Skip to content
Snippets Groups Projects
Commit f05af15b authored by Julia Sauvage's avatar Julia Sauvage
Browse files

FindDS pas encore opérationnel, reste à verifier la récupération de rot[nbiter:nboutput]

parent d224f00e
Branches
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
Showing
with 114 additions and 29 deletions
Cunknown/FindDS.sage
+ 114
29
View file @ f05af15b
......@@ -4,24 +4,18 @@ k = 64
known_up = 8
known_low = 11
a = 2549297995355413924 * 2^64 + 4865540595714422341
nbiter = 5
nboutput = 30
def sortiesGenerateur():#OK !
c = (r.randint(0, 2**(2 * k)) * 2 + 1) % 2**(2 * k) #c est impair
S=[r.randint(0,2**(k * 2))]
#c=6364136223846793005 * 2^64 + 1442695040888963407#increment par defaut de pcg (connu)
#S=[8487854484825256858 + 11929896274893053136 * 2^64]
for i in range (nboutput-1):
S.append((S[i] * a + c) % (1<<(2 * k)))
X=[]
for i in range (nboutput):
x=(S[i] % (1<<k))^^(S[i]>>k)
rot = S[i] >> (2 * k - known_up)
X.append((x >> rot) | ((x << (k - rot)) % (1 << k)))
return X,S,c
polA = [0];
powA = [1];
for i in range (1, nboutput):
polA.append((polA[i-1] + powA [i-1]) % 2^128)
powA.append((powA[i-1] * a)% 2^128)
#### MATRIX ####
def getG(n,mod):
G = [[1]]
for i in range(n-1):
......@@ -44,28 +38,119 @@ def getGreduite(n,mod):
def getInvG(Greduite):
return Greduite.inverse().n()
def findDS(rot, Greduite, invG):
tmp = vector([(rot[i+1] - rot[i]) << (2 * k - known_up - known_low) for i in range(nboutput - 1)])
Greduite1 = getGreduite(nbiter - 1, 2^k)
invG1 = getInvG(Greduite1)
Greduite2 = getGreduite(nboutput - 1, 2^(2 * k - known_low))
invG2 = getInvG(Greduite2)
def sortiesGenerateur():#OK !
c = (r.randint(0, 1<<(2 * k)) * 2 + 1) % 1<<(2 * k) #c est impair
S=[r.randint(0,1<<(k * 2))]
#c=6364136223846793005 * 2^64 + 1442695040888963407#increment par defaut de pcg (connu)
#S=[8487854484825256858 + 11929896274893053136 * 2^64]
for i in range (nboutput-1):
S.append((S[i] * a + c) % (1<<(2 * k)))
X=[]
for i in range (nboutput):
x=(S[i] % (1<<k))^^(S[i]>>k)
rot = S[i] >> (2 * k - known_up)
X.append((x >> rot) | ((x << (k - rot)) % (1 << k)))
return X,S,c
## Unrotate
def unrotateX(X, rot):#OK !
rot2 = []
for i in range(nbiter):
rot2.append((k - rot[i]) % k)
return rotateX(X, rot2)
def getY(W0, WC, rot, uX):#OK !
Y = [(((powA[i] * W0 + polA[i] * WC) % 2**known_low) ^^ (uX[i] % 2**known_low)) * 2**known_up + (rot[i] ^ (uX[i] // 2**(k - known_up))) for i in range(nbiter)]
return Y
def getYprim(Y, WC, W0): #OK ! avec erreurs de retenues ~64bits (polC polW)
Yprim=[(Y[i] - (polA[i] * WC + powA[i]*W0) // 2**(k - known_up)) % 2**(known_up + known_low) for i in range(nbiter)]
return Yprim
def getDY(Y, WC, W0): #OK ! avec erreurs de retenues ~64bits (polC polW)
Yprim = getYprim(Y, WC, W0)
DY=[(Yprim[i+1] - Yprim[i]) % 2**(known_up + known_low) for i in range(nbiter-1)]
return DY
######FINDDS######
def FindDS64(uX, rot, W0,WC, invG, Greduite): #rajouter rot dans la version non test ? #OK! ~64bits
#polW = getPolW(W0)
Y = getY(W0, WC, rot, uX)
DY = getDY(Y, WC, W0) #OK avec erreurs de retenues!
