def collide54(hleft, hright): while True: sample0 = rand(16) sample1 = rand(16) if sample0 == sample1: continue if f(sample0, hleft) == f(sample1, hright): return sample0, sample1
def collide53(M_chain = None, i = None): H_0_def = AES.new(b'YELLOW SUBMARINE', AES.MODE_ECB).encrypt(b'\x34\x12\x80' + (b'\x00' * 13))[:2] + (b'\x80' + b'\x00' * 13) dummy = (2 ** i) * b'A' * 16 if M_chain is not None: dummychain = f(dummy, M_chain) else: M_chain = H_0_def dummychain = f(dummy) while True: sample0 = rand(16) sample1 = rand(16) H_0 = f(sample0, M_chain) H_1 = f(sample1, dummychain) if H_0 == H_1: return [sample0, sample1, H_0, dummychain]
def mine_block(new_block, max_attempts=10000000): ''' continuously add random bytes to the block, then hash and look for a successful hash max_attempts limits the total number of guesses ''' done = False attempts = 0 biggest_chain = 0 while not done: attempts += 1 # a guess is just a random string guess = str(rand(20)) # update_work() just stores the guess string, which ultimately changes how it is pickled new_block.update_work(guess) # convert the block into bytes with pickle block_bytes = pickle.dumps(new_block) # hash the pickled block sha_obj = sha.new(data=block_bytes) guess_hash = sha_obj.hexdigest() solved = is_hashed(guess_hash) done = solved or (attempts > max_attempts) lz = leading_zeroes(guess_hash) if lz > biggest_chain: biggest_chain = lz print('guess: ', guess) print('biggest chain: ', biggest_chain) print('number of guesses: ', attempts) print('leading zeroes: ', leading_zeroes(guess_hash)) print('hash[0]: ', guess_hash[0] == '0') print('hash: ', guess_hash) return new_block, solved
def layercreate(lastlayer): hashset = set() for hi in lastlayer: hashset.add(f(lastlayer[hi], hi)) h0i = iterhash(hashset) li = {} length = len(hashset) count = 1 print('\ncolliding layer' + str(8 - int(log(len(hashset), 2))) + ' of 7' + '...') while True: try: hleft = next(h0i) try: hright = next(h0i) except StopIteration: ## ADD SENTINEL IN CASE OF 4-COLLISION print('MULTICOLLISION ON PREV. LAYER') while True: hleft = rand(2) if hleft not in li: break mleft, mright = collide54(hleft, hright) li[hleft] = mleft li[hright] = mright print(str(count) + '/' + str(length // 2), end='; ', flush=True) count += 1 except StopIteration: break return li
def collide(M_chain=None): while True: sample0 = rand(16) sample1 = rand(16) if sample1 == sample0: continue if M_chain is not None: H_0 = f(sample0, M_chain) H_1 = f(sample1, M_chain) if H_0 == H_1: return [sample0, sample1, f(sample0, M_chain)] else: H_0 = f(sample0) H_1 = f(sample1) if H_0 == H_1: return [sample0, sample1, f(sample0)]
def initialize(): init = [] while len(init) < (1 << K): h0i = f(rand(16)) if h0i in init: continue init.append(h0i) return init
def _encrypt(self, data): """ :param str data: Data to encrypt :return: Encrypted data with hash inside and IV outside :rtype: str """ iv = rand(self.iv_size) cipher = AES.new(self.key, self.mode, iv) edata, tag = cipher.encrypt_and_digest(data) return iv + tag + edata
def _encrypt(self, data): """ :param str data: Data to encrypt :return: Encrypted data with hash inside and IV outside :rtype: str """ iv = rand(self.iv_size) if self.use_sodium: edata, tag = self._box.encrypt_and_mac(data, iv) else: cipher = AES.new(self.key, MODE, iv) edata, tag = cipher.encrypt_and_digest(data) return iv + bytes(tag) + bytes(edata)
