of it requires knowledge about (linear) algebra to understand the working and opencv and python for the implementation. I am new to the open source environment in terms of contribution so I apologise in case this isn't the standard procedure. Do let me know what you think about this project. Also, in case there is some other procedure required for me to present this idea to the community, please let me know. I have written a small python program to implement a (2,4)2VCS scheme : a secret is hared between 4 participants where each is given one share. If any two participants combine their share, they can obtain the secret image. Hoping to hear from you soon. Thank you. -------------- next part -------------- An HTML attachment was scrubbed... URL: From shiv.29.94 at gmail.com Sun Feb 14 08:14:31 2016 From: shiv.29.94 at gmail.com (Shivraj Singh) Date: Sun, 14 Feb 2016 18:44:31 +0530 Subject: [Cryptography-dev] Visual Cryptography[Proposal] Message-ID: Below is the code in python to implement a (2,4)2VCS scheme. Here "img.jpg" is the image that is to be shared. For testing purpose, save an image with the same name in the directory that you'll be running the program in. share1, share2, share3, share4 are the 4 shares that are generated. If you combine any of these two using the cv2.add() function in python, you'll get the secret image. I have added the code for the combination below as well. The results are saved as res12 and so on. The program takes around 1-5 minutes depending on the size of the image. import numpy as np import cv2 import random e1 = cv2.getTickCount() # your code execution #loading image in grayscale : 0 image = cv2.imread('img.jpg',0) #converting the image to bw; threshold determined by Otsu's method (thresh, img_s) = cv2.threshold(image, 128, 255, cv2.THRESH_BINARY | cv2.THRESH_OTSU) #saving bw image cv2.imwrite('bw_image.jpg', img_s) #size of the image size = img_s.shape h = size[0] b = size[1] #print img_s.dtype #size of share : proportional to pixel exapnsion H = h*2 B = (b/2)*3 #creating blank shares share1 = np.zeros((H,B),np.uint8) cv2.imwrite('share1.jpg', share1) share2 = np.zeros((H,B),np.uint8) cv2.imwrite('share2.jpg', share2) share3 = np.zeros((H,B),np.uint8) cv2.imwrite('share3.jpg', share3) share4 = np.zeros((H,B),np.uint8) cv2.imwrite('share4.jpg', share4) #white : 255; black : o l = 0 w = 255 #basis matrices : s0 = [[l,l,l,w,w,w], [l,l,l,w,w,w], [l,l,l,w,w,w], [l,l,l,w,w,w]] s1 = [[l,l,l,w,w,w], [l,w,w,l,l,w], [w,l,w,l,w,l], [w,w,l,w,l,l]] s2 = [[l,l,l,w,w,w], [l,l,w,l,w,w], [l,l,w,w,l,w], [l,l,w,w,w,l]] #for generation of random permutation arr = random.sample([0,1,2,3,4,5],6) #i moves by 1, j moves by 2 since 2 consecutive pixels are being encrypted each time for i in range(0,h): for j in range(0,(b-1)): arr = random.sample([0,1,2,3,4,5],6) p1 = img_s[i,j] p2 = img_s[i,j+1] ps1 = i*2 ps2 = (j/2)*3 print arr if (p1==255 and p2==255): #both pixels are black #share1 share1[ps1,ps2] = s1[0][arr[0]] share1[ps1,(ps2+1)] = s1[0][arr[1]] share1[ps1,(ps2+2)] = s1[0][arr[2]] share1[(ps1+1),ps2] = s1[0][arr[3]] share1[(ps1+1),(ps2+1)] = s1[0][arr[4]] share1[(ps1+1),(ps2+2)] = s1[0][arr[5]] #share2 share2[ps1,ps2] = s1[1][arr[0]] share2[ps1,(ps2+1)] = s1[1][arr[1]] share2[ps1,(ps2+2)] = s1[1][arr[2]] share2[(ps1+1),ps2] = s1[1][arr[3]] share2[(ps1+1),(ps2+1)] = s1[1][arr[4]] share2[(ps1+1),(ps2+2)] = s1[1][arr[5]] #share3 share3[ps1,ps2] = s1[2][arr[0]] share3[ps1,(ps2+1)] = s1[2][arr[1]] share3[ps1,(ps2+2)] = s1[2][arr[2]] share3[(ps1+1),ps2] = s1[2][arr[3]] share3[(ps1+1),(ps2+1)] = s1[2][arr[4]] share3[(ps1+1),(ps2+2)] = s1[2][arr[5]] #share4 