def E(k, m):
if len(m) != block_len * 4: return None
m = split(m, block_len)
c = [random_string(block_len)]
t = ["\x00" * block_len]
for i in range(4):
c += [AES(k, xor_strings(m[i], c[i]))]
t += [AES(k, xor_strings(m[i], t[i]))]
return join(c), t[-1]
def E(k, m):
if len(m) != block_len * 4: return None
m = split(m, block_len)
c = [random_string(block_len)]
t = ["\x00" * block_len]
for i in range(4):
c += [AES(k, xor_strings(m[i], c[i]))]
t += [AES(k, xor_strings(m[i], t[i]))]
return join(c), t[-1]
def encrypt(k, m):
if len(m) != block_size:
return None
m = [None] + split(m, block_size / 4)
ce = [random_string(16)]
cm = ["\x00" * 16]
for i in range(1, 5):
ce += [AES(k, xor_strings(ce[i - 1], m[i]))]
cm += [AES(k, xor_strings(cm[i - 1], m[i]))]
return join(ce), cm[4]
def D(k, (c, t)):
if len(c) != block_len * 5: return None
c = split(c, block_len)
m = []
tm = ["\x00" * block_len]
for i in range(4):
m += [xor_strings(AES_I(k, c[i+1]), c[i])]
tm += [AES(k, xor_strings(m[i], tm[i]))]
if tm[-1] != t: return None
return join(m)
"""
1. [20 points] Give an IND-CPA adversary that shows that this sceme is not
IND-CPA secure:
"""
def A_1(lr):
"""
You must fill in this method. This is the adversary that the problem is
asking for.
:param lr: This is the oracle supplied by GameLR, you can call this
oracle to get an encryption of the data you pass into it.
:return: return 1 to indicate your adversary believes it is the right world
def D(k, (c, t)):
if len(c) != block_len * 5: return None
c = split(c, block_len)
m = []
tm = ["\x00" * block_len]
for i in range(4):
m += [xor_strings(AES_I(k, c[i + 1]), c[i])]
tm += [AES(k, xor_strings(m[i], tm[i]))]
if tm[-1] != t: return None
return join(m)
"""
1. [20 points] Give an IND-CPA adversary that shows that this sceme is not
IND-CPA secure:
"""
def A_1(lr):
"""
You must fill in this method. This is the adversary that the problem is
asking for.
:param lr: This is the oracle supplied by GameLR, you can call this
oracle to get an encryption of the data you pass into it.
def decrypt(k, (ce, t)):
if len(ce) != block_size + 16:
return None
ce = split(ce, block_size / 4)
cm = ["\x00" * 16]
m = [None]
for i in range(1, 5):
m += [xor_strings(AES_I(k, ce[i]), ce[i - 1])]
cm += [AES(k, xor_strings(cm[i - 1], m[i]))]
if cm[4] != t:
return None
else:
return join(m[1:])
"""
Give an INT-CTXT adversary that shows that this sceme is not secure:
"""
def adversary(enc, dec):
"""
You must fill in this method. This is the adversary that the problem is
asking for.
:param enc: This is an oracle supplied by GameINTCTXT, you can call this
oracle to get an encryption of the data you pass into it.
:param dec: This is an oracle supplied by GameINTCTXT, you can call this
