From c2be250e4fd7e866edca5afc96c43f896c70c5b9 Mon Sep 17 00:00:00 2001
From: vovuas2003 <89464038+vovuas2003@users.noreply.github.com>
Date: Tue, 2 Apr 2024 11:14:36 +0300
Subject: [PATCH] Add files via upload

---
 break.py   | 3 ++-
 encode.py  | 8 +++++++-
 readme.txt | 4 ++--
 3 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/break.py b/break.py
index 48ad36f..091f92f 100644
--- a/break.py
+++ b/break.py
@@ -47,12 +47,13 @@ def decode(S, P, c):
     return c
 
 def break_S(P, G_):
+    return my_fix(G_ @ np.linalg.inv(P)) #works for Reed-Solomon
     #G_ = S @ G @ P
     rs = galois.ReedSolomon(n, k, field=GF)
     G = rs.G
     G_ = G_ @ np.linalg.inv(P)
     G_ = my_fix(G_)
-    G = my_fix(G)
+    G = my_fix(G) #returns E because we use Reed-Solomon algo
     S = G_ @ np.linalg.inv(G)
     return S
 
diff --git a/encode.py b/encode.py
index 5af35dd..29cc698 100644
--- a/encode.py
+++ b/encode.py
@@ -1,5 +1,6 @@
 import numpy as np
 import galois
+import random
 
 import pubkey
 
@@ -28,7 +29,12 @@ def encrypt(G_, text):
     msg = pad_message(text.encode(), k)
     m = GF(msg)
     c = m.T @ G_
-    return c
+    t = (n - k) // 2
+    z = np.zeros(n, dtype = int)
+    p = [i for i in range(n)]
+    for i in range(t):
+        z[p.pop(random.randint(0, n - 1 - i))] = random.randint(0, order - 1)
+    return c + GF(z)
 
 def export(ct):
     output = "ct = [ " + ", ".join([str(int(cell)) for cell in ct]) + " ]"
diff --git a/readme.txt b/readme.txt
index 2bb8bbb..04ea86d 100644
--- a/readme.txt
+++ b/readme.txt
@@ -12,5 +12,5 @@ Check break.py to understand how hacker can do this.
 
 todo:
 1. left part of G is E, because we use Reed-Solomon algo; so left part of S @ G is S and cutting right colomns works; my_fix(G) returns E and in break_S we needn't get inv(G), just S = my_fix(G_ @ inv(P)), check it; try break_S with another (not Reed-Solomon) code (matrix G will be different; will my_fix(G) and my_fix(G_) return nonsingular matrices?; of course, rank(G) = rank(G_) = k and we can iterate through all possible combinations of column deletions and find one that does not lead to nonsingular matrices); another way to get S is calculating it row by row (solving k systems, each has  n equations with k variables, k < n, but we need to do it in Galois Field)
-2. check randomization during encode (add vector z, check https://en.wikipedia.org/wiki/McEliece_cryptosystem)
-3. make presentation that explains McEliece cryptosystem
\ No newline at end of file
+2. DONE! check randomization during encode (add vector z, check https://en.wikipedia.org/wiki/McEliece_cryptosystem)
+3. DONE! make presentation that explains McEliece cryptosystem
\ No newline at end of file