tmp = [y * 1<<(k - known_up - known_low) for y in DY]#on rajoute les zéros, recentrage impossible à cause des erreurs de retenues
u = prodMatVec(invG, tmp)
DS64 = prodMatVec(Greduite, [round(u_) for u_ in u])
return DS64, Y[0]
######FINDROTI######
#DS64ij = ((polA[j] - polA[i])*DSmod0) % 2**k
def FindRoti(DS640, X, i, Y0, W0,WC):#OK !
DS640i = (polA[i] * DS640) % 1<<k
DSmod0i = ((DS640i << known_low) + W0 * powA[i] + WC * polA[i] - WC - W0) % 1<<(k +known_low)
# Yi = vraiYi ou vraiYi - 1 à cause de la retenue
Yi1 = (Y0 + (DSmod0i >> (k - known_up))) % (1 << (known_low + known_up))#avec ou sans retenue
Yi2 = Yi1 + 1
Wi = (W0 * powA[i] + WC * polA[i]) % (1 << known_low)
roti = []
for i in range(1<<known_up):
test1 = (((X ^^ (Yi1 >> known_up)) % (1 << known_low)) == Wi) and ((i ^^ (X >> (k - known_up))) == Yi1 % (1 << known_up))
test2 = (((X ^^ (Yi2 >> known_up)) % (1 << known_low)) == Wi) and ((i ^^ (X >> (k - known_up))) == Yi2 % (1 << known_up))
if (test1 or test2) :
roti.append(i)
X = unrotate1(X)
return roti
def FindRot(DS640,X, Y0, W0, WC): #OK !
tabrot =[]
for i in range(nboutput):
tabrot.append(FindRoti(DS640, X[i], i, Y0, W0,WC))
#print(rot[i])
if(len(tabrot[i]) == 0):
return []
return tabrot
def findDS(rot, Greduite, invG): #OK!
rotprim = []
for i in range(nboutput):
rotprim.append((rot[i] - ((powA[i] * W0 + polA[i] * WC) >> (2 * k - known_up))) % (1<<known_up))
tmp = vector([(rotprim[i+1] - rotprim[i]) << (2 * k - known_up - known_low) for i in range(nboutput - 1)])
u = invG * tmp
tmp = vector([round(u_) for u_ in u])
return Greduite * tmp
Greduite = getGreduite(nboutput - 1, 2^(2 * k - known_low))
invG = getInvG(Greduite)
def reclistDS(rot, tabrot, Greduite, invG, i):
if(i == nboutput - 1):
DS.append(findDS(rot, Greduite, invG))
for r in tabrot[i]:
rot[i] = r
reclistDS(rot, tabrot, Greduite, invG, i+1)
cpt = 0
for blabla in range(1000):
for blabla in range(100):
X, S,c = sortiesGenerateur()
W0 = S[0] % (1 << known_low)
WC = c % (1 << known_low)
rot =[]
for i in range(nboutput):
rot.append(S[i] >> (2 * k - known_up))
polA = [0];
powA = [1];
for i in range (1, nboutput):
polA.append((polA[i-1] + powA [i-1]) % 2^128)
powA.append((powA[i-1] * a)% 2^128)
Sprim = [(S[i] - polA[i] * (c % 1<<known_low) - powA[i] * (S[0] % 2^known_low)) % 2^128 for i in range(nboutput)]
Sprim = [(S[i] - polA[i] * (c % 2^known_low) - powA[i] * (S[0] % 2^known_low)) % 2^128 for i in range(nboutput)]
#print((Sprim[1] - Sprim[0]) >> known_low)
rot = [Sprim[i] >> (k * 2 - known_up) for i in range(nboutput)]
DS = findDS(rot, Greduite, invG)
DS = findDS(rot, Greduite2, invG2)
if(DS[0] == ((Sprim[1] - Sprim[0]) >> known_low)):
cpt += 1
#print(DS[0])
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment