Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- "LLL Reduction... ",end='')
- LLL.reduction(M)
- print("Done!")
- b1 = M[-63]
- b2 = M[-62]
- print("b1 =",b1)
- print("b2 =",b2)
- n1 = 1
- n2 = 1
- p1 = 1
- p2 = 1
- for i in range(64):
- if b1[i] < 0:
- n1 *= pow(c[i], -b1[i])
- else:
- p1 *= pow(c[i], b1[i])
- if b2[i] < 0:
- n2 *= pow(c[i], -b2[i])
- else:
- p2 *= pow(c[i], b2[i])
- sum1 = abs(p1-n1)
- sum2 = abs(p2-n2)
- print("Finish Counting sum1 sum2!")
- import math
- print("Digit of sum1 =", math.log2(sum1)+1)
- print("Digit of sum2 =", math.log2(sum2)+1)
- def GCD(a, b):
- while b:
- a, b = b, a%b
- return a
- n = GCD(sum1, sum2)
- print("Finish GCD, n =",n)
- assert(n % p == 0)
- assert(n % p == 0)
- for i in range(64):
- for j in range(i+1, 64):
- ci = pow(c[i], e[j], n)
- cj = pow(c[j], e[i], n)
- n = GCD(n, abs(ci-cj))
- print("Found n =",n)
- assert(n % p == 0)
- from ecdsa.numbertheory import inverse_mod
- q = n//p
- for i in range(64):
- if(GCD(e[i], (p-1)*(q-1)) > 1):
- continue
- d = inverse_mod(e[i], (p-1)*(q-1))
- m = pow(c[i], d, n)
- print(m)
- print(int(m).to_bytes(256, byteorder='little'))
- assert(pow(m, e[i], n) == c[i])
- break
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
