dkelly/pynkode
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
610c4b31afb10eabaae47d7e6dc32b3ede7b49ce
pynkode/nkode_tutorial.ipynb
Donovan 610c4b31af implement login tutorial
2024-08-01 12:36:15 -05:00

687 lines
20 KiB
Plaintext
Raw Blame History

{
"cells": [
{
"cell_type": "code",
"source": [
"from nkode_api import NKodeAPI\n",
"from src.models import NKodePolicy, KeypadSize\n",
"from src.utils import list_to_matrix, matrix_transpose\n",
"from secrets import choice\n",
"from string import ascii_lowercase"
],
"metadata": {
"collapsed": false,
"ExecuteTime": {
"end_time": "2024-08-01T17:32:43.394441Z",
"start_time": "2024-08-01T17:32:43.392271Z"
}
},
"outputs": [],
"execution_count": 41
},
{
"cell_type": "code",
"source": [
"def random_username() -> str:\n",
" return \"test_username\" + \"\".join([choice(ascii_lowercase) for _ in range(6)])\n",
"\n",
"\n",
"def select_keys_with_passcode_values(user_passcode: list[int], interface: list[int], attrs_per_key: int) -> list[int]:\n",
" return [interface.index(attr) // attrs_per_key for attr in user_passcode]\n",
"\n",
"def keypad_view(interface: list[int], attrs_per_key: int):\n",
" print(\"Keypad View\")\n",
" interface_keypad = list_to_matrix(interface, attrs_per_key)\n",
" for idx, key_vals in enumerate(interface_keypad):\n",
" print(f\"Key {idx}: {key_vals}\")\n"
],
"metadata": {
"collapsed": false,
"ExecuteTime": {
"end_time": "2024-08-01T17:32:43.447194Z",
"start_time": "2024-08-01T17:32:43.444212Z"
}
},
"outputs": [],
"execution_count": 42
},
{
"cell_type": "code",
"source": [
"api = NKodeAPI()"
],
"metadata": {
"collapsed": false,
"ExecuteTime": {
"end_time": "2024-08-01T17:32:43.450349Z",
"start_time": "2024-08-01T17:32:43.448288Z"
}
},
"outputs": [],
"execution_count": 43
},
{
"cell_type": "markdown",
"source": [
"# NKode API\n",
"### Customer NKode Policy and Interface\n",
"A customer defines their NKode Policy and their interface. Below we've set:\n",
"- max nkode length = 10\n",
"- min nkode length = 4\n",
"- distinct attributes = 4\n",
"- distinct set = 0\n",
"- byte len = 2\n",
"\n",
"This customer also has an interface with 5 keys and 6 attributes per key. The number of attributes must be greater than the number of keys to be dispersion resistant."
],
"metadata": {
"collapsed": false
}
},
{
"cell_type": "code",
"source": [
"policy = NKodePolicy(\n",
" max_nkode_len=10,\n",
" min_nkode_len=4,\n",
" distinct_sets=0,\n",
" distinct_attributes=4,\n",
" byte_len=2,\n",
")\n",
"keypad_size = KeypadSize(\n",
" numb_of_keys = 5,\n",
" attrs_per_key = 6 # aka number of sets\n",
")\n",
"customer_id = api.create_new_customer(keypad_size, policy)\n",
"customer = api.customers[customer_id]"
],
"metadata": {
"collapsed": false,
"ExecuteTime": {
"end_time": "2024-08-01T17:32:43.624648Z",
"start_time": "2024-08-01T17:32:43.451407Z"
}
},
"outputs": [],
"execution_count": 44
},
{
"cell_type": "markdown",
"source": [
"### NKode Customer\n",
"A customer has users and defines the attributes and set values for all its users.\n",
"Since our customer has 5 keys and 6 attributes per key, this gives a customer interface of 30 distinct attributes and 6 distinct attribute sets.\n",
"Each attribute belongs to one of the 6 sets."
