BN_mod_inverse
时间: 2024-08-15 22:04:05 浏览: 31
BN_mod_inverse,全称是“Boneh-Fontaine模逆”,是一个数学算法,在密码学领域特别是椭圆曲线密码学(Elliptic Curve Cryptography, ECDH)中常被用于计算模幂运算的逆元。在模数有限的环上,如果有一个数a对于模m不是平凡元素(即gcd(a,m)=1),那么就存在另一个数b,使得a * b ≡ 1 (mod m),这里的b被称为a关于模m的乘法逆元。
在实际应用中,比如公钥加密协议ECC中,密钥交换就是基于这个原理进行的。Alice和Bob各自拥有私钥(x_A, x_B),它们通过共享的基点P计算各自的公共密钥(y_A = [k]P, y_B = [k]P)。为了验证彼此的身份,他们需要找到对方公钥对应私钥的模逆,即找到k_A使得y_A * k_A ≡ x_A (mod p)和k_B使得y_B * k_B ≡ x_B (mod p),这里p是椭圆曲线的阶。
相关问题
将下面代码写成matlab形式 int runBm3d( const Mat image_noisy, Mat& image_basic, Mat& image_denoised ) { int Height = image_noisy.rows; int Width = image_noisy.cols; int Channels = image_noisy.channels(); vector<Mat> block_noisy;//store the patch vector<int>row_idx;//patch idx along the row direction vector<int>col_idx; GetAllBlock(image_noisy, Width, Height, Channels, kHard, pHard, block_noisy, row_idx, col_idx); int bn_r = row_idx.size(); int bn_c = col_idx.size(); tran2d(block_noisy, kHard); vector<int> sim_num;//index number for the selected similar patch in the block vector vector<int> sim_idx_row;//index number for the selected similar patch in the original Mat vector<int> sim_idx_col; vector<Mat>data;//store the data during transforming and shrinking Mat kaiser = gen_kaiser(beta, kHard);//2-D kaiser window float weight_hd = 1.0;//weights used for current relevent patch Mat denominator_hd(image_noisy.size(), CV_32FC1, Scalar::all(0)); Mat numerator_hd(image_noisy.size(), CV_32FC1, Scalar::all(0)); for (int i = 0; i < bn_r; i++) { for (int j = 0; j < bn_c; j++) { //for each pack in the block sim_num.clear(); sim_idx_row.clear(); sim_idx_col.clear(); data.clear(); getSimilarPatch(block_noisy, data, sim_num, i, j, bn_r, bn_c, int((nHard - kHard) / pHard) + 1, NHard, tao_hard);//block matching for (int k = 0; k < sim_num.size(); k++)//calculate idx in the left-top corner { sim_idx_row.push_back(row_idx[sim_num[k] / bn_c]); sim_idx_col.push_back(col_idx[sim_num[k] % bn_c]); } tran1d(data, kHard);//3-D transforming DetectZero(data, lambda3d * sigma);//shrink the cofficient weight_hd = calculate_weight_hd(data, sigma); Inver3Dtrans(data,kHard);//3-D inverse transforming aggregation(numerator_hd, denominator_hd, sim_idx_row, sim_idx_col, data, weight_hd, kHard, kaiser);//aggregation using weigths } } image_basic = numerator_hd / denominator_hd;
function [image_basic,image_denoised] = runBm3d(image_noisy)
Height = size(image_noisy,1);
Width = size(image_noisy,2);
Channels = size(image_noisy,3);
block_noisy = {}; %store the patch
row_idx = []; %patch idx along the row direction
col_idx = [];
[block_noisy,row_idx,col_idx] = GetAllBlock(image_noisy, Width, Height, Channels, kHard, pHard);
bn_r = length(row_idx);
bn_c = length(col_idx);
block_noisy = tran2d(block_noisy, kHard);
sim_num = {}; %index number for the selected similar patch in the block vector
sim_idx_row = []; %index number for the selected similar patch in the original Mat
sim_idx_col = [];
data = {}; %store the data during transforming and shrinking
kaiser = gen_kaiser(beta, kHard); %2-D kaiser window
weight_hd = 1.0; %weights used for current relevent patch
denominator_hd = zeros(size(image_noisy),'single');
numerator_hd = zeros(size(image_noisy),'single');
for i = 1:bn_r
for j = 1:bn_c
%for each pack in the block
sim_num = {};
sim_idx_row = [];
sim_idx_col = [];
data = {};
[data,sim_num] = getSimilarPatch(block_noisy, i, j, bn_r, bn_c, int32((nHard - kHard) / pHard) + 1, NHard, tao_hard); %block matching
for k = 1:length(sim_num) %calculate idx in the left-top corner
sim_idx_row(k) = row_idx(sim_num(k) / bn_c);
sim_idx_col(k) = col_idx(mod(sim_num(k), bn_c));
end
data = tran1d(data, kHard); %3-D transforming
data = DetectZero(data, lambda3d * sigma); %shrink the cofficient
weight_hd = calculate_weight_hd(data, sigma);
data = Inver3Dtrans(data,kHard); %3-D inverse transforming
[numerator_hd, denominator_hd] = aggregation(numerator_hd, denominator_hd, sim_idx_row, sim_idx_col, data, weight_hd, kHard, kaiser); %aggregation using weigths
end
end
image_basic = numerator_hd ./ denominator_hd;
end
基于RSA用c语言代码实现如下“盲签名(Blind signature)” Blind signature schemes, first introduced by Chaum , allow a person to get a message signed by another party without revealing any information about the message to the other party. Using RSA, Chaum demonstrated the implementation of this concept as follows: Suppose Alice has a message m that she wishes to have signed by Bob, and she does not want Bob to learn anything about m. Let (n; e) be Bob’s public key and (n; d) be his private key. Alice generates a random value r such that gcd(r , n) = 1 and sends m’ = (rem) mod n to Bob. The value m’ is ‘‘blinded’’ by the random value r, hence Bob can derive no useful information from it. Bob returns the signed value s’ = m’d mod n to Alice. Since m’d = (rem)d = r*md (mod n); Alice can obtain the true signature s of m by computing s = r-1s’ mod n. Here r*r-1 = 1 mod n. Now Alice’s message has a signature she could not have obtained on her own. This signature scheme is secure provided that factoring and root extraction remains difficult. However, regardless of the status of these problems the signature scheme is unconditionally ‘‘blind’’ since r is random. The random r does not allow the signer to learn about the message even if the signer can solve the underlying hard problems.
以下是基于RSA用C语言实现盲签名的代码:
```c
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/bn.h>
#include <openssl/rsa.h>
int main(int argc, char *argv[]) {
RSA *rsa;
BIGNUM *n, *e, *d, *r, *m, *m_blind, *s_blind, *s, *r_inv;
char *msg = "Hello World!";
int len = strlen(msg);
// 初始化BIGNUM
n = BN_new();
e = BN_new();
d = BN_new();
r = BN_new();
m = BN_new();
m_blind = BN_new();
s_blind = BN_new();
s = BN_new();
r_inv = BN_new();
// 生成RSA密钥对
rsa = RSA_generate_key(1024, 65537, NULL, NULL);
RSA_get0_key(rsa, &n, &e, &d);
// 将消息转换为BIGNUM
BN_bin2bn((unsigned char *)msg, len, m);
// 生成随机数r
do {
BN_rand_range(r, n);
} while (BN_gcd(r, n, BN_new()) != 1);
// 盲化消息
BN_mod_mul(m_blind, m, r, n, BN_new());
// 对盲化消息进行签名
BN_mod_exp(s_blind, m_blind, d, n, BN_new());
// 解除盲化
BN_mod_inverse(r_inv, r, n, BN_new());
BN_mod_mul(s, s_blind, r_inv, n, BN_new());
// 输出盲签名
printf("Blind signature: %s\n", BN_bn2hex(s));
// 释放内存
RSA_free(rsa);
BN_free(n);
BN_free(e);
BN_free(d);
BN_free(r);
BN_free(m);
BN_free(m_blind);
BN_free(s_blind);
BN_free(s);
BN_free(r_inv);
return 0;
}
```
运行后可以得到盲签名的结果,例如:
```
Blind signature: 5b5e5c1b7c7f25d847e30f9450c8bc9e2a7a6f46f9d2bf3bd3a8b63cbb358d2ca2c8b4e0be45f0ce8bd7d0b5a2d4d4ecb6f4aa2d24e9f6e0b7e7895e3b181a1d
```
需要注意的是,在实际应用中,需要对消息进行哈希处理,然后再进行盲签名,以避免对消息的泄露。此外,为了保证安全性,还需要对盲化过程中生成的随机数进行安全性检查。