def bob(to_alice, from_alice): """ Simulates Bob's communication with Alice via DH. Bob decrypts the messages then sends them back after re-encrypting under a new IV. Args: to_alice: a queue for sending messages to alice from_alice: a queue for receiving messages from alice """ # A->B Send p,g,A p, g, A = from_alice.get() b, B = c33.diffie_hellman(p, g) # B->A Send B to_alice.put(B) session_key = c33.make_session_key(A, b, p) key = session_key[0:16] msg = from_alice.get(0.5) while msg: msg_iv = msg[0:16] msg = msg[16:] d_msg = c10.aes_128_cbc_decrypt(msg, key, msg_iv) d_msg = c9.pkcs7_unpad(d_msg) iv = os.urandom(16) d_msg = c9.pkcs7_pad( d_msg) # i know this weird but it does perform a check echo = c10.aes_128_cbc_encrypt(d_msg, key, iv) echo = iv + echo to_alice.put(echo) try: msg = from_alice.get(timeout=0.5) except: msg = False
def encryption_oracle(): """ Encrypts a random string under AES-128-CBC Returns: A random, encrypted bytestring """ pt = random.choice(strs) pt = c1.base64toascii(pt) pt = c9.pkcs7_pad(pt) return c10.aes_128_cbc_encrypt(pt, key, iv)
def encrypt_userdata(data): """ Encrypts the given data under AES-128-CBC with a secret key, after appending and prepending data and quoting out metacharacters. Args: data: The user data to be encrypted Returns: AES-128-CBC(prefix || user-data || suffix, random-key) """ new_c = prefix + data.replace(b';', b'').replace(b'=', b'') + suffix new_c = c9.pkcs7_pad(new_c) return c10.aes_128_cbc_encrypt(new_c, key)
def alice(to_bob, from_bob, msgs): """ Simulates Alice's communication to Bob with DH. Alice checks that the echo she receives back is the same as the message she sent. Args: to_bob: a queue for sending messages out to bob from_bob: a queue for receiving messages from bob msgs: list of messages to send to bob """ p = "0xffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024" p += "e088a67cc74020bbea63b139b22514a08798e3404ddef9519b3cd" p += "3a431b302b0a6df25f14374fe1356d6d51c245e485b576625e7ec" p += "6f44c42e9a637ed6b0bff5cb6f406b7edee386bfb5a899fa5ae9f" p += "24117c4b1fe649286651ece45b3dc2007cb8a163bf0598da48361" p += "c55d39a69163fa8fd24cf5f83655d23dca3ad961c62f356208552" p += "bb9ed529077096966d670c354e4abc9804f1746c08ca237327fff" p += "fffffffffffff" p = int(p, 16) g = 2 a, A = c33.diffie_hellman(p, g) # A->B Send p,g,A to_bob.put([p, g, A]) # B->A Send B B = from_bob.get() session_key = c33.make_session_key(B, a, p) key = session_key[0:16] for msg in msgs: if DEBUG: print('Sending msg: ' + str(msg)) iv = os.urandom(16) e_msg = iv + c10.aes_128_cbc_encrypt(c9.pkcs7_pad(msg), key, iv) # A->B Send AES-CBC(key,msg,iv) + iv to_bob.put(e_msg) # B->A echo echo = from_bob.get() echo_msg = echo[16:] echo_iv = echo[0:16] d_echo = c10.aes_128_cbc_decrypt(echo_msg, key, echo_iv) d_echo = c9.pkcs7_unpad(d_echo) if DEBUG: print('Alice got echo: ' + str(d_echo)) assert d_echo == msg, d_echo
def alice(to_bob, from_bob, msgs): """ Simulates Alice's communication to Bob with DH. Alice checks that the echo she receives back is the same as the message she sent. Args: to_bob: a queue for sending messages out to bob from_bob: a queue for receiving messages from bob msgs: list of messages to send to bob """ p = P g = G a, A = c33.diffie_hellman(p, g) # A->B Send p,g to_bob.put([p, g]) # B->A Send ACK ack = from_bob.get() assert ack == "ACK" # A->B Send A to_bob.put(A) # B->A Send B B = from_bob.get() session_key = c33.make_session_key(B, a, p) key = session_key[0:16] for msg in msgs: if DEBUG: print('Sending msg: ' + str(msg)) iv = os.urandom(16) e_msg = iv + c10.aes_128_cbc_encrypt(c9.pkcs7_pad(msg), key, iv) # A->B Send AES-CBC(key,msg,iv) + iv to_bob.put(e_msg) # B->A echo echo = from_bob.get() echo_msg = echo[16:] echo_iv = echo[0:16] d_echo = c10.aes_128_cbc_decrypt(echo_msg, key, echo_iv) d_echo = c9.pkcs7_unpad(d_echo) if DEBUG: print('Alice got echo: ' + str(d_echo)) assert d_echo == msg, d_echo
def encryption_oracle(txt): global expected # GENERATE random key key = os.urandom(16) # GENERATE random number for ECB or CBC ecb = bool(random.getrandbits(1)) expected.append(ecb) # APPEND random bytes before and after before = os.urandom(random.randint(5, 10)) after = os.urandom(random.randint(5, 10)) txt = before + txt + after txt = c9.pkcs7_pad(txt) ct = b'' # IF CBC if not ecb: # GENERATE random IV iv = os.urandom(16) ct = c10.aes_128_cbc_encrypt(txt, key, iv) # ENCRYPT else: ct = AES.new(key, AES.MODE_ECB).encrypt(txt) return ct