# Public domain. import sys import random import signatures import doublescalarmult c = 5 # XXX: tune c for b def multiscalarmult(scalars,points): multiples = [False,points] for i in range(2,2**c): multiples.append([P + Q for P,Q in zip(points,multiples[i - 1])]) maxscalar = max(scalars) i = 0 while 2**i <= maxscalar: i += c result = signatures.groupelt(0) while i >= c: for j in range(c): result = result + result i -= 1 for j in range(len(scalars)): digit = (scalars[j] >> i) % (2**c) if digit > 0: result = result + multiples[digit][j] return result def verifybatch(smvector): results = [] randomizers = [random.randrange(2**signatures.b) for i in range(len(smvector))] points = [signatures.B] scalars = [0] for i in range(len(smvector)): sm = smvector[i] R,S,A,M = sm[0],sm[1],sm[2],sm[3] h = signatures.inthash(str(R) + str(A) + M) points.append(signatures.groupelt(R)) scalars.append(randomizers[i]) points.append(signatures.groupelt(A)) scalars.append((h * randomizers[i]) % signatures.l) scalars[0] = (scalars[0] - S * randomizers[i]) % signatures.l if multiscalarmult(scalars,points).x == 0: return [True] * len(smvector) for sm in smvector: R,S,A,M = sm[0],sm[1],sm[2],sm[3] h = signatures.inthash(str(R) + str(A) + M) checkR = doublescalarmult.doublescalarmult(S,signatures.B,(-h) % signatures.l,signatures.groupelt(A)) results.append(R == checkR.x) return results signatures.benchmark(verifybatch,int(sys.argv[1]))