def message5_5_gp1(state): # (p-1) is essentially (-1) # B's secret is (-1)^b which is either (+1) or (-1) (and also B) # A's secret is (-1)^b^a, which is either (+1) or (-1), # but not necessarily the same as B's secret # thus, we may need to modify cipher # use CBC padding to check validity of key # check validity of cbc padding to determine which # B's secret cipherkey_plus1, mackey_plus1 = secretToKeys(intToBytes(1)); cipherkey_minus1, mackey_minus1 = secretToKeys(intToBytes(state["p"]-1)); plain_plus1 = aes_cbc_dec(state["a_cipher"], cipherkey_plus1, state["a_iv"]) plain_minus1 = aes_cbc_dec(state["a_cipher"], cipherkey_minus1, state["a_iv"]) plain = None; try: plain = checkAndRemovePKCS7Padding(plain_plus1) state["m_key_a"] = cipherkey_plus1 except ValueError: plain = checkAndRemovePKCS7Padding(plain_minus1) state["m_key_a"] = cipherkey_minus1 state["m_plain_a"] = plain; # encrypt to B's key state["m_key_b"], b_mackey = secretToKeys(intToBytes(state["B"])) state["a_cipher"] = aes_cbc_enc(addPKCS7Padding(plain, 16), state["m_key_b"], state["a_iv"]); return state;
def message5_5_gp1(state): # (p-1) is essentially (-1) # B's secret is (-1)^b which is either (+1) or (-1) (and also B) # A's secret is (-1)^b^a, which is either (+1) or (-1), # but not necessarily the same as B's secret # thus, we may need to modify cipher # use CBC padding to check validity of key # check validity of cbc padding to determine which # B's secret cipherkey_plus1, mackey_plus1 = secretToKeys(intToBytes(1)) cipherkey_minus1, mackey_minus1 = secretToKeys(intToBytes(state["p"] - 1)) plain_plus1 = aes_cbc_dec(state["a_cipher"], cipherkey_plus1, state["a_iv"]) plain_minus1 = aes_cbc_dec(state["a_cipher"], cipherkey_minus1, state["a_iv"]) plain = None try: plain = checkAndRemovePKCS7Padding(plain_plus1) state["m_key_a"] = cipherkey_plus1 except ValueError: plain = checkAndRemovePKCS7Padding(plain_minus1) state["m_key_a"] = cipherkey_minus1 state["m_plain_a"] = plain # encrypt to B's key state["m_key_b"], b_mackey = secretToKeys(intToBytes(state["B"])) state["a_cipher"] = aes_cbc_enc(addPKCS7Padding(plain, 16), state["m_key_b"], state["a_iv"]) return state
def message4_5(state): # message 3.5 in the opposite order cipherkey, mackey = secretToKeys(intToBytes(state["B"])) plain = removePKCS7Padding(aes_cbc_dec(state["b_cipher"], cipherkey, state["b_iv"])); cipherkey, mackey = secretToKeys(intToBytes(state["A"])) cipher = aes_cbc_enc(addPKCS7Padding(plain, 16), cipherkey, state["b_iv"]); state["b_cipher"] = cipher; return state;
def message4_5(state): # message 3.5 in the opposite order cipherkey, mackey = secretToKeys(intToBytes(state["B"])) plain = removePKCS7Padding( aes_cbc_dec(state["b_cipher"], cipherkey, state["b_iv"])) cipherkey, mackey = secretToKeys(intToBytes(state["A"])) cipher = aes_cbc_enc(addPKCS7Padding(plain, 16), cipherkey, state["b_iv"]) state["b_cipher"] = cipher return state
def message3_5(state): # A's secret is p^a = (g^1) ^ a = A cipherkey, mackey = secretToKeys(intToBytes(state["A"])) plain = removePKCS7Padding(aes_cbc_dec(state["a_cipher"], cipherkey, state["a_iv"])); # B's secret is p^b = (g^1)^b = B cipherkey, mackey = secretToKeys(intToBytes(state["B"])) cipher = aes_cbc_enc(addPKCS7Padding(plain, 16), cipherkey, state["a_iv"]); state["a_cipher"] = cipher; return state;
def message3_5(state): # A's secret is p^a = (g^1) ^ a = A cipherkey, mackey = secretToKeys(intToBytes(state["A"])) plain = removePKCS7Padding( aes_cbc_dec(state["a_cipher"], cipherkey, state["a_iv"])) # B's secret is p^b = (g^1)^b = B cipherkey, mackey = secretToKeys(intToBytes(state["B"])) cipher = aes_cbc_enc(addPKCS7Padding(plain, 16), cipherkey, state["a_iv"]) state["a_cipher"] = cipher return state
def message4_5(state): # message 3.5 in the opposite order cipherkey, mackey = secretToKeys(intToBytes(state["B"])) plain = removePKCS7Padding(aes_cbc_dec(state["b_cipher"], cipherkey, state["b_iv"])); cipherkey, mackey = secretToKeys(intToBytes(state["A"])) cipher = aes_cbc_enc(addPKCS7Padding(plain, 16), cipherkey, state["b_iv"]); state["b_cipher"] = cipher; print("B->M Send AES-CBC(SHA1(s)[0:16], iv=random(16), A's msg) + iv"); print("M->A Relay that to A"); #print(state); print('-'*64); return state;
def message3_5(state): # A's secret is p^a = (g^1) ^ a = A cipherkey, mackey = secretToKeys(intToBytes(state["A"])) plain = removePKCS7Padding(aes_cbc_dec(state["a_cipher"], cipherkey, state["a_iv"])); # B's secret is p^b = (g^1)^b = B cipherkey, mackey = secretToKeys(intToBytes(state["B"])) cipher = aes_cbc_enc(addPKCS7Padding(plain, 16), cipherkey, state["a_iv"]); state["a_cipher"] = cipher; print("A->M Send AES-CBC(SHA1(s)[0:16], iv=random(16), msg) + iv"); #print(state); print('-'*64); return state;
def message3_5(state): # A's secret is p^a = (g^1) ^ a = A cipherkey, mackey = secretToKeys(intToBytes(state["A"])) plain = removePKCS7Padding( aes_cbc_dec(state["a_cipher"], cipherkey, state["a_iv"])) # B's secret is p^b = (g^1)^b = B cipherkey, mackey = secretToKeys(intToBytes(state["B"])) cipher = aes_cbc_enc(addPKCS7Padding(plain, 16), cipherkey, state["a_iv"]) state["a_cipher"] = cipher print( "A->M Send AES-CBC(SHA1(s)[0:16], iv=random(16), msg) + iv") #print(state); print('-' * 64) return state
def message4_5(state): # message 3.5 in the opposite order cipherkey, mackey = secretToKeys(intToBytes(state["B"])) plain = removePKCS7Padding( aes_cbc_dec(state["b_cipher"], cipherkey, state["b_iv"])) cipherkey, mackey = secretToKeys(intToBytes(state["A"])) cipher = aes_cbc_enc(addPKCS7Padding(plain, 16), cipherkey, state["b_iv"]) state["b_cipher"] = cipher print( "B->M Send AES-CBC(SHA1(s)[0:16], iv=random(16), A's msg) + iv" ) print("M->A Relay that to A") #print(state); print('-' * 64) return state
def message5(state): message = b"Thomas, he's the cheeky one. James is vain but lots of fun!"; secret = mypow(state["B"], state["a"], group5_p); state["a_cipherkey"], state["a_mackey"] = secretToKeys(intToBytes(secret)); state["a_iv"] = generateAESKey(); state["a_cipher"] = aes_cbc_enc(addPKCS7Padding(message, 16), state["a_cipherkey"], state["a_iv"]); return state;
def message5(state): message = b"Thomas, he's the cheeky one. James is vain but lots of fun!"; secret = mypow(state["B"], state["a"], group5_p); state["a_cipherkey"], state["a_mackey"] = secretToKeys(intToBytes(secret)); state["a_iv"] = generateAESKey(); state["a_cipher"] = aes_cbc_enc(addPKCS7Padding(message, 16), state["a_cipherkey"], state["a_iv"]); print('A->B Send AES-CBC(SHA1(s)[0:16], iv=random(16), msg) + iv'); return state;
def message5(state): message = b"Thomas, he's the cheeky one. James is vain but lots of fun!" secret = mypow(state["B"], state["a"], group5_p) state["a_cipherkey"], state["a_mackey"] = secretToKeys(intToBytes(secret)) state["a_iv"] = generateAESKey() state["a_cipher"] = aes_cbc_enc(addPKCS7Padding(message, 16), state["a_cipherkey"], state["a_iv"]) return state
def message3(state): a_shared = mypow(state["B"], state["a"], state["p"]); state["a_cipherkey"], state["a_mackey"] = secretToKeys(intToBytes(a_shared)); a_iv = generateAESKey(); message = b"mary had a little lamb" a_cipher = aes_cbc_enc(addPKCS7Padding(message, 16), state["a_cipherkey"], a_iv); state["a_cipher"] = a_cipher; state["a_iv"] = a_iv; return state;
def message6(state): secret = mypow(state["A"], state["b"], state["p"]); state["b_cipherkey"], state["b_mackey"] = secretToKeys(intToBytes(secret)); b_iv = generateAESKey(); received_message = removePKCS7Padding(aes_cbc_dec(state["a_cipher"], state["b_cipherkey"], state["a_iv"])); b_cipher = aes_cbc_enc(addPKCS7Padding(received_message, 16), state["b_cipherkey"], b_iv); state["b_cipher"] = b_cipher; state["b_iv"] = b_iv; state["b_received_plain"] = received_message; return state;
def message5(state): message = b"Thomas, he's the cheeky one. James is vain but lots of fun!" secret = mypow(state["B"], state["a"], group5_p) state["a_cipherkey"], state["a_mackey"] = secretToKeys(intToBytes(secret)) state["a_iv"] = generateAESKey() state["a_cipher"] = aes_cbc_enc(addPKCS7Padding(message, 16), state["a_cipherkey"], state["a_iv"]) print( 'A->B Send AES-CBC(SHA1(s)[0:16], iv=random(16), msg) + iv') return state
def message3(state): a_shared = mypow(state["B"], state["a"], state["p"]) state["a_cipherkey"], state["a_mackey"] = secretToKeys( intToBytes(a_shared)) a_iv = generateAESKey() message = b"mary had a little lamb" a_cipher = aes_cbc_enc(addPKCS7Padding(message, 16), state["a_cipherkey"], a_iv) state["a_cipher"] = a_cipher state["a_iv"] = a_iv return state
def message6(state): secret = mypow(state["A"], state["b"], state["p"]); state["b_cipherkey"], state["b_mackey"] = secretToKeys(intToBytes(secret)); b_iv = generateAESKey(); received_message = removePKCS7Padding(aes_cbc_dec(state["a_cipher"], state["b_cipherkey"], state["a_iv"])); b_cipher = aes_cbc_enc(addPKCS7Padding(received_message, 16), state["b_cipherkey"], b_iv); state["b_cipher"] = b_cipher; state["b_iv"] = b_iv; state["b_received_plain"] = received_message; print("B->A Send AES-CBC(SHA1(s)[0:16], iv=random(16), A's msg) + iv"); return state;
def message3(state): a_shared = mypow(state["B"], state["a"], state["p"]); state["a_cipherkey"], state["a_mackey"] = secretToKeys(intToBytes(a_shared)); a_iv = generateAESKey(); message = b"mary had a little lamb" a_cipher = aes_cbc_enc(addPKCS7Padding(message, 16), state["a_cipherkey"], a_iv); state["a_cipher"] = a_cipher; state["a_iv"] = a_iv; print("3.A->B Send AES-CBC(SHA1(s)[0:16], iv=random(16), msg) + iv"); #print(state); print('-'*64); return state;
def message6(state): secret = mypow(state["A"], state["b"], state["p"]) state["b_cipherkey"], state["b_mackey"] = secretToKeys(intToBytes(secret)) b_iv = generateAESKey() received_message = removePKCS7Padding( aes_cbc_dec(state["a_cipher"], state["b_cipherkey"], state["a_iv"])) b_cipher = aes_cbc_enc(addPKCS7Padding(received_message, 16), state["b_cipherkey"], b_iv) state["b_cipher"] = b_cipher state["b_iv"] = b_iv state["b_received_plain"] = received_message return state
def check_protocol_g1(state): # B's public key is 1^b = 1. # A's secret is (1)^a = 1. # B's secret is (1)^b = 1 # In this case, Mallory doesn't need to modify ciphers, # becasue A and B have the same shared secret. # But Mallory gets to know their messages (and potentially # inject her own) m_secret = 1; m_cipherkey, m_mackey = secretToKeys(intToBytes(m_secret)); m_plain_a = removePKCS7Padding(aes_cbc_dec(state["a_cipher"], m_cipherkey, state["a_iv"])); m_plain_b = removePKCS7Padding(aes_cbc_dec(state["b_cipher"], m_cipherkey, state["b_iv"])); assert(m_plain_a == state["a_received_plain"]); assert(m_plain_b == state["b_received_plain"]);
def message3(state): a_shared = mypow(state["B"], state["a"], state["p"]) state["a_cipherkey"], state["a_mackey"] = secretToKeys( intToBytes(a_shared)) a_iv = generateAESKey() message = b"mary had a little lamb" a_cipher = aes_cbc_enc(addPKCS7Padding(message, 16), state["a_cipherkey"], a_iv) state["a_cipher"] = a_cipher state["a_iv"] = a_iv print("3.A->B Send AES-CBC(SHA1(s)[0:16], iv=random(16), msg) + iv") #print(state); print('-' * 64) return state
def message6(state): secret = mypow(state["A"], state["b"], state["p"]) state["b_cipherkey"], state["b_mackey"] = secretToKeys(intToBytes(secret)) b_iv = generateAESKey() received_message = removePKCS7Padding( aes_cbc_dec(state["a_cipher"], state["b_cipherkey"], state["a_iv"])) b_cipher = aes_cbc_enc(addPKCS7Padding(received_message, 16), state["b_cipherkey"], b_iv) state["b_cipher"] = b_cipher state["b_iv"] = b_iv state["b_received_plain"] = received_message print( "B->A Send AES-CBC(SHA1(s)[0:16], iv=random(16), A's msg) + iv" ) return state
def check_protocol_g1(state): # B's public key is 1^b = 1. # A's secret is (1)^a = 1. # B's secret is (1)^b = 1 # In this case, Mallory doesn't need to modify ciphers, # becasue A and B have the same shared secret. # But Mallory gets to know their messages (and potentially # inject her own) m_secret = 1 m_cipherkey, m_mackey = secretToKeys(intToBytes(m_secret)) m_plain_a = removePKCS7Padding( aes_cbc_dec(state["a_cipher"], m_cipherkey, state["a_iv"])) m_plain_b = removePKCS7Padding( aes_cbc_dec(state["b_cipher"], m_cipherkey, state["b_iv"])) assert (m_plain_a == state["a_received_plain"]) assert (m_plain_b == state["b_received_plain"])