def _encrypt(self, data): """ :param str data: Data to encrypt :return: Encrypted data with hash inside and IV outside :rtype: str """ iv = rand(self.iv_size) if self.use_sodium: edata, tag = self._box.encrypt_and_mac(data, iv) else: cipher = AES.new(self.key, MODE, iv) edata, tag = cipher.encrypt_and_digest(data) return iv + tag + edata
def encrypt(self, password): if not self.pk_data: return print("Load the pickled data into data") self.pk_data = pickle.dumps(self.keys) salt = rand(self.salt_len) key = PBKDF2(password, salt, dkLen = self.key_len) cip = chacipher.new(key = key) ct, tag = cip.encrypt_and_digest(self.pk_data) nonce = cip.nonce nonce = pad(nonce, self.nonce_len) tag = pad(tag, self.tag_len) self.enc_data = salt + nonce + tag + ct
def encrypt(self): """Encrypts the file Saves into lckd file and returns the key""" data = pad(self.file.read(), self.block_size) key = rand(self.key_size) enc = AES.new(key, AES.MODE_GCM) ct, tag = enc.encrypt_and_digest(data) del data # Saves memory nonce = pad(enc.nonce, self.nonce_pad) body = nonce + pad(tag, self.tag_pad) + ct hsh, bsh = self.shahash(body) with open(hsh + '.lckd', 'wb') as wir: wir.write(bsh + body) del body # Creating the key object, doesn't save data to file key_obj = keys.Key() key_obj.fix(key, bsh, hsh, self.file_name) return key_obj
def main(): H_0_def = AES.new(b'YELLOW SUBMARINE', AES.MODE_ECB).encrypt(b'\x34\x12\x80' + (b'\x00' * 13))[:2] + (b'\x80' + b'\x00' * 13) challengeM = rand(randint(420, 780)) challengeH = f(pad53(challengeM)) print('message:\n', challengeM, end='\n\n') print('len:', len(challengeM), '\npadded:', len(pad53(challengeM)), '\nblocks', len(pad53(challengeM))/16, end='\n\n') print('hash:\n', challengeH, end='\n\n') k = ceil(log(len(pad53(challengeM)) // 16, 2)) print(k, 'blocks k') dummy = b'A' * 16 pool = [] print('i', k-1) pool.append([k-1, collide53(None, k-1)]) for i in range(k - 2, -1, -1): print('i', i) pool.append([i, collide53(pool[-1][1][2], i)]) for collision in pool: print(collision) H_i_map = {} # H_i_map[H_0_def[:2]] = 0 genblocks = blockgenerator(pad53(challengeM)) count = 1 H_i = H_0_def[:2] for block in genblocks: H_i = f(block, H_i) if count > k + 1: H_i_map[H_i] = count count += 1 print('\nintermediates map', H_i_map) preimage = preimageinterm(pool[-1][1][2], H_i_map) resume = H_i_map[f(preimage, pool[-1][1][2])] print('\nfound preimage', preimage) print('from final expandable state', pool[-1][1][2]) print('upon entry into block', resume, '(', f(preimage, pool[-1][1][2]), ')') representation = resume - 1 - len(pool) response = b'' level = 0 for i in bin(representation)[2:].zfill(len(pool)): if int(i) == 1: response += dummy * (2 ** pool[level][0]) + pool[level][1][1] else: response += pool[level][1][0] level += 1 print('\n\nraw response', response, '\nwith hash', f(response)) response += preimage + challengeM[(resume * 16):] print('\n\nfinal crash', response) print('\nresponse hash', f(pad53(response)), end='\n\n') if (f(pad53(response)) == f(pad53(challengeM))) and (response != challengeM): print('huzzah') else: print('kaboom')
def encrypt(self, creq): # ctr = Counter.new(64, prefix = rand(8), little_endian=True, initial_value = randint(0, (2 << 31) - 1)) return AES.new(rand(16), AES.MODE_CBC, rand(16)).encrypt(pad(creq, 16, 'pkcs7'))
def find_m_link(h2, l0): while True: m2 = rand(16) if f(m2, h2) in l0: return m2
def preimageinterm(H, Hmap): while True: preimage = rand(16) if f(preimage, H) in Hmap: return preimage
def encrypt(self, creq): ctr = Counter.new(64, prefix=rand(8), little_endian=True, initial_value=randint(0, (2 << 31) - 1)) return AES.new(rand(16), AES.MODE_CTR, counter=ctr).encrypt(creq)