コード例 #1
def message5(state):
    message = b"Thomas, he's the cheeky one.  James is vain but lots of fun!";
    secret = mypow(state["B"], state["a"], group5_p);
    state["a_cipherkey"], state["a_mackey"] = secretToKeys(intToBytes(secret));
    state["a_iv"] = generateAESKey();
    state["a_cipher"] = aes_cbc_enc(addPKCS7Padding(message, 16), state["a_cipherkey"], state["a_iv"]);
    return state;
コード例 #2
ファイル: prob35.py プロジェクト: Darriall/cipher-1
def message5(state):
    message = b"Thomas, he's the cheeky one.  James is vain but lots of fun!";
    secret = mypow(state["B"], state["a"], group5_p);
    state["a_cipherkey"], state["a_mackey"] = secretToKeys(intToBytes(secret));
    state["a_iv"] = generateAESKey();
    state["a_cipher"] = aes_cbc_enc(addPKCS7Padding(message, 16), state["a_cipherkey"], state["a_iv"]);
    print('A->B            Send AES-CBC(SHA1(s)[0:16], iv=random(16), msg) + iv');
    return state;
コード例 #3
ファイル: prob35.py プロジェクト: Cyke1/cryptopals-2
def message5(state):
    message = b"Thomas, he's the cheeky one.  James is vain but lots of fun!"
    secret = mypow(state["B"], state["a"], group5_p)
    state["a_cipherkey"], state["a_mackey"] = secretToKeys(intToBytes(secret))
    state["a_iv"] = generateAESKey()
    state["a_cipher"] = aes_cbc_enc(addPKCS7Padding(message, 16),
                                    state["a_cipherkey"], state["a_iv"])
    return state
コード例 #4
def message3(state):
    a_shared = mypow(state["B"], state["a"], state["p"]);
    state["a_cipherkey"], state["a_mackey"] = secretToKeys(intToBytes(a_shared));
    a_iv = generateAESKey();
    message = b"mary had a little lamb"
    a_cipher = aes_cbc_enc(addPKCS7Padding(message, 16), state["a_cipherkey"], a_iv);
    state["a_cipher"] = a_cipher;
    state["a_iv"] = a_iv;
    return state;
コード例 #5
def message6(state):
    secret = mypow(state["A"], state["b"], state["p"]);
    state["b_cipherkey"], state["b_mackey"] = secretToKeys(intToBytes(secret));
    b_iv = generateAESKey();
    received_message = removePKCS7Padding(aes_cbc_dec(state["a_cipher"], state["b_cipherkey"], state["a_iv"]));
    b_cipher = aes_cbc_enc(addPKCS7Padding(received_message, 16), state["b_cipherkey"], b_iv);
    state["b_cipher"] = b_cipher;
    state["b_iv"] = b_iv;
    state["b_received_plain"] = received_message;
    return state;
コード例 #6
ファイル: prob35.py プロジェクト: ninoNinkovic/cipher
def message5(state):
    message = b"Thomas, he's the cheeky one.  James is vain but lots of fun!"
    secret = mypow(state["B"], state["a"], group5_p)
    state["a_cipherkey"], state["a_mackey"] = secretToKeys(intToBytes(secret))
    state["a_iv"] = generateAESKey()
    state["a_cipher"] = aes_cbc_enc(addPKCS7Padding(message, 16),
                                    state["a_cipherkey"], state["a_iv"])
        'A->B            Send AES-CBC(SHA1(s)[0:16], iv=random(16), msg) + iv')
    return state
コード例 #7
ファイル: prob35.py プロジェクト: Darriall/cipher-1
def message6(state):
    secret = mypow(state["A"], state["b"], state["p"]);
    state["b_cipherkey"], state["b_mackey"] = secretToKeys(intToBytes(secret));
    b_iv = generateAESKey();
    received_message = removePKCS7Padding(aes_cbc_dec(state["a_cipher"], state["b_cipherkey"], state["a_iv"]));
    b_cipher = aes_cbc_enc(addPKCS7Padding(received_message, 16), state["b_cipherkey"], b_iv);
    state["b_cipher"] = b_cipher;
    state["b_iv"] = b_iv;
    state["b_received_plain"] = received_message;
    print("B->A            Send AES-CBC(SHA1(s)[0:16], iv=random(16), A's msg) + iv");
    return state;
コード例 #8
ファイル: prob34.py プロジェクト: Cyke1/cryptopals-2
def message3(state):
    a_shared = mypow(state["B"], state["a"], state["p"])
