def test_for_fixed_points(): state = bytearray(16) sboxes = (bytearray((8, 6, 5, 15, 1, 12, 10, 9, 14, 11, 2, 4, 7, 0, 13, 3)), bytearray((0, 7, 14, 1, 5, 11, 8, 2, 3, 10, 13, 6, 15, 12, 4, 9)), # best one bytearray((2, 14, 15, 5, 12, 1, 9, 10, 11, 4, 6, 8, 0, 7, 3, 13)), bytearray((0, 7, 3, 4, 12, 1, 10, 15, 13, 14, 6, 11, 2, 8, 9, 5)), bytearray((7, 12, 14, 9, 2, 1, 5, 15, 11, 6, 13, 0, 4, 8, 10, 3)), bytearray((4, 10, 1, 6, 8, 15, 7, 12, 3, 0, 14, 13, 5, 9, 11, 2)), bytearray((2, 15, 12, 1, 5, 6, 10, 13, 14, 8, 3, 4, 0, 11, 9, 7)), bytearray((15, 4, 5, 8, 9, 7, 2, 1, 10, 3, 0, 14, 6, 12, 13, 11))) #for mapping_number, mapping in enumerate(sboxes): # print "Mapping number: {}".format(mapping_number) # assert len(set(mapping)) == 16, (sorted(mapping), mapping) #mapping = bytearray((0, 7, 14, 1, 5, 11, 8, 2, 3, 10, 13, 6, 15, 12, 4, 9)) def shuffle_bytes(state): #state[0] = state[0] temp = state[1] state[1] = state[7] state[7] = state[2] state[2] = state[14] state[14] = state[4] state[4] = state[5] state[5] = state[11] state[11] = state[6] state[6] = state[8] state[8] = state[3] state[3] = temp temp = state[9] state[9] = state[10] state[10] = state[13] state[13] = state[12] state[12] = state[15] state[15] = temp mapping = bytearray(range(16)) shuffle_bytes(mapping) assert len(set(mapping)) == 16, [byte for byte in mapping] for rounds in range(256): for index in range(16): for shift in range(8): state[index] = 1 << shift state1, state2 = bytes_to_integer(state[:8]), bytes_to_integer(state[8:]) assert format(state1, 'b').zfill(64).count('1') in (1, 0), format(state1, 'b').zfill(64) assert format(state2, 'b').zfill(64).count('1') in (1, 0), format(state2, 'b').zfill(64) for round in range(rounds): state1, state2 = decorrelation_layer(state1, state2, mapping) # assert format(state1, 'b').zfill(64).count('1') in (1, 0), format(state1, 'b').zfill(64) # assert format(state2, 'b').zfill(64).count('1') in (1, 0), format(state2, 'b').zfill(64) _state = integer_to_bytes(state1, 8) + integer_to_bytes(state2, 8) if _state[index] == 1 << shift: print "Returned point in decorrelation layer at: {} {} after {} rounds".format(index, shift, rounds) state[index] = 0
def slide_rows(b, c, d, word0=0xFFFFFFFF000000000000000000000000, word1=0x00000000FFFFFFFF0000000000000000, word2=0x0000000000000000FFFFFFFF00000000, word3=0x000000000000000000000000FFFFFFFF): # b: 1, 2, 3, 0 # c: 2, 3, 0, 1 # d: 3, 0, 1, 2 #_b = ((b & word1) << 32) | ((b & word2) << 32) | ((b & word3) << 32) | ((b & word0) >> 96) #_c = ((c & word2) << 64) | ((c & word3) >> 64) | ((c & word0) >> 64) | ((c & word1) >> 64) #_d = ((d & word3) << 96) | ((d & word0) >> 32) | ((d & word1) >> 32) | ((d & word2) >> 32) #_b = ((b & word1) << 64) | ((b & word2) << 0 ) | ((b & word3) >> 64) | ((b & word0) >> 0 ) #_c = ((c & word2) << 32) | ((c & word3) >> 32) | ((c & word0) << 32) | ((c & word1) >> 32) #_d = ((d & word3) << 0 ) | ((d & word0) << 64) | ((d & word1) >> 0 ) | ((d & word2) >> 64) _b, _c, _d = [integer_to_bytes(word, 16) for word in (b, c, d)] _b = bytes_to_integer(_b[1 * 4:] + _b[:1 * 4]) _c = bytes_to_integer(_c[2 * 4:] + _c[:2 * 4]) #print #print list(bytearray(_d)) _d = _d[3 * 4:] + _d[:3 * 4] #print list(bytearray(_d)) _d = bytes_to_integer(_d) #if _b == __b: print 'b', True# (_b, __b) #if _c == __c: print 'c', True# (_c, __c) #if _d == __d: print 'd', True# (_d, __d) return _b, _c, _d
def decorrelation_layer(state1, state2, transposition_table): state = bytearray(16) for index, byte in enumerate(integer_to_bytes(state1, 8) + integer_to_bytes(state2, 8)): state[transposition_table[index]] = byte state1, state2 = bytes_to_integer(state[:8]), bytes_to_integer(state[8:]) # top half # the strange ordering applies shuffle_bytes before the bit permutation x = (((state1 >> 56) & 255) << 24) | (((state1 >> 48) & 255) << 16) | (((state1 >> 40) & 255) << 8) | ((state1 >> 32) & 255) y = (((state1 >> 24) & 255) << 24) | (((state1 >> 16) & 255) << 16) | (((state1 >> 8) & 255) << 8) | (state1 & 255) t = (y ^ (y >> 7)) & 0x00AA00AA; y = y ^ t ^ (t << 7); t = (x ^ (x >>14)) & 0x0000CCCC; x = x ^ t ^ (t <<14); t = (y ^ (y >>14)) & 0x0000CCCC; y = y ^ t ^ (t <<14); t = (x & 0xF0F0F0F0) | ((y >> 4) & 0x0F0F0F0F); y = ((x << 4) & 0xF0F0F0F0) | (y & 0x0F0F0F0F); # bottom half x = (((state2 >> 56) & 255) << 24) | (((state2 >> 48) & 255) << 16) | (((state2 >> 40) & 255) << 8) | ((state2 >> 32) & 255) y2 = (((state2 >> 24) & 255) << 24) | (((state2 >> 16) & 255) << 16) | (((state2 >> 8) & 255) << 8) | (state2 & 255) t2 = (y2 ^ (y2 >> 7)) & 0x00AA00AA; y2 = y2 ^ t2 ^ (t2 << 7); t2 = (x ^ (x >>14)) & 0x0000CCCC; x = x ^ t2 ^ (t2 <<14); t2 = (y2 ^ (y2 >>14)) & 0x0000CCCC; y2 = y2 ^ t2 ^ (t2 <<14); t2 = (x & 0xF0F0F0F0) | ((y2 >> 4) & 0x0F0F0F0F); y2 = ((x << 4) & 0xF0F0F0F0) | (y2 & 0x0F0F0F0F); return ((y << 32) | t), ((y2 << 32) | t2)
def test_for_fixed_points(): state = bytearray(16) for index in range(16): for shift in range(8): state[index] = 1 << shift state1, state2 = bytes_to_integer(state[:8]), bytes_to_integer(state[8:]) assert format(state1, 'b').zfill(64).count('1') in (1, 0), format(state1, 'b').zfill(64) assert format(state2, 'b').zfill(64).count('1') in (1, 0), format(state2, 'b').zfill(64) state1, state2 = decorrelation_layer(state1, state2) assert format(state1, 'b').zfill(64).count('1') in (1, 0), format(state1, 'b').zfill(64) assert format(state2, 'b').zfill(64).count('1') in (1, 0), format(state2, 'b').zfill(64) _state = integer_to_bytes(state1, 8) + integer_to_bytes(state2, 8) if _state[index] == 1 << shift: print "Fixed point in decorrelation layer at: {} {}".format(index, shift) state[index] = 0 for state in range(2 ** 24): state = integer_to_bytes(state, 16) inputs = bytes_to_integer(state[:4]), bytes_to_integer(state[4:8]), bytes_to_integer(state[8:12]), bytes_to_integer(state[12:16]) outputs = nonlinear_mixing(*inputs) if inputs == outputs: print "Fixed point in nonlinear mixing layer: {}".format([format(word, 'b').zfill(32) for word in inputs])
def slide_rows(b, c, d, word0=0xFFFFFFFF000000000000000000000000, word1=0x00000000FFFFFFFF0000000000000000, word2=0x0000000000000000FFFFFFFF00000000, word3=0x000000000000000000000000FFFFFFFF): # b: 1, 2, 3, 0 # c: 2, 3, 0, 1 # d: 3, 0, 1, 2 #_b = ((b & word1) << 32) | ((b & word2) << 32) | ((b & word3) << 32) | ((b & word0) >> 96) #_c = ((c & word2) << 64) | ((c & word3) >> 64) | ((c & word0) >> 64) | ((c & word1) >> 64) #_d = ((d & word3) << 96) | ((d & word0) >> 32) | ((d & word1) >> 32) | ((d & word2) >> 32) #_b = ((b & word1) << 64) | ((b & word2) << 