{"id":44787082,"url":"https://github.com/P1sec/CryptoMobile","last_synced_at":"2026-02-28T23:00:46.286Z","repository":{"id":50317978,"uuid":"166055449","full_name":"P1sec/CryptoMobile","owner":"P1sec","description":"Cryptography for mobile network - C implementation and Python bindings","archived":false,"fork":true,"pushed_at":"2023-01-09T11:49:45.000Z","size":221,"stargazers_count":34,"open_issues_count":0,"forks_count":17,"subscribers_count":10,"default_branch":"master","last_synced_at":"2024-03-25T22:42:32.318Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":"mitshell/CryptoMobile","license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/P1sec.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-01-16T14:39:07.000Z","updated_at":"2023-12-21T04:42:38.000Z","dependencies_parsed_at":"2023-02-08T10:31:04.434Z","dependency_job_id":null,"html_url":"https://github.com/P1sec/CryptoMobile","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/P1sec/CryptoMobile","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/P1sec%2FCryptoMobile","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/P1sec%2FCryptoMobile/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/P1sec%2FCryptoMobile/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/P1sec%2FCryptoMobile/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/P1sec","download_url":"https://codeload.github.com/P1sec/CryptoMobile/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/P1sec%2FCryptoMobile/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29954583,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-28T22:53:01.873Z","status":"ssl_error","status_checked_at":"2026-02-28T22:52:50.699Z","response_time":90,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-02-16T10:00:19.649Z","updated_at":"2026-02-28T23:00:46.121Z","avatar_url":"https://github.com/P1sec.png","language":"Python","funding_links":[],"categories":["Protocols"],"sub_categories":["NAS 4G/5G and Milenage"],"readme":"# CryptoMobile toolkit\n\n## Update 2019\nThe fork at [P1sec](https://github.com/P1sec/CryptoMobile) is going to be more actively maintained and extended than this project.\nDo not hesitate to clone it instead of this one.\n\n\n## About\nThis toolkit implements python wrappers around 3G and LTE encryption and \nintegrity protection algorithms, COMP128, Milenage and TUAK authentication \nalgorithms, and ECIES identity protection scheme.\n\n\n## Disclaimer\nThis is delivered for study only: beware that cryptographic material, \nespecially ciphering algorithms are always subject to national regulation.\nMoreover, use in real networks and equipments of some of the algorithms provided\nare subect to agreement / licensing by the GSMA and / or the ETSI:\nsee [GSMA](https://www.gsma.com/aboutus/leadership/committees-and-groups/working-groups/fraud-security-group/security-algorithms)\nand [ETSI](https://www.etsi.org/security-algorithms-and-codes/security-algorithms).\n\n\n## Installation\nThe standard installation process is to use the CPython build environment to compile\nC files and install them together with the Python wrappers. The Milenage and EEA2/EIA2\nalgorithms moreover require one of the following Python cryptographic library to support\nAES:\n- [pycryptodome](https://www.pycryptodome.org/) or\n- [cryptography](https://cryptography.io/en/latest/)\n\nThe ECIES module requires the last one (cryptography) to work, as no support for ECIES \nwith pycryptodome as been developped yet.\n\n\nThis library supports both Python 2.7 and 3.X versions.\nAn installation script is available: it installs the library within your Python \npackage directory:\n\n```\npython setup.py install\n```\nor to make a system-wide install\n```\nsudo python setup.py install\n```\n\nIt is also possible to test the library before installing it:\n\n```\npython setup.py test\n```\n\nOr to simply build the library without installing it in the system:\n\n```\npython setup.py build\n```\n\nFor generic info on building C extensions on Windows, see the \n[Python wiki](https://wiki.python.org/moin/WindowsCompilers).\nWhen building on a Windows system using the MSVC compiler, the .c files will be automatically\nrenamed to .cc by the install script in order to get them compiled correctly by the MSVC compiler.\n\nTo be noted also that the library builds and runs fine with pypy3.\n\n\n### Installing the ctypes version instead of the CPython wrappers\nThere is still the possibility to install manually the historical version (before 2019) \nof the library which uses Python-only _ctypes_ source files. A *CM_ctypes.py* is available \nin the \\_ctypes directory for this purpose.\nPlease note that this part is not supported anymore, no more tested, and may not work correctly\nor even at all.\n\n\n## Usage\nMost of the classes and methods have docstrings. Just read them to get information\non how to use and call them.\n\n\nWarning: most of the C reference implementations are using global or static variables,\nwhich are making them not thread-safe. Using them through Python is however OK thanks \nto the GIL, but beware in case you want to use them directly from C.\n\n\n### CMAC mode of operation\nThis is the CBC-MAC mode as defined by NIST. It works with any block cipher primitive,\nand returns MAC of any length in bits. This is written in pure Python.\n\nHere is an example on how to use it with AES:\n```\n\u003e\u003e\u003e from CryptoMobile.CMAC import CMAC\n\u003e\u003e\u003e help(CMAC)\n[...]\n\u003e\u003e\u003e from CryptoMobile.AES import AES_ECB\n\u003e\u003e\u003e key = 16*b'A'\n\u003e\u003e\u003e cmac = CMAC(key, AES_ECB, Tlen=48)\n\u003e\u003e\u003e cmac.cmac(200*b'test')\nb'\\xf7\\xad\\x89-j\\n'\n\u003e\u003e\u003e cmac.cmac(200*b'test', (200*8)-2) # this is to not compute the MAC over the last 2 bits of the input\nb'\\xa7\\x7f\\xc4\\xbf\\xfc\\xf4'\n```\n\n### COMP128\nThis is the Python wrapper over the COMP128 v1, v2 and v3 algorithms. The C code\nhas been taken from the FreeRADIUS project.\n\nHere is an example on how to use it:\n```\n\u003e\u003e\u003e from pycomp128 import *\n\u003e\u003e\u003e help(comp128v1)\n[...]\n\u003e\u003e\u003e key, rand = 16*b'A', 16*b'B'\n\u003e\u003e\u003e comp128v1(key, rand)\n(b'#9\\x0b^', b\"\\x08\\xb6'\\xf36\\x80\\xec\\x00\")\n\u003e\u003e\u003e comp128v2(key, rand)\n(b'\\x8a\\x9b\\xaaI', b']\\xdcPs\\xa6:\\x04\\x00')\n\u003e\u003e\u003e comp128v3(key, rand)\n(b'\\x8a\\x9b\\xaaI', b']\\xdcPs\\xa6:\\x07\\xf9')\n```\n\n### Milenage\nThis is Python wrapper over the Milenage algorithm. The mode of operation is written\nin Python, and makes use of the AES function from one of the AES Python backend found.\n\nc1 to c5 and r1 to r5 constants are implemented as class attribute.\nThe class must be instantiated with the OP parameter.\n\nHere is an example on how to use it:\n```\n\u003e\u003e\u003e from CryptoMobile.Milenage import Milenage\n\u003e\u003e\u003e help(Milenage)\n[...]\n\u003e\u003e\u003e Milenage.c1\nb'\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00'\n\u003e\u003e\u003e Milenage.c2\nb'\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x01'\n\u003e\u003e\u003e Milenage.r3\n32\n\u003e\u003e\u003e OP = 16*b'F'\n\u003e\u003e\u003e Mil = Milenage(OP)\n\u003e\u003e\u003e key, rand = 16*b'A', 16*b'B'\n\u003e\u003e\u003e help(Mil.f1)\n[...]\n\u003e\u003e\u003e Mil.f1(key, rand, SQN=b'\\0\\0\\0\\0\\x12\\x34', AMF=b'\\0\\0')\nb'\\x18\\x92\\x97\\xa2\\xbb\\x08i\\xf0'\n\u003e\u003e\u003e Mil.f1(key, rand, SQN=b'\\0\\0\\0\\0\\x12\\x34', AMF=b'\\0\\0', OP=16*b'G') # it is possible the use a different OP parameter\nb'E\\xf0\\xb4\\xef\\x0c\\xa6\\x95\\xe1'\n\u003e\u003e\u003e help(Mil.f2345)\n[...]\n\u003e\u003e\u003e Mil.f2345(key, rand)\n(b'\\xdd\\x0b\\x0f\\x95\\x92\\x06\\x1e\\xb9', b'~\\x8d\\xf5\u0026\\xe37\\xc2\\xaf\\xe4\\x83\\xc5\\x802\\xf7\\x1fV', b'\\x82;\\xcfM\\xc5\\xfc{\\x06BM\\xd1\\xd6UZJ\\xa2', b'g\\xe8\\x85\\r\\x0b\\xd9')\n```\n\nThe defaut behaviour is to recompute the OPc at each method call. In order to save\nsome AES rounds in case you want to compute several authentication vectors for a given\nsubscriber, it is possible to set the OPc before calling the f methods.\n```\n\u003e\u003e\u003e help(Mil.make_opc)\n[...]\n\u003e\u003e\u003e from CryptoMobile.Milenage import make_OPc\n\u003e\u003e\u003e Mil.set_opc(make_OPc(key, OP))\n\u003e\u003e\u003e Mil.f1(key, rand, SQN=b'\\0\\0\\0\\0\\x12\\x35', AMF=b'\\0\\0')\nb'\\xf7~|\\x95\\x9e\\xbf\\xfb?'\n\u003e\u003e\u003e Mil.f2345(key, rand)\n(b'\\xdd\\x0b\\x0f\\x95\\x92\\x06\\x1e\\xb9', b'~\\x8d\\xf5\u0026\\xe37\\xc2\\xaf\\xe4\\x83\\xc5\\x802\\xf7\\x1fV', b'\\x82;\\xcfM\\xc5\\xfc{\\x06BM\\xd1\\xd6UZJ\\xa2', b'g\\xe8\\x85\\r\\x0b\\xd9')\n\u003e\u003e\u003e Mil.unset_opc()\n```\n\nSome conversion functions are also provided in the Milenage module:\n- conv\\_C2, conv\\_C3, conv\\_C4 and conv\\_C5 for 2G / 3G authentication vectors conversion\n- conv\\_A2, conv\\_A3, conv\\_A4 and conv\\_A7 for LTE key derivation and 3G / LTE authentication \n   vectors conversion\n\n\n### TUAK\nThis is the Python wrapper over the TUAK algorithm. The mode of operation is written\nin Python, and makes use of the KeccakP-1600 permutation function. The C code for this\npermutation function has been taken from the 3GPP TS 35.231 specification.\n\nTUAK algorithm is to be used similarly as Milenage. TOP (TUAK-OP) is replacing OP\nand TOPc is replacing OPc. TOP, TOPc are 32 bytes, secret keys K can be 16 or 32 bytes.\nLength of outputs produced (MAC, RES, CK and IK) can be configured through the following\nclass attributes too: LEN\\_CK, LEN\\_IK, LEN\\_MAC, LEN\\_RES.\nMoreover, the algorithm can be personalized with 2 parameters, implemented as class \nattributes: ALGONAME and KeccakIterations. On the other side, there is no such constants \nas c1..c5 and r1..r5, as in Milenage.\n\nHere is an example on how to use it:\n```\n\u003e\u003e\u003e from CryptoMobile.TUAK import TUAK\n\u003e\u003e\u003e help(TUAK)\n[...]\n\u003e\u003e\u003e TUAK.ALGONAME\nb'TUAK1.0'\n\u003e\u003e\u003e TUAK.KeccakIterations\n1\n\u003e\u003e\u003e TOP = 32*b'F'\n\u003e\u003e\u003e Tuak = TUAK(TOP)\n\u003e\u003e\u003e key, rand = 32*b'A', 16*b'B'\n\u003e\u003e\u003e help(Tuak.f1)\n[...]\n\u003e\u003e\u003e Tuak.f1(key, rand, SQN=b'\\0\\0\\0\\0\\x12\\x34', AMF=b'\\x80\\0')\nb'\\xdd\\xf1\\xc7w\\x11x\\xce\\xdb'\n\u003e\u003e\u003e Tuak.f2345(key, rand)\n(b'}/\\xdc\\xd4\\xcb(qG', b'\\xa8\\x1dF\\x84\\x80\\xac\\t\\xab\\xe4\\xa3\\xf6\\xe1\\x8b\\x9b7\\xfe', b'g~=\\xaf1\\xfcy\\x9b\\x92\\xc6\\xd2M\\xfa\\xd0\\xed\\t', b'\\x83\\x1e\\xcbp\\xa6\"')\n```\n\nTOPc handling is similar as in Milenage and can be set explicitly through the set\\_topc() method\nbefore calling f1() and f2345() methods several times, then finally unset with unset\\_topc() method.\n \n\n### Kasumi-based encryption and integrity protection algorithms\nThis is a Python wrapper around the reference C code of Kasumi and its mode of operation\nfor 3G networks. Kasumi is a block cipher working with 64 bit blocks.\n\nHere is an example on how to use the Kasumi primitive:\n```\n\u003e\u003e\u003e from pykasumi import *\n\u003e\u003e\u003e help(kasumi_keyschedule)\n[...]\n\u003e\u003e\u003e help(kasumi_kasumi)\n[...]\n\u003e\u003e\u003e key, block_in = 16*b'A', 8*b'B'\n\u003e\u003e\u003e kasumi_keyschedule(key)\n\u003e\u003e\u003e kasumi_kasumi(block_in)\nb\"S\\xf6']\\x1c\\x1e\\xfd\\x00\"\n```\n\nAnd the Kasumi in F8 and F9 modes of operation:\n```\n\u003e\u003e\u003e help(kasumi_f8)\n[...]\n\u003e\u003e\u003e help(kasumi_f9)\n[...]\n\u003e\u003e\u003e key, count, bearer, dir = 16*b'A', 107, 3, 0\n\u003e\u003e\u003e kasumi_f8(key, count, bearer, dir, 10*b'test', 10*4*8)\nb'q\\xe9\\x86\\xdd\\xde\\xc1\\x14\\xb0=pv2|\\xe8\\\\Ib\\x84\\xa1\\xf9\\xc0\\x01=)\\xac!mV\\xe4\\xc15L\\t\\xf0\\x1f\\x1b\\x02\\xb8\\xf9l'\n\u003e\u003e\u003e kasumi_f9(key, count, bearer, dir, 10*b'test', 10*4*8)\nb'\\x1c!j\\x0e'\n```\n\n### SNOW-3G-based encryption and integrity protection algorithms\nThis is a Python wrapper around the reference C code of SNOW-3G and its mode of operation\nfor 3G and LTE networks. SNOW-3G is a stream cipher working with 32 bit words.\n\nHere is an example on how to use the SNOW-3G primitive:\n```\n\u003e\u003e\u003e from pysnow import *\n\u003e\u003e\u003e help(snow_initialize)\n[...]\n\u003e\u003e\u003e help(snow_generatekeystream)\n[...]\n\u003e\u003e\u003e key, iv = 16*b'A', 16*b'B'\n\u003e\u003e\u003e snow_initialize(key, iv)\n\u003e\u003e\u003e snow_generatekeystream(6)\nb'\\\\^\\xff\\x98\\xad\\xa6\\x17\\xb8\\xa4e\\x03S\\x93T\\xbew\\xc7\\xd1gpr\\xf3\\x99\\xd9'\n```\n\nAnd the SNOW-3G in F8 and F9 modes of operation:\n```\n\u003e\u003e\u003e help(snow_f8)\n[...]\n\u003e\u003e\u003e help(snow_f9)\n[...]\n\u003e\u003e\u003e key, count, bearer, dir = 16*b'A', 107, 3, 0\n\u003e\u003e\u003e snow_f8(key, count, bearer, dir, 10*b'test', 10*4*8)\nb'{\\x98\\xa1\\x90\\x0c\\x9f\\xe9zNp3\\xba\\xdc\\xa6|-\\xfe\\x91\\xffk\\x99\\x9d\\xbc^\\xc3\\xe1n\\xbd\\x06U\\x98\\xfa\\x82 \\x1a\\xf2\\xf6\\x08\\xbb\\xe7'\n\u003e\u003e\u003e snow_f9(key, count, bearer, dir, 10*b'test', 10*4*8)\nb'\\xe0\\x8e\\xde\\x85'\n```\n\nThe EEA1-128 and EIA1-128 modes of operation for LTE are similar to F8 and F9 for 3G\nnetworks.\n\n\n### ZUC-based encryption and integrity protection algorithms\nThis is a Python wrapper around the reference C code of ZUC and its mode of operation\nfor LTE networks. ZUC is a stream cipher working with 32 bit words.\n\nHere is an example on how to use the ZUC primitive:\n```\n\u003e\u003e\u003e from pyzuc import *\n\u003e\u003e\u003e help(zuc_initialization)\n[...]\n\u003e\u003e\u003e help(zuc_generatekeystream)\n[...]\n\u003e\u003e\u003e key, iv = 16*b'A', 16*b'B'\n\u003e\u003e\u003e zuc_initialization(key, iv)\n\u003e\u003e\u003e zuc_generatekeystream(4)\nb'\\xcf{\\x10P\\x1e\\xf3c\\x13\\x1c}\\x0c\\xc2\\x8c\\xd8\\x1a\\xae'\n```\n\nAnd the ZUC in EEA3 and EIA3 modes of operation:\n```\n\u003e\u003e\u003e help(zuc_eea3)\n[...]\n\u003e\u003e\u003e help(zuc_eia3)\n[...]\n\u003e\u003e\u003e key, count, bearer, dir = 16*b'A', 107, 3, 0\n\u003e\u003e\u003e zuc_eea3(key, count, bearer, dir, 10*4*8, 10*b'test')\nb'\\xda\\x9as,\\x97:\\x86)]\\xde\\x8b\\x14Qq\\x85\\x15cME$\\xc4)\\xe7\\x7f@\\xfe\\x10\\x1f\\xcd\\xb05G\\xa0\\x1d9\\x92\\x85L2 '\n\u003e\u003e\u003e zuc_eia3(key, count, bearer, dir, 10*4*8, 10*b'test')\nb'X\\xcb\\xa1\\x9c'\n```\n\n### The CM module, gathering all 3G and LTE encryption and integrity protection algorithms in one place\nThe CM module implements each algorithm as a class, with its primitives and 3G and / or LTE\nmodes of operation as specific methods.\nFinally, UEA and UIA are aliases for the given UMTS encryption and integrity protection\nalgorithms, and EEA and EIA are aliases for the given LTE encryption and integrity\nprotection algorithms.\n\nHere is an example with the 2nd UMTS algorithm (SNOW-3G based) and the 2nd and 3rd \nLTE algorithms (AES-based and ZUC-based):\n```\n\u003e\u003e\u003e from CryptoMobile.CM import *\n\u003e\u003e\u003e dir()\n['AES_3GPP', 'EEA1', 'EEA2', 'EEA3', 'EIA1', 'EIA2', 'EIA3', 'KASUMI', 'SNOW3G', 'UEA1', 'UEA2', 'UIA1', 'UIA2', 'ZUC', '__builtins__', '__doc__', '__name__', '__package__']\n\u003e\u003e\u003e help(UIA2)\n[...]\n\u003e\u003e\u003e UIA2(key=16*b'\\xab', count=0x1234, fresh=0x986532ab, dir=0, data=100*b'nepascourirauborddelapiscine')\nb':\\xe5t:'\n\u003e\u003e\u003e help(UEA2)\n[...]\n\u003e\u003e\u003e UEA2(key=16*b'\\xab', count=0x1234, bearer=0x8, dir=0, data=100*b'nepascourirauborddelapiscine')\nb'\\x03Z\\xa0\\x83\\x14\\x198l\\x1b\\x91\\\\\\x94\\x18\\xfc\\xbd\\xecb-\\xdfs1\\xd6\\xbb1\\x88y\\xf0\\xc9\\xf5\\xec\\xc5\\x1b\\x7f\\xcc...'\n\u003e\u003e\u003e UEA2(key=16*b'\\xab', count=0x1234, bearer=0x8, dir=0, data=_)\nb'nepascourirauborddelapiscinenepascourirauborddelapiscinenepascourirauborddelapiscinenepascourirauborddelapi...'\n\n\u003e\u003e\u003e help(EEA2)\n[...]\n\u003e\u003e\u003e EEA2(key=16*b'\\xc1', count=0x9955ab, bearer=0x16, dir=1, data=50*b'MonPantalonS\\'EstDecousu', bitlen=1149)\nb'-y\\xf1\\xee\\xb7\\xe4\\x0c\\xf2\\xdfz`\\xb04\"\\x8c\\xda\\xc8B!n\\x863V\"\\xaei\\x91\\x1b\\xc5\\xfc\\x1dx\\xb9l\\xe8\\x99q\\\\q\\x88\\x91\\xc8f\\r\\x05\\xdf\\x94S\\x97\\xc0\\x96\\xb75\\x00@\\...'\n\u003e\u003e\u003e EEA2(key=16*b'\\xc1', count=0x9955ab, bearer=0x16, dir=1, data=_, bitlen=1149)\nb\"MonPantalonS'EstDecousuMonPantalonS'EstDecousuMonPantalonS'EstDecousuMonPantalonS'EstDecousuMonPantalonS'EstDecousuMonPantalonS'EstDecousuMonPah\"\n\u003e\u003e\u003e help(EIA3)\n[...]\n\u003e\u003e\u003e EIA3(key=16*b'\\xc1', count=0x9955ab, bearer=0x16, dir=1, data=50*'MonPantalonS\\'EstDecousu', bitlen=1149)\nb'\\xa9\\xc5h\\x9e'\n```\n\n\n### ECIES module to support 5G SUPI / SUCI protection scheme\nThe ECIES module, which relies on the python cryptography library, supports both\nECIES profiles A and B, as described in 3GPP TS 33.501, annex C.\n\nAt first a fixed Home-Network public / private keypair needs to be established. For this,\nthe module EC can be used:\n```\n\u003e\u003e\u003e from CryptoMobile.EC import *\n\u003e\u003e\u003e ec = X25519() # using Curve25519 elliptic curve, i.e. profile A\n\u003e\u003e\u003e ec.generate_keypair()\n\u003e\u003e\u003e hn_pubkey = ec.get_pubkey()\n\u003e\u003e\u003e hn_pubkey\nb\"\\xd9-\\x98\\xc5\\x08\\xa7M\\x18\\x80bi\\x0b\\xfa-\\xd6[D\\xe9'\\xe4G|\\x1d\\xe1sRjXM[\\xc7;\"\n\u003e\u003e\u003e hn_privkey = ec.get_privkey()\n\u003e\u003e\u003e hn_privkey\nb'`y\\x06o\\xcf\\x9c\\xe0\\xa4\\x18\\xb1ks\\xe6\\x97\\xafB)\\xeftt2\\xcfX\\xe4\\x82\\xaf/\\x83[\\xcc\\xa7O'\n\u003e\u003e\u003e ec = ECDH_SECP256R1() # using secp256r1 elliptic curve domain, i.e. profile B\n\u003e\u003e\u003e ec.generate_keypair()\n\u003e\u003e\u003e hn_pubkey = ec.get_pubkey()\n\u003e\u003e\u003e hn_pubkey\nb'\\x03u\\xe82C\\xa3.\\x0e)\\xaf\\xd6\\xad\\n\\x01\\xafZ2\\xca\\xc9\\x95G\\\\xG\\x9d\\xdczU\\x91n\\x1d%m'\n\u003e\u003e\u003e hn_privkey = ec.get_privkey()\n\u003e\u003e\u003e hn_privkey # the private key for secp256r1 is longer as it is actually packed into a DER-encoded PKCS8 structure\nb\"0\\x81\\x87\\x02\\x01\\x000\\x13\\x06\\x07*\\x86H\\xce=[...]\\x86'\\x17\"\n```\n\nIn the principle, the public key of the home network needs to be setup in subscribers' SIM card, whereas\nthe private key needs to be securely stored within the home network. Take care as the current version\nof the EC module does not provide options to manage those generated private keys password-protected when\nexported / imported.\n\nThen, when a subscriber wants to encrypt its fixed identity (e.g. the MSIN part of its IMSI), \nto be then decrypted within the home network:\n```\n\u003e\u003e\u003e ue_msin = b'\\x102Tv\\x98' # BCD-encoded value of the digit-string 0123456789\n\u003e\u003e\u003e from CryptoMobile.ECIES import *\n\u003e\u003e\u003e ue = ECIES_UE(profile='A')\n\u003e\u003e\u003e ue.generate_sharedkey(hn_pubkey)\n\u003e\u003e\u003e ue_pubkey, ue_ciphertext, ue_mac = ue.protect(ue_msin)\n\u003e\u003e\u003e ue_pubkey, ue_ciphertext, ue_mac\n(b'\\xe1\\x1dBR\\x8e\\xcbd\\x05\\x94J\\xf2ka\\xee^\\xaa\\x96`\\x87X\\xe3\\x96R\\xd8w\\xcb\\xda\\x0e}\\xab\\x9f\\x01',\n b'\\x93I\\x95?8',\n b'\\xbc\\x91\\xe1\\x0cy\\xe2\\xf5\\xa6')\n\u003e\u003e\u003e hn = ECIES_HN(hn_privkey, profile='A')\n\u003e\u003e\u003e hn_msin = hn.unprotect(ue_pubkey, ue_ciphertext, ue_mac)\n\u003e\u003e\u003e hn_msin == ue_msin\nTrue\n```\n\n\n### running Milenage, TUAK, ECIES, UMTS and LTE algorithms test vectors\nBy running the setup test (see installation), test vectors will all be run.\nYou can also run some performance test by hand:\n\n```\n$ python test/test_CM.py\n1000 full testsets in 7.393 seconds\n$ python test/test_Milenage.py\n1000 full testsets in 1.494 seconds\n$ python test/test_TUAK.py\n10000 full testsets in 2.215 seconds\n$ python test/test_ECIES.py\n1000 full testsets in 2.202 seconds\n```\n\n\n## Content\nThe library is structured into 3 main parts:\n- C\\_alg: provides C source codes for comp128, KeccakP-1600, Kasumi, SNOW 3G and ZUC\n- C\\_py: provides C source files wrapping those algorithms with CPython (for both \n  Python2 and Python3)\n- CryptoMobile: provides Python source files.\n\nAnd two additional folders:\n- test: provides files with test vectors.\n- \\_ctypes: provides the old CM module which uses ctypes binding to the C files\n  compiled as shared object.\n\nWithin the CryptoMobile directory, we have the following modules:\n- utils.py: provides common routine (eg log() and exception) for the library\n- AES.py: provides support for several AES Python backend\n- CMAC.py: provides a CMAC class which implement the CMAC mode of operation\n- CM.py: the main module providing classes KASUMI, SNOW3G, ZUC (making use of the\n  wrappers in C\\_py) and AES\\_3GPP (making use of the AES backend),\n  and functions UEA1, UIA1, UEA2, UIA2, EEA1, EIA1, EEA2, EIA2, EEA3 and EIA3. \n- Milenage.py: provides the Milenage algorithm and conversion functions to be used\n  for keys and authentication vectors conversion.\n- TUAK.py: provides the TUAK algorithm.\n- EC.py: provides both Curve25519 and secp256r1 elliptic curve modules for key exchange\n- ECIES.py: provides ECIES processing for 5G SUPI / SUCI protection scheme\n\n\n## Credits\n- ETSI / SAGE for providing public cryptographic specifications, together with\n  reference C source code\n- FreeRADIUS, Hacking projects, Sylvain Munaut, for the comp128.c source code\n- Developers and maintainers of pycrypto, pycryptodome and cryptography Python libraries \n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FP1sec%2FCryptoMobile","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FP1sec%2FCryptoMobile","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FP1sec%2FCryptoMobile/lists"}