def message5_5_gp1(state):
# (p-1) is essentially (-1)
# B's secret is (-1)^b which is either (+1) or (-1) (and also B)
# A's secret is (-1)^b^a, which is either (+1) or (-1),
# but not necessarily the same as B's secret
# thus, we may need to modify cipher
# use CBC padding to check validity of key
# check validity of cbc padding to determine which
# B's secret
cipherkey_plus1, mackey_plus1 = secretToKeys(intToBytes(1))
cipherkey_minus1, mackey_minus1 = secretToKeys(intToBytes(state["p"] - 1))
plain_plus1 = aes_cbc_dec(state["a_cipher"], cipherkey_plus1,
state["a_iv"])
plain_minus1 = aes_cbc_dec(state["a_cipher"], cipherkey_minus1,
state["a_iv"])
plain = None
try:
plain = checkAndRemovePKCS7Padding(plain_plus1)
state["m_key_a"] = cipherkey_plus1
except ValueError:
plain = checkAndRemovePKCS7Padding(plain_minus1)
state["m_key_a"] = cipherkey_minus1
state["m_plain_a"] = plain
# encrypt to B's key
state["m_key_b"], b_mackey = secretToKeys(intToBytes(state["B"]))
state["a_cipher"] = aes_cbc_enc(addPKCS7Padding(plain, 16),
state["m_key_b"], state["a_iv"])
return state
def message5_5_gp1(state):
# (p-1) is essentially (-1)
# B's secret is (-1)^b which is either (+1) or (-1) (and also B)
# A's secret is (-1)^b^a, which is either (+1) or (-1),
# but not necessarily the same as B's secret
# thus, we may need to modify cipher
# use CBC padding to check validity of key
# check validity of cbc padding to determine which
# B's secret
cipherkey_plus1, mackey_plus1 = secretToKeys(intToBytes(1));
cipherkey_minus1, mackey_minus1 = secretToKeys(intToBytes(state["p"]-1));
plain_plus1 = aes_cbc_dec(state["a_cipher"], cipherkey_plus1, state["a_iv"])
plain_minus1 = aes_cbc_dec(state["a_cipher"], cipherkey_minus1, state["a_iv"])
plain = None;
try:
plain = checkAndRemovePKCS7Padding(plain_plus1)
state["m_key_a"] = cipherkey_plus1
except ValueError:
plain = checkAndRemovePKCS7Padding(plain_minus1)
state["m_key_a"] = cipherkey_minus1
state["m_plain_a"] = plain;
# encrypt to B's key
state["m_key_b"], b_mackey = secretToKeys(intToBytes(state["B"]))
state["a_cipher"] = aes_cbc_enc(addPKCS7Padding(plain, 16), state["m_key_b"], state["a_iv"]);
return state;
def check_protocol_g1(state):
# B's public key is 1^b = 1.
# A's secret is (1)^a = 1.
# B's secret is (1)^b = 1
# In this case, Mallory doesn't need to modify ciphers,
# becasue A and B have the same shared secret.
# But Mallory gets to know their messages (and potentially
# inject her own)
m_secret = 1;
m_cipherkey, m_mackey = secretToKeys(intToBytes(m_secret));
m_plain_a = removePKCS7Padding(aes_cbc_dec(state["a_cipher"], m_cipherkey, state["a_iv"]));
m_plain_b = removePKCS7Padding(aes_cbc_dec(state["b_cipher"], m_cipherkey, state["b_iv"]));
assert(m_plain_a == state["a_received_plain"]);
assert(m_plain_b == state["b_received_plain"]);
def check_protocol_g1(state):
# B's public key is 1^b = 1.
# A's secret is (1)^a = 1.
# B's secret is (1)^b = 1
# In this case, Mallory doesn't need to modify ciphers,
# becasue A and B have the same shared secret.
# But Mallory gets to know their messages (and potentially
# inject her own)
m_secret = 1
m_cipherkey, m_mackey = secretToKeys(intToBytes(m_secret))
m_plain_a = removePKCS7Padding(
aes_cbc_dec(state["a_cipher"], m_cipherkey, state["a_iv"]))
m_plain_b = removePKCS7Padding(
aes_cbc_dec(state["b_cipher"], m_cipherkey, state["b_iv"]))
assert (m_plain_a == state["a_received_plain"])
assert (m_plain_b == state["b_received_plain"])
def message6_5_gp1(state):
# decrypt message from B's key, encrypt to A's key
state["m_plain_b"] = removePKCS7Padding(
aes_cbc_dec(state["b_cipher"], state["m_key_b"], state["b_iv"]))
state["b_cipher"] = aes_cbc_enc(addPKCS7Padding(state["m_plain_b"], 16),
state["m_key_a"], state["b_iv"])
return state
def checkPadding(rawCipher, rawIV):
rawOutput = aes_cbc_dec(rawCipher, aeskey, rawIV);
try:
checkAndRemovePKCS7Padding(rawOutput);
return True;
except:
return False;
def decryptAndCheckAdmin(cip):
rawPlain = checkAndRemovePKCS7Padding(aes_cbc_dec(cip, global_aes_key, global_iv));
strPlain = str(rawPlain).rstrip("b'");
print(strPlain)
if ";admin=true;" in strPlain:
return True;
return False;
def message4_5(state):
# message 3.5 in the opposite order
cipherkey, mackey = secretToKeys(intToBytes(state["B"]))
plain = removePKCS7Padding(aes_cbc_dec(state["b_cipher"], cipherkey, state["b_iv"]));
cipherkey, mackey = secretToKeys(intToBytes(state["A"]))
cipher = aes_cbc_enc(addPKCS7Padding(plain, 16), cipherkey, state["b_iv"]);
state["b_cipher"] = cipher;
return state;
def decryptAndCheckAdmin(cip):
rawPlain = checkAndRemovePKCS7Padding(
aes_cbc_dec(cip, global_aes_key, global_iv))
strPlain = str(rawPlain).rstrip("b'")
print(strPlain)
if ";admin=true;" in strPlain:
return True
return False
def message4_5(state):
# message 3.5 in the opposite order
cipherkey, mackey = secretToKeys(intToBytes(state["B"]))
plain = removePKCS7Padding(
aes_cbc_dec(state["b_cipher"], cipherkey, state["b_iv"]))
cipherkey, mackey = secretToKeys(intToBytes(state["A"]))
cipher = aes_cbc_enc(addPKCS7Padding(plain, 16), cipherkey, state["b_iv"])
state["b_cipher"] = cipher
return state
def message3_5(state):
# A's secret is p^a = (g^1) ^ a = A
cipherkey, mackey = secretToKeys(intToBytes(state["A"]))
plain = removePKCS7Padding(aes_cbc_dec(state["a_cipher"], cipherkey, state["a_iv"]));
# B's secret is p^b = (g^1)^b = B
cipherkey, mackey = secretToKeys(intToBytes(state["B"]))
cipher = aes_cbc_enc(addPKCS7Padding(plain, 16), cipherkey, state["a_iv"]);
state["a_cipher"] = cipher;
return state;
def message3_5(state):
# A's secret is p^a = (g^1) ^ a = A
cipherkey, mackey = secretToKeys(intToBytes(state["A"]))
plain = removePKCS7Padding(
aes_cbc_dec(state["a_cipher"], cipherkey, state["a_iv"]))
# B's secret is p^b = (g^1)^b = B
cipherkey, mackey = secretToKeys(intToBytes(state["B"]))
cipher = aes_cbc_enc(addPKCS7Padding(plain, 16), cipherkey, state["a_iv"])
state["a_cipher"] = cipher
return state
def message6(state):
secret = mypow(state["A"], state["b"], state["p"]);
state["b_cipherkey"], state["b_mackey"] = secretToKeys(intToBytes(secret));
b_iv = generateAESKey();
received_message = removePKCS7Padding(aes_cbc_dec(state["a_cipher"], state["b_cipherkey"], state["a_iv"]));
b_cipher = aes_cbc_enc(addPKCS7Padding(received_message, 16), state["b_cipherkey"], b_iv);
state["b_cipher"] = b_cipher;
state["b_iv"] = b_iv;
state["b_received_plain"] = received_message;
return state;
def message6(state):
secret = mypow(state["A"], state["b"], state["p"]);
state["b_cipherkey"], state["b_mackey"] = secretToKeys(intToBytes(secret));
b_iv = generateAESKey();
received_message = removePKCS7Padding(aes_cbc_dec(state["a_cipher"], state["b_cipherkey"], state["a_iv"]));
b_cipher = aes_cbc_enc(addPKCS7Padding(received_message, 16), state["b_cipherkey"], b_iv);
state["b_cipher"] = b_cipher;
state["b_iv"] = b_iv;
state["b_received_plain"] = received_message;
print("B->A Send AES-CBC(SHA1(s)[0:16], iv=random(16), A's msg) + iv");
return state;
def message6(state):
secret = mypow(state["A"], state["b"], state["p"])
state["b_cipherkey"], state["b_mackey"] = secretToKeys(intToBytes(secret))
b_iv = generateAESKey()
received_message = removePKCS7Padding(
aes_cbc_dec(state["a_cipher"], state["b_cipherkey"], state["a_iv"]))
b_cipher = aes_cbc_enc(addPKCS7Padding(received_message, 16),
state["b_cipherkey"], b_iv)
state["b_cipher"] = b_cipher
state["b_iv"] = b_iv
state["b_received_plain"] = received_message
return state
def message3_5(state):
# A's secret is p^a = (g^1) ^ a = A
cipherkey, mackey = secretToKeys(intToBytes(state["A"]))
plain = removePKCS7Padding(aes_cbc_dec(state["a_cipher"], cipherkey, state["a_iv"]));
# B's secret is p^b = (g^1)^b = B
cipherkey, mackey = secretToKeys(intToBytes(state["B"]))
cipher = aes_cbc_enc(addPKCS7Padding(plain, 16), cipherkey, state["a_iv"]);
state["a_cipher"] = cipher;
print("A->M Send AES-CBC(SHA1(s)[0:16], iv=random(16), msg) + iv");
#print(state);
print('-'*64);
return state;
def message4_5(state):
# message 3.5 in the opposite order
cipherkey, mackey = secretToKeys(intToBytes(state["B"]))
plain = removePKCS7Padding(aes_cbc_dec(state["b_cipher"], cipherkey, state["b_iv"]));
cipherkey, mackey = secretToKeys(intToBytes(state["A"]))
cipher = aes_cbc_enc(addPKCS7Padding(plain, 16), cipherkey, state["b_iv"]);
state["b_cipher"] = cipher;
print("B->M Send AES-CBC(SHA1(s)[0:16], iv=random(16), A's msg) + iv");
print("M->A Relay that to A");
#print(state);
print('-'*64);
return state;
def message3_5(state):
# A's secret is p^a = (g^1) ^ a = A
cipherkey, mackey = secretToKeys(intToBytes(state["A"]))
plain = removePKCS7Padding(
aes_cbc_dec(state["a_cipher"], cipherkey, state["a_iv"]))
# B's secret is p^b = (g^1)^b = B
cipherkey, mackey = secretToKeys(intToBytes(state["B"]))
cipher = aes_cbc_enc(addPKCS7Padding(plain, 16), cipherkey, state["a_iv"])
state["a_cipher"] = cipher
print(
"A->M Send AES-CBC(SHA1(s)[0:16], iv=random(16), msg) + iv")
#print(state);
print('-' * 64)
return state
def message6(state):
secret = mypow(state["A"], state["b"], state["p"])
state["b_cipherkey"], state["b_mackey"] = secretToKeys(intToBytes(secret))
b_iv = generateAESKey()
received_message = removePKCS7Padding(
aes_cbc_dec(state["a_cipher"], state["b_cipherkey"], state["a_iv"]))
b_cipher = aes_cbc_enc(addPKCS7Padding(received_message, 16),
state["b_cipherkey"], b_iv)
state["b_cipher"] = b_cipher
state["b_iv"] = b_iv
state["b_received_plain"] = received_message
print(
"B->A Send AES-CBC(SHA1(s)[0:16], iv=random(16), A's msg) + iv"
)
return state
def message4_5(state):
# message 3.5 in the opposite order
cipherkey, mackey = secretToKeys(intToBytes(state["B"]))
plain = removePKCS7Padding(
aes_cbc_dec(state["b_cipher"], cipherkey, state["b_iv"]))
cipherkey, mackey = secretToKeys(intToBytes(state["A"]))
cipher = aes_cbc_enc(addPKCS7Padding(plain, 16), cipherkey, state["b_iv"])
state["b_cipher"] = cipher
print(
"B->M Send AES-CBC(SHA1(s)[0:16], iv=random(16), A's msg) + iv"
)
print("M->A Relay that to A")
#print(state);
print('-' * 64)
return state
def decryptAndCheckAscii(cip):
rawPlain = aes_cbc_dec(cip, global_aes_key, global_iv)
if (checkAscii(rawPlain)):
return (True, b'')
else:
return (False, rawPlain)
def decryptAndCheckAscii(cip):
rawPlain = aes_cbc_dec(cip, global_aes_key, global_iv);
if (checkAscii(rawPlain)):
return (True, b'');
else:
return (False, rawPlain);
def final(state):
state["a_received_plain"] = removePKCS7Padding(aes_cbc_dec(state["b_cipher"], state["a_cipherkey"], state["b_iv"]));
return state;
def final(state):
state["a_received_plain"] = removePKCS7Padding(
aes_cbc_dec(state["b_cipher"], state["a_cipherkey"], state["b_iv"]))
return state
def message6_5_gp1(state):
# decrypt message from B's key, encrypt to A's key
state["m_plain_b"] = removePKCS7Padding(aes_cbc_dec(state["b_cipher"], state["m_key_b"], state["b_iv"]));
state["b_cipher"] = aes_cbc_enc(addPKCS7Padding(state["m_plain_b"], 16), state["m_key_a"], state["b_iv"]);
return state;