0 ) | ((b & word3) >> 64) | ((b & word0) >> 0 ) #_c = ((c & word2) << 32) | ((c & word3) >> 32) | ((c & word0) << 32) | ((c & word1) >> 32) #_d = ((d & word3) << 0 ) | ((d & word0) << 64) | ((d & word1) >> 0 ) | ((d & word2) >> 64) _b, _c, _d = [integer_to_bytes(word, 16) for word in (b, c, d)] _b = bytes_to_integer(_b[1 * 4:] + _b[:1 * 4]) _c = bytes_to_integer(_c[2 * 4:] + _c[:2 * 4]) #print #print list(bytearray(_d)) _d = _d[3 * 4:] + _d[:3 * 4] #print list(bytearray(_d)) _d = bytes_to_integer(_d) #if _b == __b: print 'b', True# (_b, __b) #if _c == __c: print 'c', True# (_c, __c) #if _d == __d: print 'd', True# (_d, __d) return _b, _c, _d
def test_function(top, bottom, key, index): top, bottom = decorrelation_layer(top, bottom) state = integer_to_bytes(top, 8) + integer_to_bytes(bottom, 8) # mixColumns(state) key = prp_finer_grain(state, key) top = bytes_to_integer(state[:8]) bottom = bytes_to_integer(state[8:]) return top, bottom, key
def test_prf_words(): state = range(32) a, b, c, d = bytes_to_integer(state[:8]), bytes_to_integer(state[8:16]), bytes_to_integer(state[16:24]), bytes_to_integer(state[24:32]) for round in range(4): decorrelation_layer_ab(a, c) decorrelation_layer_ab(a, b) decorrelation_layer_ab(b, d) decorrelation_layer_ab(c, d)
def test_prf_words(): state = range(32) a, b, c, d = bytes_to_integer(state[:8]), bytes_to_integer( state[8:16]), bytes_to_integer(state[16:24]), bytes_to_integer( state[24:32]) for round in range(4): decorrelation_layer_ab(a, c) decorrelation_layer_ab(a, b) decorrelation_layer_ab(b, d) decorrelation_layer_ab(c, d)
def encrypt(plaintext, key, wordsize=WORDSIZE, rounds=ROUNDS): # 128 bit state assert len(key) == KEY_SIZE assert isinstance(plaintext, bytearray) assert len(plaintext) == 16, (len(plaintext), plaintext) a, b, c, d = [bytes_to_integer(word) for word in slide(plaintext, 4)] # this conversion makes this version slower then the 8-bit python version key = [bytes_to_integer(word) for word in slide(key, 4)] for round in range(rounds): a, b, c, d = add_key_and_constants(a, b, c, d, key, round) a, b, c, d = sbox_layer(a, b, c, d) a, b, c, d = mix_state(a, b, c, d) plaintext[:] = integer_to_bytes(a, 4) + integer_to_bytes(b, 4) + integer_to_bytes(c, 4) + integer_to_bytes(d, 4) return plaintext
def test_identity_encrypt(): bobs_identity = bytes_to_integer(bytearray("Bob")) message = bytes_to_integer(bytearray(urandom(3))) public_key, private_key, prime = generate_keypair_for_e(8, e=bobs_identity) ciphertext = encrypt(message, public_key, prime) plaintext = decrypt(ciphertext, private_key, prime) assert plaintext == message, (plaintext, message) print("Identity : {}".format(bobs_identity)) print("Prime : {}".format(prime)) print("d exponent: {}".format(private_key)) print("Ciphertext: {}".format(ciphertext))
def encrypt(message, public_key): m = bytes_to_integer(bytearray(message)) n, g = public_key r = bytes_to_integer(bytearray(urandom(len(message)))) assert m < n, (m, n) print "Encrypting?", n, g part1 = pow(g, m) print "After part1" part2 = pow(r, n) print "After part2" part3 = pow(n, 2) print "After part3" return (part1 * part2) % part3