share4[ps1,ps2] = s1[3][arr[0]] share4[ps1,(ps2+1)] = s1[3][arr[1]] share4[ps1,(ps2+2)] = s1[3][arr[2]] share4[(ps1+1),ps2] = s1[3][arr[3]] share4[(ps1+1),(ps2+1)] = s1[3][arr[4]] share4[(ps1+1),(ps2+2)] = s1[3][arr[5]] elif (p1==0 and p2==0): #both pixels are white #share1 share1[ps1,ps2] = s0[0][arr[0]] share1[ps1,(ps2+1)] = s0[0][arr[1]] share1[ps1,(ps2+2)] = s0[0][arr[2]] share1[(ps1+1),ps2] = s0[0][arr[3]] share1[(ps1+1),(ps2+1)] = s0[0][arr[4]] share1[(ps1+1),(ps2+2)] = s0[0][arr[5]] #share2 share2[ps1,ps2] = s0[1][arr[0]] share2[ps1,(ps2+1)] = s0[1][arr[1]] share2[ps1,(ps2+2)] = s0[1][arr[2]] share2[(ps1+1),ps2] = s0[1][arr[3]] share2[(ps1+1),(ps2+1)] = s0[1][arr[4]] share2[(ps1+1),(ps2+2)] = s0[1][arr[5]] #share3 share3[ps1,ps2] = s0[2][arr[0]] share3[ps1,(ps2+1)] = s0[2][arr[1]] share3[ps1,(ps2+2)] = s0[2][arr[2]] share3[(ps1+1),ps2] = s0[2][arr[3]] share3[(ps1+1),(ps2+1)] = s0[2][arr[4]] share3[(ps1+1),(ps2+2)] = s0[2][arr[5]] #share4 share4[ps1,ps2] = s0[3][arr[0]] share4[ps1,(ps2+1)] = s0[3][arr[1]] share4[ps1,(ps2+2)] = s0[3][arr[2]] share4[(ps1+1),ps2] = s0[3][arr[3]] share4[(ps1+1),(ps2+1)] = s0[3][arr[4]] share4[(ps1+1),(ps2+2)] = s0[3][arr[5]] else: #b/w #share1 share1[ps1,ps2] = s2[0][arr[0]] share1[ps1,(ps2+1)] = s2[0][arr[1]] share1[ps1,(ps2+2)] = s2[0][arr[2]] share1[(ps1+1),ps2] = s2[0][arr[3]] share1[(ps1+1),(ps2+1)] = s2[0][arr[4]] share1[(ps1+1),(ps2+2)] = s2[0][arr[5]] #share2 share2[ps1,ps2] = s2[1][arr[0]] share2[ps1,(ps2+1)] = s2[1][arr[1]] share2[ps1,(ps2+2)] = s2[1][arr[2]] share2[(ps1+1),ps2] = s2[1][arr[3]] share2[(ps1+1),(ps2+1)] = s2[1][arr[4]] share2[(ps1+1),(ps2+2)] = s2[1][arr[5]] #share3 share3[ps1,ps2] = s2[2][arr[0]] share3[ps1,(ps2+1)] = s2[2][arr[1]] share3[ps1,(ps2+2)] = s2[2][arr[2]] share3[(ps1+1),ps2] = s2[2][arr[3]] share3[(ps1+1),(ps2+1)] = s2[2][arr[4]] share3[(ps1+1),(ps2+2)] = s2[2][arr[5]] #share4 share4[ps1,ps2] = s2[3][arr[0]] share4[ps1,(ps2+1)] = s2[3][arr[1]] share4[ps1,(ps2+2)] = s2[3][arr[2]] share4[(ps1+1),ps2] = s2[3][arr[3]] share4[(ps1+1),(ps2+1)] = s2[3][arr[4]] share4[(ps1+1),(ps2+2)] = s2[3][arr[5]] #2pixels has been encoded j+=2 i+=1 pass #generating shares cv2.imwrite('share1.jpg', share1) cv2.imwrite('share2.jpg', share2) cv2.imwrite('share3.jpg', share3) cv2.imwrite('share4.jpg', share4) e2 = cv2.getTickCount() time = (e2 - e1)/ cv2.getTickFrequency() #combining the shares : res12 = cv2.add(share1,share2) cv2.imwrite('res12.jpg', res12) res23 = cv2.add(share2,share3) cv2.imwrite('res23.jpg', res23) res34 = cv2.add(share3,share4) cv2.imwrite('res34.jpg', res34) print time -------------- next part -------------- An HTML attachment was scrubbed... URL: From alex.gaynor at gmail.com Sun Feb 28 09:09:44 2016 From: alex.gaynor at gmail.com (Alex Gaynor) Date: Sun, 28 Feb 2016 09:09:44 -0500 Subject: [Cryptography-dev] New release on Tuesday Message-ID: Hi all, This is an advanced notice that on Tuesday we'll be issuing a new release, 1.2.3. The only change will be upgrading the bundled version of OpenSSL on Windows and OS X for https://mta.openssl.org/pipermail/openssl-announce/2016-February/000063.html Alex -- "I disapprove of what you say, but I will defend to the death your right to say it." -- Evelyn Beatrice Hall (summarizing Voltaire) "The people's good is the highest law." -- Cicero GPG Key fingerprint: 125F 5C67 DFE9 4084 -------------- next part -------------- An HTML attachment was scrubbed... URL: