def DHwithNegotiatedGroups(p, g):
print('g =', g, end='\n\n')
keyPairA = DiffieHellman.generateKeyPair(p, g)
A = keyPairA[1]
print("A to B: p, g")
print("B to A: ACK")
keyPairB = DiffieHellman.generateKeyPair(p, g)
B = keyPairB[1]
print("A to B: A")
print("B to A: B")
secretKeyA = DiffieHellman.DH(B, keyPairA, p)
secretKeyA_hex = hex(secretKeyA)[2:]
secretKeyA_hex = secretKeyA_hex if len(
secretKeyA_hex) % 2 == 0 else '0' + secretKeyA_hex
secretKeyA_bytes = bytes.fromhex(secretKeyA_hex)
AESkeyA = hashlib.sha1(secretKeyA_bytes).digest()[:16]
secretKeyB = DiffieHellman.DH(A, keyPairB, p)
secretKeyB_hex = hex(secretKeyB)[2:]
secretKeyB_hex = secretKeyB_hex if len(
secretKeyB_hex) % 2 == 0 else '0' + secretKeyB_hex
secretKeyB_bytes = bytes.fromhex(secretKeyB_hex)
AESkeyB = hashlib.sha1(secretKeyB_bytes).digest()[:16]
if g == 1:
print(secretKeyA == 1, end='\n\n\n')
if g == DiffieHellman.p:
print(secretKeyA == 0, end='\n\n\n')
if g == DiffieHellman.p - 1:
if A == DiffieHellman.p - 1 and B == DiffieHellman.p - 1:
print(secretKeyA == DiffieHellman.p - 1, end='\n\n\n')
else:
print(secretKeyA == 1, end='\n\n\n')
def initComm(email, password):
keyPairA = DiffieHellman.generateKeyPair()
a = keyPairA[0]
A = keyPairA[1]
print("\nA:", A)
salt = input("\nSalt: ")
salt = int(salt)
B = input("B: ")
B = int(B)
u = input("\nu: ")
u = int(u)
x = getPasswordHash(password, salt)
S = pow(B, a + u * x, N)
S_H = hex(S)[2:]
if len(S_H) % 2 == 1:
S_H = '0' + S_H
K = hashlib.sha256(bytes.fromhex(S_H)).digest()
saltH = hex(salt)[2:]
if len(saltH) % 2 == 1:
saltH = '0' + saltH
hashFunc = hashlib.new('sha256')
secHash = HMAC.hmac(bytes.fromhex(saltH), K, hashFunc, hashFunc.block_size,
hashFunc.digest_size)
print("SecHash:", secHash.hex())
def keyExchangeProtocol():
p_A, g_A = DiffieHellman.p, DiffieHellman.g
keyPairA = DiffieHellman.generateKeyPair(p_A, g_A)
A = keyPairA[1]
print("A to B: p, g, A")
keyPairB = DiffieHellman.generateKeyPair(p_A, g_A)
B = keyPairB[1]
print("B to A: B")
secretKeyA = DiffieHellman.DH(B, keyPairA, p_A)
secretKeyB = DiffieHellman.DH(A, keyPairB, p_A)
messageA = 'This is my message suckerr.\nYour\'s Sincerely\nA'
messageA = bytes(messageA.encode('latin1'))
secretKeyA_bytes = bytes.fromhex(hex(secretKeyA)[2:])
AESkeyA = hashlib.sha1(secretKeyA_bytes).digest()[:16]
IV_A = helpers.getRandBytes(16)
ct = AES_CBC.AES_CBCencrypt(PKCS7.PKCS7(messageA, 16), AESkeyA, IV_A)
secretKeyB_bytes = bytes.fromhex(hex(secretKeyB)[2:])
AESkeyB = hashlib.sha1(secretKeyB_bytes).digest()[:16]
pt = AES_CBC.AES_CBCdecrypt(ct, AESkeyB, IV_A)
if PKCS7.PKCS7validate(pt, 16):
pt = PKCS7.PKCS7unpad(pt)
else:
raise Exception('Something is wrong')
IV_B = helpers.getRandBytes(16)
ct_BtoA = AES_CBC.AES_CBCencrypt(PKCS7.PKCS7(pt, 16), AESkeyB, IV_B)
messageA2 = AES_CBC.AES_CBCdecrypt(ct_BtoA, AESkeyA, IV_B)
if PKCS7.PKCS7validate(messageA2, 16):