def encrypt(message, public_key): m = bytes_to_integer(bytearray(message)) n, g = public_key r = bytes_to_integer(bytearray(urandom(len(message)))) assert m < n, (m, n) print "Encrypting?", n, g part1 = pow(g, m) print "After part1" part2 = pow(r, n) print "After part2" part3 = pow(n, 2) print "After part3" return (part1 * part2) % part3
def convergent_encrypt(message, public_key, n=N, _hash=hash_function, encrypt=symmetric_encrypt): """ usage: convergent_encrypt(message, public_key, n=N, _hash=hash_function, encrypt=symmetric_encrypt) => ciphertext, decryption key Given a plaintext message and public key, returns a ciphertext and secret decryption key. The ciphertext and key are both integers, which is what the convergent_decrypt function requires. Ciphertexts produced this way are deterministic - encrypting the same plaintext produces the same ciphertext. There exists a private key that allows the decryption of any ciphertext produced this way. Currently only supports the encryption of a single 256-bit block of data. """ key = _hash(message) ciphertext = bytes_to_integer(encrypt(message, key)) key = bytes_to_integer(key) return ((public_key * ciphertext) + key) % n, key
def visualize_keyed_permutation(): from crypto.analysis.visualization import test_4x32_function from os import urandom from crypto.utilities import bytes_to_integer test_4x32_function( keyed_permutation, (0, 0, 0, 1) + tuple(bytes_to_integer(bytearray(urandom(4))) for count in range(4)))
def swap_places(top, second, third, bottom): _state = integer_to_bytes(top, 4) + integer_to_bytes( second, 4) + integer_to_bytes(third, 4) + integer_to_bytes(bottom, 4) temp = bytearray(16) # next_index=[7, 12, 14, 9, 2, 1, 5, 15, 11, 6, 13, 0, 4, 8, 10, 3] # for index in range(16): # python style implementation # temp[next_index[index]] = _state[index] # to do: change to this sbox: F4589721A30E6CDB temp[7] = _state[0] # C style implementation temp[12] = _state[1] temp[14] = _state[2] temp[9] = _state[3] temp[2] = _state[4] temp[1] = _state[5] temp[5] = _state[6] temp[15] = _state[7] temp[11] = _state[8] temp[6] = _state[9] temp[13] = _state[10] temp[0] = _state[11] temp[4] = _state[12] temp[8] = _state[13] temp[10] = _state[14] temp[3] = _state[15] top, second, third, bottom = (bytes_to_integer(_bytes) for _bytes in slide(temp, 4)) return top, second, third, bottom
def encrypt(plaintext, key, wordsize=WORDSIZE, rounds=ROUNDS): # 128 bit state assert len(key) == KEY_SIZE assert isinstance(plaintext, bytearray) assert len(plaintext) == 16, (len(plaintext), plaintext) a, b, c, d = [ bytes_to_integer(word) for word in slide(plaintext, 4) ] # this conversion makes this version slower then the 8-bit python version key = [bytes_to_integer(word) for word in slide(key, 4)] for round in range(rounds): a, b, c, d = add_key_and_constants(a, b, c, d, key, round) a, b, c, d = sbox_layer(a, b, c, d) a, b, c, d = mix_state(a, b, c, d) plaintext[:] = integer_to_bytes(a, 4) + integer_to_bytes( b, 4) + integer_to_bytes(c, 4) + integer_to_bytes(d, 4) return plaintext
def swap_places(top, second, third, bottom): _state = integer_to_bytes(top, 4) + integer_to_bytes(second, 4) + integer_to_bytes(third, 4) + integer_to_bytes(bottom, 4) temp = bytearray(16) # next_index=[7, 12, 14, 9, 2, 1, 5, 15, 11, 6, 13, 0, 4, 8, 10, 3] # for index in range(16): # python style implementation # temp[next_index[index]] = _state[index] # to do: change to this sbox: F4589721A30E6CDB temp[7] = _state[0] # C style implementation temp[12] = _state[1] temp[14] = _state[2] temp[9] = _state[3] temp[2] = _state[4] temp[1] = _state[5] temp[5] = _state[6] temp[15] = _state[7] temp[11] = _state[8] temp[6] = _state[9] temp[13] = _state[10] temp[0] = _state[11] temp[4] = _state[12] temp[8] = _state[13] temp[10] = _state[14] temp[3] = _state[15] top, second, third, bottom = (bytes_to_integer(_bytes) for _bytes in slide(temp, 4)) return top, second, third, bottom
def convergent_encrypt(message, public_key, n=N, _hash=hash_function, encrypt=symmetric_encrypt): """ usage: convergent_encrypt(message, public_key, n=N, _hash=hash_function, encrypt=symmetric_encrypt) => ciphertext, decryption key Given a plaintext message and public key, returns a ciphertext and secret decryption key. The ciphertext and key are both integers, which is what the convergent_decrypt function requires. Ciphertexts produced this way are deterministic - encrypting the same plaintext produces the same ciphertext. There exists a private key that allows the decryption of any ciphertext produced this way. Currently only supports the encryption of a single 256-bit block of data. """ key = _hash(message) ciphertext = bytes_to_integer(encrypt(message, key)) key = bytes_to_integer(key) return ((public_key * ciphertext) + key) % n, key
def test_mixColumn2(): from crypto.utilities import bytes_to_integer, integer_to_bytes column = range(4) column2 = range(4) column = _mixColumn(column) column2 = [byte for byte in integer_to_bytes(_mixColumn2(bytes_to_integer(column2)), 4)] assert column == column2, (column, column2)
def verify(message, signature, public_key): message_hash = bytes_to_integer(bytearray(hash(message))) signature_a, signature_b = signature key1 = choice(message_hash, signature_a, signature_b) key2 = choice(message_hash, signature_b, signature_a) if (hash(integer_to_bytes(key1, 32)), hash(integer_to_bytes(key2, 32))) == public_key: return True else: return False
def find_duplicate2(): from crypto.utilities import bytes_to_integer target_weight = 19 target_sample = bytearray(8) samples = [] while hamming_weight(target_sample) != target_weight: target_sample = bytearray(urandom(8)) test_sample = bytearray(8) test_sample[-2:] = (255, 255) test_sample[-3] = 7 assert hamming_weight(test_sample) == hamming_weight(target_sample) print "Searching for duplicate" target_sample, test_sample = bytes_to_integer(target_sample), bytes_to_integer(test_sample) counter = 0 while test_sample != target_sample: counter += 1 test_sample = next_bit_permutation(test_sample) print "Found duplicate after: {}".format(counter)
def decorrelation_layer(state1, state2, transposition_table): state = bytearray(16) for index, byte in enumerate( integer_to_bytes(state1, 8) + integer_to_bytes(state2, 8)): state[transposition_table[index]] = byte state1, state2 = bytes_to_integer(state[:8]), bytes_to_integer(state[8:]) # top half # the strange ordering applies shuffle_bytes before the bit permutation x = (((state1 >> 56) & 255) << 24) | (((state1 >> 48) & 255) << 16) | (( (state1 >> 40) & 255) << 8) | ((state1 >> 32) & 255) y = (((state1 >> 24) & 255) << 24) | (((state1 >> 16) & 255) << 16) | (( (state1 >> 8) & 255) << 8) | (state1 & 255) t = (y ^ (y >> 7)) & 0x00AA00AA y = y ^ t ^ (t << 7) t = (x ^ (x >> 14)) & 0x0000CCCC x = x ^ t ^ (t << 14) t = (y ^ (y >> 14)) & 0x0000CCCC y = y ^ t ^ (t << 14) t = (x & 0xF0F0F0F0) | ((y >> 4) & 0x0F0F0F0F) y = ((x << 4) & 0xF0F0F0F0) | (y & 0x0F0F0F0F) # bottom half x = (((state2 >> 56) & 255) << 24) | (((state2 >> 48) & 255) << 16) | (( (state2 >> 40) & 255) << 8) | ((state2 >> 32) & 255) y2 = (((state2 >> 24) & 255) << 24) | (((state2 >> 16) & 255) << 16) | (( (state2 >> 8) & 255) << 8) | (state2 & 255) t2 = (y2 ^ (y2 >> 7)) & 0x00AA00AA y2 = y2 ^ t2 ^ (t2 << 7) t2 = (x ^ (x >> 14)) & 0x0000CCCC x = x ^ t2 ^ (t2 << 14) t2 = (y2 ^ (y2 >> 14)) & 0x0000CCCC y2 = y2 ^ t2 ^ (t2 << 14) t2 = (x & 0xF0F0F0F0) | ((y2 >> 4) & 0x0F0F0F0F) y2 = ((x << 4) & 0xF0F0F0F0) | (y2 & 0x0F0F0F0F) return ((y << 32) | t), ((y2 << 32) | t2)
def verify(message, signature, public_key): message_hash = bytes_to_integer(bytearray(hash(message))) signature_a, signature_b = signature key1 = choice(message_hash, signature_a, signature_b) key2 = choice(message_hash, signature_b, signature_a) if (hash(integer_to_bytes(key1, 32)), hash(integer_to_bytes(key2, 32))) == public_key: return True else: return False
def find_duplicate2(): from crypto.utilities import bytes_to_integer target_weight = 19 target_sample = bytearray(8) samples = [] while hamming_weight(target_sample) != target_weight: target_sample = bytearray(urandom(8)) test_sample = bytearray(8) test_sample[-2:] = (255, 255) test_sample[-3] = 7 assert hamming_weight(test_sample) == hamming_weight(target_sample) print "Searching for duplicate" target_sample, test_sample = bytes_to_integer( target_sample), bytes_to_integer(test_sample) counter = 0 while test_sample != target_sample: counter += 1 test_sample = next_bit_permutation(test_sample) print "Found duplicate after: {}".format(counter)
def test_mixColumn2(): from crypto.utilities import bytes_to_integer, integer_to_bytes column = range(4) column2 = range(4) column = _mixColumn(column) column2 = [ byte for byte in integer_to_bytes(_mixColumn2(bytes_to_integer(column2)), 4) ] assert column == column2, (column, column2)
def test_for_fixed_points(): state = bytearray(16) for index in range(16): for shift in range(8): state[index] = 1 << shift state1, state2 = bytes_to_integer(state[:8]), bytes_to_integer( state[8:]) assert format(state1, 'b').zfill(64).count('1') in (1, 0), format( state1, 'b').zfill(64) assert format(state2, 'b').zfill(64).count('1') in (1, 0), format( state2, 'b').zfill(64) state1, state2 = decorrelation_layer(state1, state2) assert format(state1, 'b').zfill(64).count('1') in (1, 0), format( state1, 'b').zfill(64) assert format(state2, 'b').zfill(64).count('1') in (1, 0), format( state2, 'b').zfill(64) _state = integer_to_bytes(state1, 8) + integer_to_bytes(state2, 8) if _state[index] == 1 << shift: print "Fixed point in decorrelation layer at: {} {}".format( index, shift) state[index] = 0 for state in range(2**24): state = integer_to_bytes(state, 16) inputs = bytes_to_integer(state[:4]), bytes_to_integer( state[4:8]), bytes_to_integer(state[8:12]), bytes_to_integer( state[12:16]) outputs = nonlinear_mixing(*inputs) if inputs == outputs: print "Fixed point in nonlinear mixing layer: {}".format( [format(word, 'b').zfill(32) for word in inputs])