    state["a_cipherkey"], state["a_mackey"] = secretToKeys(
    a_iv = generateAESKey()
    message = b"mary had a little lamb"
    a_cipher = aes_cbc_enc(addPKCS7Padding(message, 16), state["a_cipherkey"],
    state["a_cipher"] = a_cipher
    state["a_iv"] = a_iv
    return state
コード例 #9
ファイル: prob34.py プロジェクト: Darriall/cipher-1
def message3(state):
    a_shared = mypow(state["B"], state["a"], state["p"]);
    state["a_cipherkey"], state["a_mackey"] = secretToKeys(intToBytes(a_shared));
    a_iv = generateAESKey();
    message = b"mary had a little lamb"
    a_cipher = aes_cbc_enc(addPKCS7Padding(message, 16), state["a_cipherkey"], a_iv);
    state["a_cipher"] = a_cipher;
    state["a_iv"] = a_iv;
    print("3.A->B Send AES-CBC(SHA1(s)[0:16], iv=random(16), msg) + iv");
    return state;
コード例 #10
ファイル: prob35.py プロジェクト: Cyke1/cryptopals-2
def message6(state):
    secret = mypow(state["A"], state["b"], state["p"])
    state["b_cipherkey"], state["b_mackey"] = secretToKeys(intToBytes(secret))
    b_iv = generateAESKey()
    received_message = removePKCS7Padding(
        aes_cbc_dec(state["a_cipher"], state["b_cipherkey"], state["a_iv"]))
    b_cipher = aes_cbc_enc(addPKCS7Padding(received_message, 16),
                           state["b_cipherkey"], b_iv)
    state["b_cipher"] = b_cipher
    state["b_iv"] = b_iv
    state["b_received_plain"] = received_message
    return state
コード例 #11
ファイル: prob34.py プロジェクト: ninoNinkovic/cipher
def message3(state):
    a_shared = mypow(state["B"], state["a"], state["p"])
    state["a_cipherkey"], state["a_mackey"] = secretToKeys(
    a_iv = generateAESKey()
    message = b"mary had a little lamb"
    a_cipher = aes_cbc_enc(addPKCS7Padding(message, 16), state["a_cipherkey"],
    state["a_cipher"] = a_cipher
    state["a_iv"] = a_iv
    print("3.A->B Send AES-CBC(SHA1(s)[0:16], iv=random(16), msg) + iv")
    print('-' * 64)
    return state
コード例 #12
ファイル: prob35.py プロジェクト: ninoNinkovic/cipher
def message6(state):
    secret = mypow(state["A"], state["b"], state["p"])
    state["b_cipherkey"], state["b_mackey"] = secretToKeys(intToBytes(secret))
    b_iv = generateAESKey()
    received_message = removePKCS7Padding(
        aes_cbc_dec(state["a_cipher"], state["b_cipherkey"], state["a_iv"]))
    b_cipher = aes_cbc_enc(addPKCS7Padding(received_message, 16),
                           state["b_cipherkey"], b_iv)
    state["b_cipher"] = b_cipher
    state["b_iv"] = b_iv
    state["b_received_plain"] = received_message
        "B->A            Send AES-CBC(SHA1(s)[0:16], iv=random(16), A's msg) + iv"
    return state
コード例 #13
ファイル: prob20.py プロジェクト: ninoNinkovic/cipher
b'U28gSSB3YWxrIHVwIHRoZSBzdHJlZXQgd2hpc3RsaW4nIHRoaXMgLyBGZWVsaW4nIG91dCBvZiBwbGFjZSAnY3V6LCBtYW4sIGRvIEkgbWlzcw==', \
b'RmlzaCwgd2hpY2ggaXMgbXkgZmF2b3JpdGUgZGlzaCAvIEJ1dCB3aXRob3V0IG5vIG1vbmV5IGl0J3Mgc3RpbGwgYSB3aXNo', \
b'J0N1eiBJIGRvbid0IGxpa2UgdG8gZHJlYW0gYWJvdXQgZ2V0dGluJyBwYWlkIC8gU28gSSBkaWcgaW50byB0aGUgYm9va3Mgb2YgdGhlIHJoeW1lcyB0aGF0IEkgbWFkZQ==', \
b'U28gbm93IHRvIHRlc3QgdG8gc2VlIGlmIEkgZ290IHB1bGwgLyBIaXQgdGhlIHN0dWRpbywgJ2N1eiBJJ20gcGFpZCBpbiBmdWxs', \
b'UmFraW0sIGNoZWNrIHRoaXMgb3V0LCB5byAvIFlvdSBnbyB0byB5b3VyIGdpcmwgaG91c2UgYW5kIEknbGwgZ28gdG8gbWluZQ==', \
b'J0NhdXNlIG15IGdpcmwgaXMgZGVmaW5pdGVseSBtYWQgLyAnQ2F1c2UgaXQgdG9vayB1cyB0b28gbG9uZyB0byBkbyB0aGlzIGFsYnVt', \
b'WW8sIEkgaGVhciB3aGF0IHlvdSdyZSBzYXlpbmcgLyBTbyBsZXQncyBqdXN0IHB1bXAgdGhlIG11c2ljIHVw', \
b'QW5kIGNvdW50IG91ciBtb25leSAvIFlvLCB3ZWxsIGNoZWNrIHRoaXMgb3V0LCB5byBFbGk=', \
b'VHVybiBkb3duIHRoZSBiYXNzIGRvd24gLyBBbmQgbGV0IHRoZSBiZWF0IGp1c3Qga2VlcCBvbiByb2NraW4n', \
b'QW5kIHdlIG91dHRhIGhlcmUgLyBZbywgd2hhdCBoYXBwZW5lZCB0byBwZWFjZT8gLyBQZWFjZQ==', \

rawPlains = [base64toRaw(c) for c in b64Plains]

aesKey = generateAESKey()

rawCiphers = [aes_ctr(p, aesKey, b'\x00' * 16) for p in rawPlains]

# To exploit this: take your collection of ciphertexts and truncate
# them to a common length (the length of the smallest ciphertext will
# work).
shortestCipherLength = min([len(c) for c in rawCiphers])
truncatedCiphers = [c[0:shortestCipherLength] for c in rawCiphers]

# Solve the resulting concatenation of ciphertexts as if for repeating-
# key XOR, with a key size of the length of the ciphertext you XOR'd.'''
def solve20():
    keystream = b''
    # for the 0th, 1st, 2nd byte...
コード例 #14
ファイル: prob25.py プロジェクト: Darriall/cipher-1
#!/usr/bin/env python
# Written against python 3.3.1
# Matasano Problem 25
# Break "random access read/write AES CTR
from prob7 import doProb7
from prob11 import generateAESKey
from prob18 import aes_ctr, raw_xor

# Back to CTR. Encrypt the recovered plaintext from
# (the ECB exercise) 
# under CTR with a random key (for this exercise the
# key should be unknown to you, but hold on to it).
plaintext = doProb7();
key = generateAESKey();
iv = b'\x00' * 16;
cipher = aes_ctr(plaintext, key, iv);

# Now, write the code that allows you to "seek" into the ciphertext,
# decrypt, and re-encrypt with different plaintext. Expose this as a
# function, like, "edit(ciphertext, key, offet, newtext)".
def editCipher(cipher, key, offset, new):
    oldPlain = aes_ctr(cipher, key, iv);
    newPlain = oldPlain[0:offset] + new + oldPlain[offset+len(new):];
    newCipher = aes_ctr(newPlain, key, iv);
    return newCipher;

コード例 #15
# Matasano Problem 27
# CBC bit flipping
from prob11 import generateAESKey
from prob10 import aes_cbc_dec, aes_cbc_enc
from prob18 import raw_xor
from symbol import except_clause

# Recover the key from CBC with IV=Key

# Take your code from the CBC exercise (16) and modify it so that it
# repurposes the key for CBC encryption as the IV. Applications
# sometimes use the key as an IV on the auspices that both the sender
# and the receiver have to know the key already, and can save some space
# by using it as both a key and an IV.

global_aes_key = generateAESKey()
global_iv = global_aes_key

# Using the key as an IV is insecure; an attacker that can modify
# ciphertext in flight can get the receiver to decrypt a value that will
# reveal the key.

# The  CBC code from exercise 16 encrypts a URL string. Verify each byte
# of the plaintext for ASCII compliance (ie, look for high-ASCII
# values). Noncompliant messages should raise an exception or return an
# error that includes the decrypted plaintext (this happens all the time
# in real systems, for what it's worth).

def checkAscii(s):
    for b in s:
コード例 #16
#!/usr/bin/env python
# Written against python 3.3.1
# Matasano Problem 16
# 16. CBC bit flipping

from prob11 import generateAESKey
from prob10 import aes_cbc_enc, aes_cbc_dec
from prob9 import addPKCS7Padding
from prob15 import checkAndRemovePKCS7Padding
from prob8 import chunks
from prob2 import hex_xor
from prob1 import rawToHex, hexToRaw

# Generate a random AES key.
global_aes_key = generateAESKey();
global_iv = b'\x00' * 16;

# Combine your padding code and CBC code to write two functions.
# The first function should take an arbitrary input string, prepend the
# string:
#        "comment1=cooking%20MCs;userdata="
# and append the string:
#    ";comment2=%20like%20a%20pound%20of%20bacon"
# The function should quote out the ";" and "=" characters.
# The function should then pad out the input to the 16-byte AES block
# length and encrypt it under the random AES key.
prefix = "comment1=cooking%20MCs;userdata="
suffix = ";comment2=%20like%20a%20pound%20of%20bacon"
def padAndEncryptString(s):
    s = s.replace(";", "';'").replace("=", "'='");
    strInput = prefix + s + suffix;
コード例 #17
ファイル: prob17.py プロジェクト: ninoNinkovic/cipher
def encryptString():
    myString = rawStrings[getOneRandomByte() % len(rawStrings)];
    iv = generateAESKey(); # it's a 16-byte value...
    myOut = aes_cbc_enc(addPKCS7Padding(myString, 16), aeskey, iv);
    return myOut, iv;
コード例 #18
ファイル: prob17.py プロジェクト: ninoNinkovic/cipher
b64Strings = [ b'MDAwMDAwTm93IHRoYXQgdGhlIHBhcnR5IGlzIGp1bXBpbmc=', 
              b'MDAwMDA5aXRoIG15IHJhZy10b3AgZG93biBzbyBteSBoYWlyIGNhbiBibG93' ];
rawStrings = [base64toRaw(s) for s in b64Strings];

# generate a random AES key (which it should save for all future
# encryptions), 
aeskey = generateAESKey();

# pad the string out to the 16-byte AES block size and
# CBC-encrypt it under that key, providing the caller the ciphertext and
# IV.
def encryptString():
    myString = rawStrings[getOneRandomByte() % len(rawStrings)];
    iv = generateAESKey(); # it's a 16-byte value...
    myOut = aes_cbc_enc(addPKCS7Padding(myString, 16), aeskey, iv);
    return myOut, iv;

# The second function should consume the ciphertext produced by the
# first function, decrypt it, check its padding, and return true or
# false depending on whether the padding is valid.
def checkPadding(rawCipher, rawIV):
    rawOutput = aes_cbc_dec(rawCipher, aeskey, rawIV);