],
"metadata": {
"collapsed": false
}
},
{
"cell_type": "markdown",
"source": [
"#### Customer and Attribute Values"
],
"metadata": {
"collapsed": false
}
},
{
"cell_type": "code",
"source": [
"set_vals = customer.attributes.set_vals\n",
"attr_vals = customer.attributes.attr_vals\n",
"print(f\"Customer Sets: {set_vals}\")\n",
"keypad_view(attr_vals, keypad_size.attrs_per_key)"
],
"metadata": {
"collapsed": false,
"ExecuteTime": {
"end_time": "2024-08-01T17:32:43.627977Z",
"start_time": "2024-08-01T17:32:43.625820Z"
}
},
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"Customer Sets: [21921, 7738, 57204, 44555, 38162, 22025]\n",
"Keypad View\n",
"Key 0: [25764, 64003, 42138, 9976, 26896, 36991]\n",
"Key 1: [53269, 22932, 2731, 14908, 55210, 40777]\n",
"Key 2: [11304, 9784, 26683, 48512, 24904, 42130]\n",
"Key 3: [47297, 63193, 31705, 44, 46268, 28475]\n",
"Key 4: [38192, 28529, 11254, 19824, 47753, 34896]\n"
]
}
],
"execution_count": 45
},
{
"cell_type": "markdown",
"source": [
"#### Customer Set To Attribute Map"
],
"metadata": {
"collapsed": false
}
},
{
"cell_type": "code",
"source": [
"attr_keypad_view = list_to_matrix(attr_vals, keypad_size.attrs_per_key)\n",
"attr_set_view = matrix_transpose(attr_keypad_view)\n",
"set_attribute_dict = dict(zip(set_vals, attr_set_view))\n",
"print(f\"Set to Attribute Map:\")\n",
"for set_val, attrs in set_attribute_dict.items():\n",
" print(f\"{set_val}: {attrs}\")"
],
"metadata": {
"collapsed": false,
"ExecuteTime": {
"end_time": "2024-08-01T17:32:43.631493Z",
"start_time": "2024-08-01T17:32:43.628798Z"
}
},
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"Set to Attribute Map:\n",
"21921: [25764, 53269, 11304, 47297, 38192]\n",
"7738: [64003, 22932, 9784, 63193, 28529]\n",
"57204: [42138, 2731, 26683, 31705, 11254]\n",
"44555: [9976, 14908, 48512, 44, 19824]\n",
"38162: [26896, 55210, 24904, 46268, 47753]\n",
"22025: [36991, 40777, 42130, 28475, 34896]\n"
]
}
],
"execution_count": 46
},
{
"cell_type": "markdown",
"source": [
"### User Signup\n",
"To create a new must call this endpoints in order:\n",
"1. Generate Index Interface\n",
"2. Set User NKode\n",
"3. Confirm User NKode\n",
"\n",
"#### Generate Index Interface\n",
" For the server to determine the users nkode, the user's interface must be dispersable. To make the interface dispersable, the server will randomly drop attribute sets to the number of attributes is equal to the number of keys. In our case, the server drops 1 attribute set to give us a 5 X 5 keypad with possible index values ranging from 0-29.\n",
" - Run the cell below over and over to see it change. Notice that values never move out of their columns just their rows.\n",
" - each value in the interface is the index value of a customer attribute\n",
" - the user never learns what their \"real\" attribute is. All they do is specify an index in the customer interface\n"
],
"metadata": {
"collapsed": false
}
},
{
"cell_type": "code",
"source": [
"session_id, signup_interface = api.generate_signup_interface(customer_id)\n",
"list_to_matrix(signup_interface, keypad_size.numb_of_keys)"
],
"metadata": {
"collapsed": false,
"ExecuteTime": {
"end_time": "2024-08-01T17:32:43.636317Z",
"start_time": "2024-08-01T17:32:43.633201Z"
}
},
"outputs": [
{
"data": {
"text/plain": [
"[[18, 11, 22, 2, 19],\n",
" [0, 23, 28, 8, 25],\n",
" [6, 5, 10, 26, 13],\n",
" [12, 17, 4, 14, 1],\n",
" [24, 29, 16, 20, 7]]"
]
},
"execution_count": 47,
"metadata": {},
"output_type": "execute_result"
}
],
"execution_count": 47
},
{
"cell_type": "markdown",
"source": [
"#### Set NKode\n",
"The user identifies attributes in the interface they want in their nkode. Each attribute in the gui has an index value. Below the user has selected 16, 9, 6, 19. Graphically represent with anything. The only requirement is that the graphical attributes must be associated with the same index value everytime the user goes to login. If the user wants to change anything about their interface(the number of keys, attributes or graphical attributes), they must also change their nkode."
],
"metadata": {
"collapsed": false
}
},
{
"cell_type": "code",
"source": [
"keypad_view(signup_interface, keypad_size.numb_of_keys)\n",
"username = random_username()\n",
"passcode_len = 4\n",
"user_passcode = signup_interface[:passcode_len]\n",
"selected_keys_set = select_keys_with_passcode_values(user_passcode, signup_interface, keypad_size.numb_of_keys)\n",
"print(f\"User Passcode: {user_passcode}\")\n",
"print(f\"Selected Keys\\n{selected_keys_set}\")"
],
"metadata": {
"collapsed": false,
"ExecuteTime": {
"end_time": "2024-08-01T17:32:43.639361Z",
"start_time": "2024-08-01T17:32:43.637070Z"
}
},
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"Keypad View\n",
"Key 0: [18, 11, 22, 2, 19]\n",
"Key 1: [0, 23, 28, 8, 25]\n",
"Key 2: [6, 5, 10, 26, 13]\n",
"Key 3: [12, 17, 4, 14, 1]\n",
"Key 4: [24, 29, 16, 20, 7]\n",
"User Passcode: [18, 11, 22, 2]\n",
"Selected Keys\n",
"[0, 0, 0, 0]\n"
]
}
],
"execution_count": 48
},
{
"cell_type": "code",
"source": [
"confirm_interface = api.set_nkode(username, customer_id, selected_keys_set, session_id)\n",
"keypad_view(confirm_interface, keypad_size.numb_of_keys)\n",
"selected_keys_confirm = select_keys_with_passcode_values(user_passcode, confirm_interface, keypad_size.numb_of_keys)\n",
"print(f\"Selected Keys\\n{selected_keys_confirm}\")"
],
"metadata": {
"collapsed": false,
"ExecuteTime": {
"end_time": "2024-08-01T17:32:43.642851Z",
"start_time": "2024-08-01T17:32:43.640093Z"
}
},
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"Keypad View\n",
"Key 0: [6, 29, 4, 8, 19]\n",
"Key 1: [12, 5, 22, 20, 25]\n",
"Key 2: [18, 17, 28, 26, 7]\n",
"Key 3: [0, 11, 16, 14, 13]\n",
"Key 4: [24, 23, 10, 2, 1]\n",
"Selected Keys\n",
"[2, 3, 1, 4]\n"
]
}
],
"execution_count": 49
},
{
"cell_type": "code",
"source": [
"# the session is deleted after the nkode is confirmed. To rerun this cell, rerun the cells above starting with cell 8 where the username is created\n",
"success = api.confirm_nkode(username, customer_id, selected_keys_confirm, session_id)\n",
"print(success)"
],
"metadata": {
"collapsed": false,
"ExecuteTime": {
"end_time": "2024-08-01T17:32:44.271378Z",
"start_time": "2024-08-01T17:32:43.643592Z"
}
},
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"True\n"
]
}
],
"execution_count": 50
},
{
"metadata": {},
"cell_type": "markdown",
"source": [
"## Enciphering nKode\n",
"The method UserCipherKeys.encipher_nkode secures a users nKode in the database. This method is called in api.confirm_nkode\n",
"```\n",
"class EncipheredNKode(BaseModel):\n",
" code: str\n",
" mask: str\n",
"```\n",
"\n"
]
},
{
"metadata": {
"ExecuteTime": {
"end_time": "2024-08-01T17:32:44.606104Z",
"start_time": "2024-08-01T17:32:44.272228Z"
}
},
"cell_type": "code",
"source": [
"from src.user_cipher_keys import UserCipherKeys\n",
"\n",
"user_keys = UserCipherKeys.new(\n",
" customer.attributes.keypad_size,\n",
" customer.attributes.set_vals,\n",
" customer.nkode_policy.max_nkode_len\n",
")\n",
"\n",
"passcode = [10, 23, 14, 7]\n",
"passcode_server_attr = [customer.attributes.attr_vals[idx] for idx in passcode]\n",
"passcode_server_set = [customer.attributes.get_attr_set_val(attr) for attr in passcode_server_attr]"
],
"outputs": [],
"execution_count": 51
},
{
"metadata": {},
"cell_type": "markdown",
"source": [
"#### Encipher Mask\n",
"Recall:\n",
"1. set_key_i = (set_rand_numb_i ^ set_val_i) \n",
"2. mask_key_i = mask_rand_numb_i\n",
"3. padded_passcode_server_set_i = set_val_i\n",
"4. len(set_key) == len(mask_key) == (padded_passcode_server_set) == max_nkode_len == 10\n",
"where i is the index\n",
" \n",
"- mask_i = mask_key_i ^ padded_passcode_server_set_i ^ set_key_i\n",
"- mask_i = mask_rand_num_i ^ set_val_i ^ set_rand_numb_i ^ set_val_i\n",
"- mask_i = mask_rand_num_i ^ set_rand_numb_i # set_val_i is cancelled out"
]
},
{
"metadata": {
"ExecuteTime": {
"end_time": "2024-08-01T17:32:44.609542Z",
"start_time": "2024-08-01T17:32:44.606956Z"
}
},
"cell_type": "code",
"source": [
"from src.utils import xor_lists\n",
"\n",
"padded_passcode_server_set = user_keys.pad_user_mask(passcode_server_set, customer.attributes.set_vals)\n",
"\n",
"set_idx = [customer.attributes.get_set_index(set_val) for set_val in padded_passcode_server_set]\n",
"mask_set_keys = [user_keys.set_key[idx] for idx in set_idx]\n",
"ciphered_mask = xor_lists(mask_set_keys, padded_passcode_server_set)\n",
"ciphered_mask = xor_lists(ciphered_mask, user_keys.mask_key)\n",
"mask = user_keys.encode_base64_str(ciphered_mask)"
],
"outputs": [],
"execution_count": 52
},
{
"metadata": {},
"cell_type": "markdown",
"source": [
"#### Encipher Passcode\n",
"UserCipherKeys.encipher_salt_hash_code:\n",
"\n",
"- ciphered_customer_attr = alpha_key ^ customer_attr\n",
"- ciphered_passcode_i = pass_key_i ^ ciphered_customer_attr_i\n",
"- code = hash(ciphered_passcode, salt)"
]
},
{
"metadata": {
"ExecuteTime": {
"end_time": "2024-08-01T17:32:44.916167Z",
"start_time": "2024-08-01T17:32:44.611593Z"
}
},
"cell_type": "code",
"source": [
"import bcrypt\n",
"import hashlib\n",
"import base64\n",
"from src.utils import int_array_to_bytes\n",
"\n",
"ciphered_customer_attrs = xor_lists(customer.attributes.attr_vals, user_keys.alpha_key)\n",
"passcode_ciphered_attrs = [ciphered_customer_attrs[idx] for idx in passcode]\n",
"pad_len = customer.nkode_policy.max_nkode_len - passcode_len\n",
"\n",
"passcode_ciphered_attrs.extend([0 for _ in range(pad_len)])\n",
"\n",
"ciphered_code = xor_lists(passcode_ciphered_attrs, user_keys.pass_key)\n",
"\n",
"passcode_bytes = int_array_to_bytes(ciphered_code)\n",
"passcode_digest = base64.b64encode(hashlib.sha256(passcode_bytes).digest())\n",
"hashed_data = bcrypt.hashpw(passcode_digest, user_keys.salt)\n",
"code = hashed_data.decode(\"utf-8\")"
],
"outputs": [],
"execution_count": 53
},
{
"metadata": {
"ExecuteTime": {
"end_time": "2024-08-01T17:32:44.919048Z",
"start_time": "2024-08-01T17:32:44.916981Z"
}
},
"cell_type": "code",
"source": [
"from src.models import EncipheredNKode\n",
"\n",
"enciphered_nkode = EncipheredNKode(\n",
" mask=mask,\n",
" code=code,\n",
")"
],
"outputs": [],
"execution_count": 54
},
{
"cell_type": "markdown",
"source": [
"### User Login\n",
"1. Get login interface\n",
"2. Login\n"
],
"metadata": {
"collapsed": false
}
},
{
"cell_type": "code",
"source": [
"login_interface = api.get_login_interface(username, customer_id)\n",
"keypad_view(login_interface, keypad_size.attrs_per_key)\n",
"selected_keys_login = select_keys_with_passcode_values(user_passcode, login_interface, keypad_size.attrs_per_key)\n",
"print(f\"Selected Keys: {selected_keys_login}\")\n",
"success = api.login(customer_id, username, selected_keys_login)\n",
"print(success)"
],
"metadata": {
"collapsed": false,
"ExecuteTime": {
"end_time": "2024-08-01T17:32:45.225994Z",
"start_time": "2024-08-01T17:32:44.919967Z"
}
},
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"Keypad View\n",
"Key 0: [24, 7, 14, 21, 10, 29]\n",
"Key 1: [6, 13, 26, 9, 28, 5]\n",
"Key 2: [0, 25, 20, 3, 22, 23]\n",
"Key 3: [18, 19, 2, 27, 16, 11]\n",
"Key 4: [12, 1, 8, 15, 4, 17]\n",
"Selected Keys: [3, 3, 2, 3]\n",
"True\n"
]
}
],
"execution_count": 55
},
{
"metadata": {},
"cell_type": "markdown",
"source": [
"## Validate Login Key Entry\n",
"- decipher user mask and recover nkode set values\n",
"- get presumed attribute from key selection and set values\n",
"- encipher, salt and hash presumed attribute values and compare it to the users hashed code"
]
},
{
"metadata": {},
"cell_type": "markdown",
"source": [
"### Decipher Mask\n",
"Recall:\n",
"- set_key_i = (set_key_rand_numb_i ^ set_val_i) \n",
"- mask_i = mask_key_rand_num_i ^ set_key_rand_numb_i\n",
"\n",
"Recover nKode set values: \n",
"- decode mask from base64 to int\n",
"- deciphered_mask = mask ^ mask_key\n",
"- deciphered_mask_i = set_key_rand_numb # mask_key_rand_num_i is cancelled out\n",
"- set_key_rand_component = set_key ^ set_values\n",
"- deduce the set value"
]
},
{
"metadata": {
"ExecuteTime": {
"end_time": "2024-08-01T17:35:30.015361Z",
"start_time": "2024-08-01T17:35:30.010731Z"
}
},
"cell_type": "code",
"source": [
"user = customer.users[username]\n",
"user_keys = user.user_keys\n",
"user_mask = user.enciphered_passcode.mask\n",
"decoded_mask = user_keys.decode_base64_str(user_mask)\n",
"deciphered_mask = xor_lists(decoded_mask, user_keys.mask_key)\n",
"set_key_rand_component = xor_lists(set_vals, user_keys.set_key)\n",
"passcode_sets = []\n",
"for set_cipher in deciphered_mask[:passcode_len]:\n",
" set_idx = set_key_rand_component.index(set_cipher)\n",
" passcode_sets.append(set_vals[set_idx])\n",
"print(passcode_sets)"
],
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"[21921, 22025, 38162, 57204]\n"
]
}
],
"execution_count": 60
},
{
"metadata": {},
"cell_type": "markdown",
"source": "### Get Presumed Attributes\n"
},
{
"metadata": {
"ExecuteTime": {
"end_time": "2024-08-01T17:35:31.615135Z",
"start_time": "2024-08-01T17:35:31.307978Z"
}
},
"cell_type": "code",
"source": [
"set_vals_idx = [customer.attributes.get_set_index(set_val) for set_val in passcode_sets]\n",
"\n",
"presumed_selected_attributes_idx = []\n",
"for idx in range(passcode_len):\n",
" key_numb = selected_keys_login[idx]\n",
" set_idx = set_vals_idx[idx]\n",
" selected_attr_idx = customer.users[username].user_interface.get_attr_idx_by_keynumb_setidx(key_numb, set_idx)\n",
" presumed_selected_attributes_idx.append(selected_attr_idx)\n",
"\n",
"enciphered_nkode = user_keys.encipher_salt_hash_code(presumed_selected_attributes_idx, customer.attributes)\n",
"\n",
"print(enciphered_nkode == user.enciphered_passcode.code)"
],
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"True\n"
]
}
],
"execution_count": 61
},
{
"cell_type": "markdown",
"source": [
"#### Renew Keys\n",
"1. Renew Customer Keys\n",
"2. Renew User Keys"
],
"metadata": {
"collapsed": false
}
},
{
"cell_type": "code",
"source": [],
"metadata": {
"collapsed": false,
"ExecuteTime": {
"end_time": "2024-08-01T17:32:45.239562Z",
"start_time": "2024-08-01T17:32:45.239409Z"
}
},
"outputs": [],
"execution_count": null
}
],
"metadata": {
"kernelspec": {
"display_name": "Python 3",
"language": "python",
"name": "python3"
},
"language_info": {
"codemirror_mode": {
"name": "ipython",
"version": 2
},
"file_extension": ".py",
"mimetype": "text/x-python",
"name": "python",
"nbconvert_exporter": "python",
"pygments_lexer": "ipython2",
"version": "2.7.6"
}
},
"nbformat": 4,
"nbformat_minor": 0
}
Reference in New Issue View Git Blame Copy Permalink