messageA2 = PKCS7.PKCS7unpad(messageA2)
else:
raise Exception('Something is wrong')
if messageA == messageA2:
print('Connection established')
else:
print('No connection')
def initServer():
global k, N
initUsers()
op = 0
keyPairB = DiffieHellman.generateKeyPair()
while(op != 2):
print("Enter 1 to connect")
print("Enter 2 to exit")
op = input()
try:
op = int(op)
except:
print('Invalid input')
continue
else:
if op == 1:
I = input('email: ')
user = getUser(I)
A = input('A: ')
A = int(A)
B = k*user.v + keyPairB[1]
print('\nSalt:', user.salt)
print('B:', B, end = '\n\n')
A_H = hex(A)[2:]
B_H = hex(B)[2:]
ip = A_H + B_H
if len(ip)%2 == 1:
ip = '0'+ip
uH = hashlib.sha256(bytes.fromhex(ip)).hexdigest()
u = int(uH, 16)
S = pow(A*pow(user.v, u, N), keyPairB[0], N)
S_H = hex(S)[2:]
if len(S_H)%2 == 1:
S_H = '0'+S_H
K = hashlib.sha256(bytes.fromhex(S_H)).digest()
hashFunc = hashlib.new('sha256')
saltH = hex(user.salt)[2:]
if len(saltH)%2 == 1:
saltH = '0'+saltH
ctReq = HMAC.hmac(bytes.fromhex(saltH), K, hashFunc, hashFunc.block_size, hashFunc.digest_size)
ctIp = input('Enter required CT: ')
if ctIp == ctReq.hex():
print('\nOK\n\n')
else:
print('\nctReq =', ctReq.hex())
print('IP:', ctIp)
print('Incorrect\n\n')
def initComm(email, password):
global k, g, N
keyPairA = DiffieHellman.generateKeyPair()
a = keyPairA[0]
A = keyPairA[1]
print('\nA:', A)
print('')
salt = input('Salt: ')
salt = int(salt)
B = input('B: ')
B = int(B)
A_H = hex(A)[2:]
B_H = hex(B)[2:]
ip = A_H + B_H
if len(ip) % 2 == 1:
ip = '0' + ip
uH = hashlib.sha256(bytes.fromhex(ip)).hexdigest()
u = int(uH, 16)
#print('U:', u)
x = getPasswordHash(password, salt)
#print('X:', x)
S = pow(B - k * pow(g, x, N), a + u * x, N)
S_H = hex(S)[2:]
if len(S_H) % 2 == 1:
S_H = '0' + S_H
K = hashlib.sha256(bytes.fromhex(S_H)).digest()
hashFunc = hashlib.new('sha256')
saltH = hex(salt)[2:]
if len(saltH) % 2 == 1:
saltH = '0' + saltH
ctReq = HMAC.hmac(bytes.fromhex(saltH), K, hashFunc, hashFunc.block_size,
hashFunc.digest_size)
print('')
print('CT:', ctReq.hex())
print('')
def doMITMattack():
keyPairB = DiffieHellman.generateKeyPair()
b = keyPairB[0]
B = keyPairB[1]
email = input("Email: ")
A = input("A: ")
A = int(A)
salt = 0
u = 1
print("\nSalt:", salt)
print("B:", B)
print("\nu:", u)
secHash = input("\nHash: ")
passDict = open("dict.txt", 'r')
for line in passDict:
password = line[:len(line) - 1]
x = getPasswordHash(password, salt)
v = pow(g, x, N)
S = pow(A * pow(v, u, N), b, N)
S_H = hex(S)[2:]
if len(S_H) % 2 == 1:
S_H = '0' + S_H
K = hashlib.sha256(bytes.fromhex(S_H)).digest()
saltH = hex(salt)[2:]
if len(saltH) % 2 == 1:
saltH = '0' + saltH
hashFunc = hashlib.new('sha256')
generatedHash = HMAC.hmac(bytes.fromhex(saltH), K, hashFunc,
hashFunc.block_size, hashFunc.digest_size)
if generatedHash.hex() == secHash:
print("\nPassword is: ", password)
break
def initServer():
global N, g
initUsers()