def test_mixcolumn(): test = [ 0x455313DB, 0xBCA14D8E, 0x5C220AF2, 0x9D58DC9F, 0x01010101, 0x01010101, 0xC6C6C6C6, 0xC6C6C6C6, 0xD5D4D4D4, 0xD6D7D5D5, 0x4C31262D, 0xF8BD7E4D ] for i in range(len(test) / 2): x = test[i * 2] y = test[i * 2 + 1] z = bytes_to_integer(_mixColumn(integer_to_bytes(x, 4))) #z = _mixColumn2(x) txt = "fail" if (z == y): txt = "pass" print("f(0x%08X) = 0x%08X (expect 0x%08X) [%s]" % (x, z, y, txt))
def test_mixcolumn(): test = [ 0x455313DB, 0xBCA14D8E, 0x5C220AF2, 0x9D58DC9F, 0x01010101, 0x01010101, 0xC6C6C6C6, 0xC6C6C6C6, 0xD5D4D4D4, 0xD6D7D5D5, 0x4C31262D, 0xF8BD7E4D ]; for i in range(len(test)/2): x = test[i*2]; y = test[i*2+1]; z = bytes_to_integer(_mixColumn(integer_to_bytes(x, 4))); #z = _mixColumn2(x) txt= "fail" if (z == y): txt = "pass" print ("f(0x%08X) = 0x%08X (expect 0x%08X) [%s]" % (x, z, y, txt))
def test_encrypt_decrypt(): message = "Testing!a;skldfp9a8ysdfkaljsdnlkwajerp98ydpf98yh1;i3oh4io9u3hrmou1 9pr1rpu91g3 rui1g riup1grp9u1gt5p91" * 300 # wtf? how does this work? m = bytes_to_integer(bytearray(message)) key = 1 #outputs = [] #for count in range(1, 1024 + 1): # plaintext = decrypt(encrypt(m, key), key) # if plaintext == m: # outputs.append(1) # else: # outputs.append(0) #outputs = str(outputs) #successes, failures = outputs.count('1'), outputs.count('0') #print("Successes: {}; Failures: {};".format(successes, failures)) ciphertext = encrypt(m, key) _ciphertext = ''.join(bytes(integer_to_bytes(item, 32)) for item in ciphertext) print("Ciphertext: ({} bytes) {}".format(len(_ciphertext), _ciphertext)) plaintext = decrypt(ciphertext, key) print("Recovered plaintext: ({} bytes) {}".format(len(message), integer_to_bytes(plaintext, len(message)))) assert plaintext == m, (plaintext, m)
def test_encrypt_decrypt(): message = "Testing!a;skldfp9a8ysdfkaljsdnlkwajerp98ydpf98yh1;i3oh4io9u3hrmou1 9pr1rpu91g3 rui1g riup1grp9u1gt5p91" * 300 # wtf? how does this work? m = bytes_to_integer(bytearray(message)) key = 1 #outputs = [] #for count in range(1, 1024 + 1): # plaintext = decrypt(encrypt(m, key), key) # if plaintext == m: # outputs.append(1) # else: # outputs.append(0) #outputs = str(outputs) #successes, failures = outputs.count('1'), outputs.count('0') #print("Successes: {}; Failures: {};".format(successes, failures)) ciphertext = encrypt(m, key) _ciphertext = ''.join( bytes(integer_to_bytes(item, 32)) for item in ciphertext) print("Ciphertext: ({} bytes) {}".format(len(_ciphertext), _ciphertext)) plaintext = decrypt(ciphertext, key) print("Recovered plaintext: ({} bytes) {}".format( len(message), integer_to_bytes(plaintext, len(message)))) assert plaintext == m, (plaintext, m)
def hash_function(message, algorithm=lambda data: hashlib.sha256(data).digest(), size=32): return bytes_to_integer(bytearray(algorithm(integer_to_bytes(message, size))))
def test_function(a, b, c, d): state = [integer_to_bytes(word, 4) for word in (a, b, c, d)] permutation(*state) return [bytes_to_integer(item) for item in state]
def random_word(wordsize=1): return bytes_to_integer(bytearray(urandom(wordsize)))
def random_integer(size_in_bytes): return bytes_to_integer(bytearray(urandom(size_in_bytes)))
def random(bits, index=[0]): #index[0] += 1 #return _RANDOMS[index[0] - 1] byte_count = bits / 8 return bytes_to_integer(bytearray(urandom(byte_count)))
def random_bits(count=None): assert count is not None assert not count % 8 return bytes_to_integer(bytearray(urandom(count / 8)))
def hash_function(integer): #return abs(hash(integer)) return bytes_to_integer( bytearray(hashlib.sha256(integer_to_bytes(integer, 32)).digest()))
def _mixColumn(column, mult=[2, 1, 1, 3]): # inverse_mult = [14, 9, 13, 11] return integer_to_bytes(_mixColumn2(bytes_to_integer(column)), 4)
def prf(integer, _hash=lambda data: hashlib.sha256(data).digest()): _bytes = integer_to_bytes(integer, 100) # size_in_bits(integer) * 8) psuedo_random_bytes = _hash(_bytes) return bytes_to_integer(bytearray(psuedo_random_bytes))
def bytes_to_word32(data): return [bytes_to_integer(bytearray(block)) for block in slide(data, 4)]
def h(m, parameters=PARAMETERS): hash_algorithm = parameters["hash_algorithm"] return bytes_to_integer(bytearray(hash_algorithm(m).digest()))
def encrypt_then_mac(message, *args, **kwargs): integrity_key = bytes_to_integer(bytearray(urandom(32))) ciphertext = save_ciphertext(encrypt(message, *args, **kwargs)) ciphertext += save_ciphertext(encrypt(integrity_key, *args, **kwargs)) tag = hmac(integrity_key, ciphertext) return ciphertext + tag
def encrypt(data, key): left = bytes_to_integer(data[:8]) right = bytes_to_integer(data[8:]) key = bytes_to_integer(key) left, right = _encrypt(left, right, key) return integer_to_bytes(left, 8) + integer_to_bytes(right, 8)
def random_integer(size_in_bytes): return bytes_to_integer(bytearray(urandom(size_in_bytes)))
def prf(integer, _hash=lambda data: hashlib.sha256(data).digest()): _bytes = integer_to_bytes(integer, 100)# size_in_bits(integer) * 8) psuedo_random_bytes = _hash(_bytes) return bytes_to_integer(bytearray(psuedo_random_bytes))
def unpack_state(state): a, b, c, d = (bytes_to_integer(state[offset:offset + 8]) for offset in range(0, 32, 8)) return a, b, c, d
def h(m, hash_algorithm=sha256): return bytes_to_integer(bytearray(hash_algorithm(m).digest()))
def visualize_keyed_permutation(): from crypto.analysis.visualization import test_4x32_function from os import urandom from crypto.utilities import bytes_to_integer test_4x32_function(keyed_permutation, (0, 0, 0, 1) + tuple(bytes_to_integer(bytearray(urandom(4))) for count in range(4)))
def random_bits(count=None): assert count is not None assert not count % 8 return bytes_to_integer(bytearray(urandom(count / 8)))
def encrypt(data, key): left = bytes_to_integer(data[:8]) right = bytes_to_integer(data[8:]) key = bytes_to_integer(key) left, right = _encrypt(left, right, key) return integer_to_bytes(left, 8) + integer_to_bytes(right, 8)
def output_function(state): return tuple(bytes_to_integer(section) for section in state)
def hash_function(message, algorithm=lambda data: hashlib.sha256(data).digest(), size=32): return bytes_to_integer( bytearray(algorithm(integer_to_bytes(message, size))))
def test_function(state): state1, state2 = bytes_to_integer(state[:8]), bytes_to_integer(state[8:16]) state1, state2 = round_function(state1, state2) state[:] = integer_to_bytes(state1, 8) + integer_to_bytes(state2, 8) return state
def hash_function(integer): #return abs(hash(integer)) return bytes_to_integer(bytearray(hashlib.sha256(integer_to_bytes(integer, 32)).digest()))