コード例 #1
0
def F(k, x):
    k1, k2 = split(k)
    x1, x2 = split(x)

    y1 = AES(x1, k1)
    y2 = AES(k1, xor_strings(x2, k2))

    return y1 + y2
コード例 #2
0
def A_1(fn):
    output1 = fn("\x00" * block_len)
    output2 = fn("\xFF" * block_len)
    y1, y2 = split(output1)
    y3, y4 = split(output2)

    if (y2 + y1 == y3 + y4):
        return 1  #I think I'm in Real
    else:
        return 0  #I think I'm in Rand

    pass
コード例 #3
0
def A_2(fn):
    output1 = fn("\x00" * block_len)
    y1, y2 = split(output1)

    output2 = fn(y1)
    y3, y4 = split(output2)

    if (y2 == y3):
        return 1  #I think I'm in Real
    else:
        return 0  #I think I'm in Rand

    pass
コード例 #4
0
def hash_f(k, m):
    if len(m) != 2 * block:
        return None
    l, m = k, split(m)

    for i in range(2):
        x = enc(l, m[i])
        l = xor_strings(x, m[i])
    return x
コード例 #5
0
def decrypt(k, cipher):
    if len(cipher) != 3 * block:
        return None
    r, cipher = enc_i(k, cipher[:block]), cipher[block:]
    c, m = ['', ''], ''
    c[0], c[1] = split(cipher)
    for j in range(2):
        r_j = enc_i(k, c[j])
        m, r = m + xor_strings(enc_i(k, r_j), r), r_j
    return m
コード例 #6
0
ファイル: exercise_2.py プロジェクト: avivkiss/cs107-w16
    def _G(k, x):
        l_0, r_0 = split(x)

        L, R = [l_0], [r_0]

        for i in range(1, r + 1):
            L.append(R[i-1])
            R.append(xor_strings(g(k, R[i-1]), L[i-1]))

        return L[r] + R[r]
コード例 #7
0
def encrypt(k, input_m):
    if len(input_m) != 2 * block:
        return None
    m = ['', '']
    m[0], m[1] = split(input_m)
    r = random_string_bits(n)
    c = enc(k, r)
    for j in range(2):
        r = enc(k, xor_strings(r, m[j]))
        c += enc(k, r)
    return c
コード例 #8
0
ファイル: exercise_1.py プロジェクト: avivkiss/cs107-w16
def E(k, m):
    if len(m) != block_len * 4: return None

    m = split(m, block_len)

    c = [random_string(block_len)]
    t = ["\x00" * block_len]

    for i in range(4):
        c += [AES(k, xor_strings(m[i], c[i]))]
        t += [AES(k, xor_strings(m[i], t[i]))]

    return join(c), t[-1]
コード例 #9
0
def E(k, m):
    if len(m) != block_len * 4: return None

    m = split(m, block_len)

    c = [random_string(block_len)]
    t = ["\x00" * block_len]

    for i in range(4):
        c += [AES(k, xor_strings(m[i], c[i]))]
        t += [AES(k, xor_strings(m[i], t[i]))]

    return join(c), t[-1]
コード例 #10
0
def encrypt(k, m):
    if len(m) != block_size:
        return None

    m = [None] + split(m, block_size / 4)
    ce = [random_string(16)]
    cm = ["\x00" * 16]

    for i in range(1, 5):
        ce += [AES(k, xor_strings(ce[i - 1], m[i]))]
        cm += [AES(k, xor_strings(cm[i - 1], m[i]))]

    return join(ce), cm[4]
コード例 #11
0
ファイル: exercise_1.py プロジェクト: avivkiss/cs107-w16
    m = split(m, block_len)

    c = [random_string(block_len)]
    t = ["\x00" * block_len]

    for i in range(4):
        c += [AES(k, xor_strings(m[i], c[i]))]
        t += [AES(k, xor_strings(m[i], t[i]))]

    return join(c), t[-1]

def D(k, (c, t)):
    if len(c) != block_len * 5: return None

    c = split(c, block_len)

    m = []
    tm = ["\x00" * block_len]

    for i in range(4):
        m += [xor_strings(AES_I(k, c[i+1]), c[i])]
        tm += [AES(k, xor_strings(m[i], tm[i]))]

    if tm[-1] != t: return None

    return join(m)


"""
1. [20 points] Give an IND-CPA adversary that shows that this sceme is not
コード例 #12
0
    m = split(m, block_len)

    c = [random_string(block_len)]
    t = ["\x00" * block_len]

    for i in range(4):
        c += [AES(k, xor_strings(m[i], c[i]))]
        t += [AES(k, xor_strings(m[i], t[i]))]

    return join(c), t[-1]


def D(k, (c, t)):
    if len(c) != block_len * 5: return None

    c = split(c, block_len)

    m = []
    tm = ["\x00" * block_len]

    for i in range(4):
        m += [xor_strings(AES_I(k, c[i + 1]), c[i])]
        tm += [AES(k, xor_strings(m[i], tm[i]))]

    if tm[-1] != t: return None

    return join(m)


"""
1. [20 points] Give an IND-CPA adversary that shows that this sceme is not
コード例 #13
0
    m = [None] + split(m, block_size / 4)
    ce = [random_string(16)]
    cm = ["\x00" * 16]

    for i in range(1, 5):
        ce += [AES(k, xor_strings(ce[i - 1], m[i]))]
        cm += [AES(k, xor_strings(cm[i - 1], m[i]))]

    return join(ce), cm[4]


def decrypt(k, (ce, t)):
    if len(ce) != block_size + 16:
        return None

    ce = split(ce, block_size / 4)
    cm = ["\x00" * 16]
    m = [None]

    for i in range(1, 5):
        m += [xor_strings(AES_I(k, ce[i]), ce[i - 1])]
        cm += [AES(k, xor_strings(cm[i - 1], m[i]))]

    if cm[4] != t:
        return None
    else:
        return join(m[1:])


"""
Give an INT-CTXT adversary that shows that this sceme is not secure: