def challenge35(): p = 197 g = 3 dh1 = DiffieHellman() dh2 = DiffieHellman() for fg in [1, p, p - 1]: dh1._p = dh2._p = p dh1._g = dh2._g = fg A = dh1.gen_pub() B = dh2.gen_pub() dh2.gen_secret(A) dh1.gen_secret(B) message = b'hello, MITM' key1 = hashlib.sha1(dh1.secret.to_bytes(64, 'big')).digest()[:16] iv1 = os.urandom(16) ct1 = set2.aes_cbc_encrypt(message, key1, iv1) key2 = hashlib.sha1(dh2.secret.to_bytes(64, 'big')).digest()[:16] iv2 = os.urandom(16) message2 = set2.aes_cbc_decrypt(ct1, key2, iv1) ct2 = set2.aes_cbc_encrypt(message2, key2, iv2) message3 = set2.aes_cbc_decrypt(ct2, key1, iv2) assert message == message3 if fg == 1: s = 1 elif fg == p: s = 0 else: if A == p - 1 and B == p - 1: s = p - 1 else: s = 1 key3 = hashlib.sha1((s).to_bytes(64, 'big')).digest()[:16] message4 = set2.aes_cbc_decrypt(ct1, key3, iv1) assert message == message4
def challenge34(): p = 197 g = 3 dh1 = DiffieHellman() dh2 = DiffieHellman() dh1._p = dh2._p = p dh1._g = dh2._g = g A = dh1.gen_pub() B = dh2.gen_pub() #dh2.gen_secret(A) dh2.gen_secret(p) #dh1.gen_secret(B) dh1.gen_secret(p) message = b'hello, MITM' key1 = hashlib.sha1(dh1.secret.to_bytes(64, 'big')).digest()[:16] iv1 = os.urandom(16) ct1 = set2.aes_cbc_encrypt(message, key1, iv1) key2 = hashlib.sha1(dh2.secret.to_bytes(64, 'big')).digest()[:16] iv2 = os.urandom(16) message2 = set2.aes_cbc_decrypt(ct1, key2, iv1) ct2 = set2.aes_cbc_encrypt(message2, key2, iv2) message3 = set2.aes_cbc_decrypt(ct2, key1, iv2) assert message == message3 key3 = hashlib.sha1((0).to_bytes(64, 'big')).digest()[:16] message4 = set2.aes_cbc_decrypt(ct1, key3, iv1) assert message == message4
def encryption_oracle(plaintext, key, blocksize=16): app = ";comment2=%20like%20a%20pound%20of%20bacon" prefix = "comment1=cooking%20MCs;userdata=" plaintext = clean(plaintext) iv = Random.new().read(blocksize) return iv + aes_cbc_encrypt(paddpkcs7(prefix + plaintext + app, blocksize), key, iv)
def serve_cookie(iv=None): ''' This function approximates AES-CBC encryption on a webserver. It serves up a "new" cookie to the user so when they make a request on the server the server can figure out who is talking to it. ''' string_to_encode = challenge_17_strings[random.randint(0, len(challenge_17_strings) - 1)] return aes_cbc_encrypt(string_to_encode, GLOBAL_RANDOM_KEY, iv=iv), iv
def encryption_oracle(plaintext, key, blocksize=16): app = ";comment2=%20like%20a%20pound%20of%20bacon" prefix = "comment1=cooking%20MCs;userdata=" plaintext = clean(plaintext) # check 7bit ascii iv = key return aes_cbc_encrypt(paddpkcs7(prefix + plaintext + app, blocksize), key, iv)
def aes_cbc_enc_oracle(k, plaintext): s1 = "comment1=cooking%20MCs;userdata=" s2 = ";comment2=%20like%20a%20pound%20of%20bacon" # strip ';' and '=' from plaintext plaintext = plaintext.replace(';','') plaintext = plaintext.replace('=','') iv = k return aes_cbc_encrypt(k, s1 + plaintext + s2, iv)
def test_challenge10(): text = b'We choose to go to the moon.' key = b'YELLOW SUBMARINE' iv = os.urandom(len(key)) ciphertext = set2.aes_cbc_encrypt(text, key, iv) assert text == set2.aes_cbc_decrypt(ciphertext, key, iv) with open('10.txt') as f: b64string = f.read() ciphertext = base64.b64decode(b64string.encode()) plaintext = set2.aes_cbc_decrypt(ciphertext, key, bytes(len(key))) assert plaintext.startswith(b"I'm back and I'm ringin' the bell \n") and plaintext.endswith(b'funky music \n')
def challenge_27_encrypt(string_in): for char_in in string_in: if ord(char_in) > 127: raise RuntimeError to_return = 'comment1=cooking%20MCs;userdata=' + string_in.replace( '=', '%3d').replace( ';', '%3b') + ';comment2=%20like%20a%20pound%20of%20bacon' to_return = str.encode(to_return) return aes_cbc_encrypt(to_return, challenge_27_aes_key, iv=challenge_27_aes_key)
def challenge27_encrypt(user_input): user_input = user_input.replace(b';', b'%3B') user_input = user_input.replace(b'=', b'%3D') plaintext = b'comment1=cooking%20MCs;userdata=' + user_input plaintext += b';comment2=%20like%20a%20pound%20of%20bacon' return set2.aes_cbc_encrypt(plaintext, constants.key, constants.key)
def produce_ciphertext(plaintext, key): blocksize = len(key) iv = Random.new().read(blocksize) return iv + aes_cbc_encrypt(paddpkcs7(plaintext, blocksize), key, iv)
def challange17_encrypt(plaintext): iv = os.urandom(16) ciphertext = set2.aes_cbc_encrypt(plaintext, constants.key, iv) return ciphertext, iv