keyPairB = DiffieHellman.generateKeyPair()
b = keyPairB[0]
B = keyPairB[1]
I = input("Email: ")
user = getUser(I)
A = input("A: ")
A = int(A)
u = random.randrange(0, pow(2, 128))
print("\nSalt:", user.salt)
print("B:", B)
print("\nu:", u, end="\n\n")
S = pow(A * pow(user.v, u, N), b, N)
S_H = hex(S)[2:]
if len(S_H) % 2 == 1:
S_H = '0' + S_H
K = hashlib.sha256(bytes.fromhex(S_H)).digest()
saltH = hex(user.salt)[2:]
if len(saltH) % 2 == 1:
saltH = '0' + saltH
hashFunc = hashlib.new('sha256')
secHash = HMAC.hmac(bytes.fromhex(saltH), K, hashFunc, hashFunc.block_size,
hashFunc.digest_size)
hashIp = input("Hash: ")
if hashIp == secHash.hex():
print("\nOK\n")
else:
print("\nHashReq:", secHash.hex())
print("HashIp:", hashIp)
print("Incorrect\n")
def MITM():
p_A, g_A = DiffieHellman.p, DiffieHellman.g
keyPairA = DiffieHellman.generateKeyPair(p_A, g_A)
A = keyPairA[1]
print("A to B: p, g, A")
print("Intercepted by M")
keyPairB = DiffieHellman.generateKeyPair(p_A, g_A)
B = keyPairB[1]
print("M to B: p, g, p")
print("B to M: B")
print("M to A: p")
secretKeyA = DiffieHellman.DH(p_A, keyPairA, p_A)
secretKeyB = DiffieHellman.DH(p_A, keyPairB, p_A)
messageA = 'This is my message suckerr.\nYour\'s Sincerely\nA'
messageA = bytes(messageA.encode('latin1'))
secretKeyA_bytes = bytes.fromhex(
hex(secretKeyA)[2:] if len(hex(secretKeyA)[2:]) % 2 == 0 else '0' +
hex(secretKeyA)[2:])
AESkeyA = hashlib.sha1(secretKeyA_bytes).digest()[:16]
IV_A = helpers.getRandBytes(16)
ct = AES_CBC.AES_CBCencrypt(PKCS7.PKCS7(messageA, 16), AESkeyA, IV_A)
secretKeyB_bytes = bytes.fromhex(
hex(secretKeyB)[2:] if len(hex(secretKeyB)[2:]) % 2 == 0 else '0' +
hex(secretKeyB)[2:])
AESkeyB = hashlib.sha1(secretKeyB_bytes).digest()[:16]
pt = AES_CBC.AES_CBCdecrypt(ct, AESkeyB, IV_A)
if PKCS7.PKCS7validate(pt, 16):
pt = PKCS7.PKCS7unpad(pt)
else:
raise Exception('Something is wrong')
IV_B = helpers.getRandBytes(16)
ct_BtoA = AES_CBC.AES_CBCencrypt(PKCS7.PKCS7(pt, 16), AESkeyB, IV_B)
messageA2 = AES_CBC.AES_CBCdecrypt(ct_BtoA, AESkeyA, IV_B)
if PKCS7.PKCS7validate(messageA2, 16):
messageA2 = PKCS7.PKCS7unpad(messageA2)
else:
raise Exception('Something is wrong')
if messageA == messageA2:
print('Connection established')
else:
print('No connection')
AESkeyM = hashlib.sha1(bytes.fromhex('00')).digest()[:16]
messageA = 'Message 1'
messageA = bytes(messageA.encode('latin1'))
IV_A = helpers.getRandBytes(16)
ct = AES_CBC.AES_CBCencrypt(PKCS7.PKCS7(messageA, 16), AESkeyA, IV_A)
print('A:', messageA)
messageM = AES_CBC.AES_CBCdecrypt(ct, AESkeyM, IV_A)
if PKCS7.PKCS7validate(messageM, 16):
messageM = PKCS7.PKCS7unpad(messageM)
print('M:', messageM)
else:
raise Exception('Something is wrong')
messageB = AES_CBC.AES_CBCdecrypt(ct, AESkeyB, IV_A)
if PKCS7.PKCS7validate(messageB, 16):
messageB = PKCS7.PKCS7unpad(messageB)
print('B:', messageB)
else:
raise Exception('Something is wrong')