laicrypto 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 542a40d2e82129821225c13236509b3432870e6a32fd12b079800377c5a76a42
+  data.tar.gz: f0240e59391207efcad435482237b2af8be2acb8c5d07f35037838d8ad4c6545
+SHA512:
+  metadata.gz: 55d0e02c98ad5824b0f2c89b808fcf5ed51476f6a058b891324773aa92ef2553da1ddd7536735e5fc872c7b4eae66026035681d3e11b7ac1bd81ff16eb1880a0
+  data.tar.gz: ad07b4cb86dcca560db066527eaef153a2de18ae67acd4c7709a69644db395b407c41d2a7bdd65d66247455b9a78d3181819c5535c9222ac8de62d1e2808f534

data/README.md

@@ -0,0 +1,338 @@
+# pqcrypto
+
+<img src="https://github.com/4211421036/pqcrypto/blob/main/logo.png" />
+
+**Post-Quantum Lemniscate-AGM Isogeny (LAI) Encryption**
+
+A Python package providing a reference implementation of the Lemniscate-AGM Isogeny (LAI) encryption scheme. LAI is a promising post-quantum cryptosystem based on isogenies of elliptic curves over lemniscate lattices, offering resistance against quantum-capable adversaries.
+
+---
+
+## Project Overview
+
+This library implements the core mathematical primitives and high-level API of the LAI scheme, including:
+
+* **Key Generation**: Derivation of a private scalar and corresponding public point via binary exponentiation of the LAI transformation.
+* **Encryption**: Secure encryption of integer messages modulo a prime.
+* **Decryption**: Accurate recovery of plaintext via inverse transform.
+
+The code is annotated with direct correspondence to the mathematical definitions and pseudocode, making it suitable for research, educational use, and further development.
+
+---
+
+## Mathematical Formulation
+
+### 1. Hash-Based Seed Function
+
+Define:
+
+$$
+H(x, y, s) \;=\; \mathrm{SHA256}\bigl(x \,\|\, y \,\|\, s\bigr) \bmod p
+$$
+
+where \$x,y,s \in \mathbb{Z}\_p\$ and \$|\$ denotes byte-string concatenation.
+
+### 2. Modular Square Root (Tonelli–Shanks)
+
+Compute \$z = \sqrt{a} \bmod p\$ for prime \$p\$:
+
+* If \$p \equiv 3 \pmod{4}\$:
+  $z \;=\; a^{\frac{p+1}{4}} \bmod p$
+* Otherwise, use the full Tonelli–Shanks algorithm for general primes.
+
+### 3. LAI Transformation \$T\$
+
+Given a point \$(x,y) \in \mathbb{F}\_p^2\$, parameter \$a\$, and seed index \$s\$, define:
+
+$$
+\begin{aligned}
+    h &= H(x,y,s), \[4pt]
+    x' &= \frac{x + a + h}{2} \bmod p, \[4pt]
+    y' &= \sqrt{x \, y + h} \bmod p.
+\end{aligned}
+$$
+
+Thus,
+
+$T\bigl((x,y), s; a, p\bigr) = (\,x', y').$
+
+### 4. Binary Exponentiation of \$T\$
+
+To compute \$T^k(P\_0)\$ efficiently, use exponentiation by squaring:
+
+```text
+function pow_T(P, k):
+    result ← P
+    base   ← P
+    s      ← 1
+    while k > 0:
+        if (k mod 2) == 1:
+            result ← T(result, s)
+        base ← T(base, s)
+        k    ← k >> 1
+        s    ← s + 1
+    return result
+```
+
+### 5. API Algorithms
+
+**Key Generation**
+
+```text
+function keygen(p, a, P0):
+    k ← random integer in [1, p−1]
+    Q ← pow_T(P0, k)
+    return (k, Q)
+```
+
+**Encryption**
+
+```text
+function encrypt(m, Q, p, a, P0):
+    r  ← random integer in [1, p−1]
+    C1 ← pow_T(P0, r)
+    Sr ← pow_T(Q, r)
+    M  ← (m mod p, 0)
+    C2 ← ( (M.x + Sr.x) mod p,
+            (M.y + Sr.y) mod p )
+    return (C1, C2)
+```
+
+**Decryption**
+
+```text
+function decrypt(C1, C2, k, a, p):
+    S   ← pow_T(C1, k)
+    M.x ← (C2.x − S.x) mod p
+    return M.x
+```
+
+---
+
+## Features
+
+1. **Pure Python** implementation: no external dependencies for core routines (uses `hashlib` & `secrets`).
+2. **Mathematically Annotated**: formulas and pseudocode directly reference the original scheme.
+3. **Modular Design**: separation of primitives (`H`, `sqrt_mod`, `T`) and high-level API (`keygen`, `encrypt`, `decrypt`).
+4. **General & Optimized**: Tonelli–Shanks for any prime, plus branch for \$p\equiv3\pmod4\$.
+5. **Automated Testing**: `pytest` suite for end-to-end verification.
+6. **CI/CD Ready**: PyPI publication via GitHub Actions.
+
+---
+
+## Installation
+
+### From PyPI
+
+```bash
+pip install pqcrypto
+```
+
+### From NPM
+```bash
+npm install pqlaicrypto
+```
+
+### From Ruby GEMFILE
+```bash
+gem build laicrypto.gemspec
+gem install ./laicrypto-0.1.0.gem
+```
+
+### From Source
+
+```bash
+git clone https://github.com/4211421036/pqcrypto.git
+cd pqcrypto
+pip install .
+```
+
+---
+
+## Usage Example
+
+Python
+```python
+import math
+
+from pqcrypto import keygen, encrypt, decrypt
+
+p = 10007
+a = 5
+P0 = (1, 0)
+
+def max_block_size(p: int) -> int:
+    bit_len = p.bit_length()
+    return (bit_len - 1) // 8
+
+def text_to_int_blocks(text: str, p: int) -> list[int]:
+    raw_bytes = text.encode("utf-8")
+    B = max_block_size(p)
+    if B < 1:
+        raise ValueError("Prime p terlalu kecil untuk menyimpan satu byte pun.")
+
+    blocks = []
+    # Hitung jumlah blok
+    n_blocks = math.ceil(len(raw_bytes) / B)
+    for i in range(n_blocks):
+        start = i * B
+        end = start + B
+        chunk = raw_bytes[start:end]
+        m_int = int.from_bytes(chunk, byteorder="big")
+        if m_int >= p:
+            raise ValueError("Blok integer melebihi modulus p.")
+        blocks.append(m_int)
+
+    return blocks
+
+
+def int_blocks_to_text(blocks: list[int], p: int) -> str:
+    all_bytes = bytearray()
+    for m_int in blocks:
+        if not (0 <= m_int < p):
+            raise ValueError(f"Integer block {m_int} di luar range [0, p).")
+        if m_int == 0:
+            chunk_bytes = b"\x00"
+        else:
+            byte_len = math.ceil(m_int.bit_length() / 8)
+            chunk_bytes = m_int.to_bytes(byte_len, byteorder="big")
+        all_bytes.extend(chunk_bytes)
+
+    return all_bytes.decode("utf-8", errors="strict")
+
+def encrypt_text(
+    text: str,
+    k: int,
+    public_Q: tuple[int, int],
+    p: int,
+    a: int,
+    P0: tuple[int, int],
+) -> list[dict]:
+    int_blocks = text_to_int_blocks(text, p)
+    ciphertext = []
+
+    for m_int in int_blocks:
+        # encrypt() sudah otomatis retry jika T^r gagal
+        C1, C2, r = encrypt(m_int, public_Q, k, p, a, P0)
+        ciphertext.append({
+            "C1": (C1[0], C1[1]),
+            "C2": (C2[0], C2[1]),
+            "r": r,
+        })
+
+    return ciphertext
+
+def decrypt_text(
+    ciphertext: list[dict],
+    k: int,
+    p: int,
+    a: int,
+) -> str:
+    int_blocks = []
+    for block in ciphertext:
+        x1, y1 = block["C1"]
+        x2, y2 = block["C2"]
+        r = block["r"]
+        m_int = decrypt((x1, y1), (x2, y2), k, r, a, p)
+        int_blocks.append(m_int)
+
+    return int_blocks_to_text(int_blocks, p)
+
+if __name__ == "__main__":
+    # 6.1. Generate keypair
+    private_k, public_Q = keygen(p, a, P0)
+    print("=== Key Generation ===")
+    print("Private k :", private_k)
+    print("Public  Q :", public_Q)
+    print()
+
+    original_text = """
+function hello(name) {
+    console.log("Hello, " + name + "!");
+}
+hello("LAI User");
+""".strip()
+
+    print("=== Original Text ===")
+    print(original_text)
+    print()
+
+    ciphertext = encrypt_text(original_text, private_k, public_Q, p, a, P0)
+    print("=== Ciphertext (serialized) ===")
+    for i, blk in enumerate(ciphertext):
+        print(f"Block {i+1}: C1={blk['C1']}, C2={blk['C2']}, r={blk['r']}")
+
+    print()
+    recovered_text = decrypt_text(ciphertext, private_k, p, a)
+    print("=== Decrypted Text ===")
+    print(recovered_text)
+    print()
+
+    assert recovered_text == original_text, "Decryption mismatch!"
+    print("Round-trip successful! Teks tepat sama dengan semula.")
+
+```
+
+JS
+```js
+const {
+  keygen,
+  encrypt,
+  decrypt
+} = require('pqlaicrypto');
+
+const p = 23n;
+const a = 5n;
+const P0 = [3n, 10n];
+
+const { k, Q } = keygen(p, a, P0);
+
+const m = 7n;
+const { C1, C2, r } = encrypt(m, Q, k, p, a, P0);
+
+const decrypted = decrypt(C1, C2, k, r, a, p);
+console.log('Pesan asli:', decrypted.toString());
+```
+
+Ruby
+
+```rb
+irb
+> require "laicrypto"
+> laicrypto.keygen(23, 5, [3,10])
+```
+
+---
+
+## API Reference
+
+| Function                             | Description                             |
+| ------------------------------------ | --------------------------------------- |
+| `H(x, y, s, p) -> int`               | Hash-based seed modulo \$p\$.           |
+| `sqrt_mod(a, p) -> int`              | Modular square root via Tonelli–Shanks. |
+| `T(point, s, a, p) -> (int, int)`    | One LAI transform step.                 |
+| `keygen(p, a, P0) -> (k, Q)`         | Generate private key and public point.  |
+| `encrypt(m, Q, p, a, P0) -> (C1,C2)` | Encrypt integer message.                |
+| `decrypt(C1, C2, k, a, p) -> int`    | Decrypt ciphertext to integer.          |
+
+---
+
+## Testing
+
+```bash
+pytest --disable-warnings -q
+```
+
+---
+
+## Contributing & Development
+
+1. Fork the repo
+2. Create branch: `git checkout -b feature/xyz`
+3. Implement changes with corresponding tests
+4. Run tests: `pytest`
+5. Submit Pull Request
+
+Please follow PEP 8 and include unit tests for new functionality.
+
+---

data/lib/laicrypto/version.rb

@@ -0,0 +1,3 @@
+module Laicrypto
+  VERSION = "0.1.0"
+end

data/lib/laicrypto.rb

@@ -0,0 +1,163 @@
+require "digest"
+require_relative "laicrypto/version"
+
+module Laicrypto
+  class Error < StandardError; end
+
+  # H(x, y, s, p) = SHA256(x || y || s) mod p
+  def self.H(x, y, s, p)
+    data      = "#{x}|#{y}|#{s}"
+    digest    = Digest::SHA256.digest(data)
+    digest_bn = digest.unpack1("H*").to_i(16)
+    digest_bn % p
+  end
+
+  # mod_pow(base, exp, mod): base^exp mod mod (exponentiation by squaring)
+  def self.mod_pow(base, exp, mod)
+    result = 1
+    b      = base % mod
+    e      = exp
+
+    while e > 0
+      result = (result * b) % mod if (e & 1) != 0
+      b = (b * b) % mod
+      e >>= 1
+    end
+
+    result
+  end
+
+  # sqrt_mod(a, p): Tonelli–Shanks to find sqrt modulo p (p prime). Return nil if no root.
+  def self.sqrt_mod(a, p)
+    a = a % p
+    return 0 if a == 0
+
+    # Legendre symbol: a^((p-1)//2) mod p
+    ls = mod_pow(a, (p - 1) / 2, p)
+    return nil if ls == p - 1
+
+    # Shortcut if p % 4 == 3
+    if p % 4 == 3
+      return mod_pow(a, (p + 1) / 4, p)
+    end
+
+    # Tonelli–Shanks for p ≡ 1 (mod 4)
+    q = p - 1
+    s = 0
+    while (q & 1) == 0
+      q >>= 1
+      s += 1
+    end
+
+    # Find z: a quadratic non-residue
+    z = 2
+    while mod_pow(z, (p - 1) / 2, p) != p - 1
+      z += 1
+    end
+
+    m = s
+    c = mod_pow(z, q, p)
+    t = mod_pow(a, q, p)
+    r = mod_pow(a, (q + 1) / 2, p)
+
+    loop do
+      return r if t == 1
+      # Find smallest i: t^(2^i) ≡ 1 (mod p)
+      t2i = t
+      i   = 0
+      (1...m).each do |j|
+        t2i = (t2i * t2i) % p
+        if t2i == 1
+          i = j
+          break
+        end
+      end
+      # Compute next values
+      b = mod_pow(c, 1 << (m - i - 1), p)
+      m = i
+      c = (b * b) % p
+      t = (t * c) % p
+      r = (r * b) % p
+    end
+  end
+
+  # T(point, s, a, p): transformation
+  #   x' = (x + a + H(x,y,s)) * inv2 mod p
+  #   y' = sqrt_mod(x*y + H(x,y,s), p)
+  # If sqrt_mod returns nil, increment s (up to 10 tries)
+  def self.T(point, s, a, p)
+    x, y   = point
+    inv2   = mod_pow(2, p - 2, p)  # modular inverse of 2 mod p
+    trials = 0
+    s_current = s
+
+    while trials < 10
+      h = H(x, y, s_current, p)
+      x_candidate = ((x + a + h) * inv2) % p
+      y_sq = (x * y + h) % p
+      y_candidate = sqrt_mod(y_sq, p)
+      return [x_candidate, y_candidate] unless y_candidate.nil?
+
+      s_current += 1
+      trials += 1
+    end
+
+    raise Error, "T: Gagal menemukan sqrt untuk y^2=#{y_sq} mod #{p} setelah #{trials} percobaan."
+  end
+
+  # _pow_T_range(P, start_s, exp, a, p): apply T iteratively exp times, starting seed = start_s
+  def self._pow_T_range(P, start_s, exp, a, p)
+    result = P.dup
+    curr_s = start_s
+    exp.times do
+      result = T(result, curr_s, a, p)
+      curr_s += 1
+    end
+    result
+  end
+
+  # keygen(p, a, P0) → { k: Integer, Q: [x,y] }
+  def self.keygen(p, a, P0)
+    loop do
+      k_candidate = rand(1...p)
+      begin
+        Q = _pow_T_range(P0, 1, k_candidate, a, p)
+        return { k: k_candidate, Q: Q }
+      rescue Error
+        next
+      end
+    end
+  end
+
+  # encrypt(m, public_Q, k, p, a, P0) → { C1: [x,y], C2: [x,y], r: Integer }
+  def self.encrypt(m, public_Q, k, p, a, P0)
+    loop do
+      r = rand(1...p)
+      # Compute C1 = T^r(P0) with seeds 1..r
+      begin
+        C1 = _pow_T_range(P0, 1, r, a, p)
+      rescue Error
+        next
+      end
+
+      # Compute Sr = T^r(public_Q) with seeds (k+1)..(k+r)
+      begin
+        Sr = _pow_T_range(public_Q, k + 1, r, a, p)
+      rescue Error
+        next
+      end
+
+      M0 = m % p
+      M  = [ M0 < 0 ? M0 + p : M0, 0 ]
+      C2 = [ (M[0] + Sr[0]) % p, (M[1] + Sr[1]) % p ]
+      return { C1: C1, C2: C2, r: r }
+    end
+  end
+
+  # decrypt(C1, C2, k, r, a, p) → Integer (original message)
+  def self.decrypt(C1, C2, k, r, a, p)
+    S  = _pow_T_range(C1, r + 1, k, a, p)
+    M0 = (C2[0] - S[0]) % p
+    M0 < 0 ? M0 + p : M0
+  end
+end

metadata

@@ -0,0 +1,50 @@
+--- !ruby/object:Gem::Specification
+name: laicrypto
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- GALIH RIDHO UTOMO
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2025-05-31 00:00:00.000000000 Z
+dependencies: []
+description: 'LAI is a promising post-quantum cryptosystem based on isogenies of elliptic
+  curves over lemniscate lattices, offering resistance against quantum-capable adversaries.
+
+  '
+email:
+- g4lihru@students.unnes.ac.id
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- README.md
+- lib/laicrypto.rb
+- lib/laicrypto/version.rb
+homepage: https://github.com/4211421036/pqcrypto
+licenses:
+- MIT
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.3.27
+signing_key:
+specification_version: 4
+summary: LAI is a promising post-quantum cryptosystem based on isogenies of elliptic
+  curves.
+test_files: []