def cbc_avalanche_effect():
print('---------- CBC ----------')
plaintext = 'From:Lucas\nTo:Pedro\nContent:the CBC mode of encryption is vulnerable to bit flipping'
print('Original plaintext:', plaintext, sep='\n', end='\n\n')
ciphertext = cbc.encrypt(plaintext, KEY)
print('Ciphertext:', ciphertext, end="\n\n")
print('List of bytes of the ciphertext:',
list(ciphertext),
sep='\n',
end="\n\n")
plaintext = cbc.decrypt(ciphertext, KEY)
print('Decrypted ciphertext:', plaintext, sep='\n', end="\n\n")
plaintext = 'From:Lucas\nTo:Pedro\nContent:the CBC mode of encription is vulnerable to bit flipping'
print('Modified plaintext:', plaintext, sep='\n', end='\n\n')
ciphertext = cbc.encrypt(plaintext, KEY)
print('Ciphertext:', ciphertext, end="\n\n")
print('List of bytes of the ciphertext:',
list(ciphertext),
sep='\n',
end="\n\n")
plaintext = cbc.decrypt(ciphertext, KEY)
print('Decrypted ciphertext:', plaintext, sep='\n', end="\n\n")
def cbc_bitflipping():
print('---------- CBC ----------')
plaintext = 'From:Lucas\nTo:Pedro\nContent:the CBC mode of encryption is vulnerable to bit flipping'
print('Original plaintext:', plaintext, sep='\n', end='\n\n')
ciphertext = cbc.encrypt(plaintext, KEY)
##### modifying the IV to bitflip the first block #####
iv = bytearray(ciphertext[:common.IV_SIZE])
iv[5:] = common.xor(iv[5:], common.xor(b'Lucas', b'Mario'))
ciphertext = bytes(iv) + ciphertext[common.IV_SIZE:]
#######################################################
print('Bitflipping Lucas to Mario...')
plaintext = cbc.decrypt(ciphertext, KEY)
print('Decrypted ciphertext:', plaintext, sep='\n', end="\n\n")
##### modifying the second block #####
block = bytearray(ciphertext[common.BLOCK_SIZE:common.BLOCK_SIZE * 2])
block[4:9] = common.xor(block[4:9], common.xor(b'Pedro', b'Mario'))
ciphertext = ciphertext[:common.BLOCK_SIZE] + block + ciphertext[
common.BLOCK_SIZE * 2:]
######################################
print('Bitflipping Pedro to Mario...')
plaintext = cbc.decrypt(ciphertext, KEY)
print('Decrypted ciphertext:', plaintext, end="\n\n")
def oracle(ciphertext): try: cbc.decrypt(random_key, ciphertext) print "Good padding" return True except pad.PaddingError, e: print "Bad padding" return False
def main():
random.seed(time.time())
# regular communication
message = "This is a secret message".decode("base64")
alice = DiffieHellman(NIST_GENERATOR, NIST_PRIME)
bob = DiffieHellman(NIST_GENERATOR, NIST_PRIME)
bob.get_response(alice.make_secret())
alice.get_response(bob.make_secret())
print "Alice's key:"
print "%r" % (alice.session_key(),)
print "Bob's key:"
print "%r" % (bob.session_key(),)
assert bob.session_key() == alice.session_key()
bob_iv = os.urandom(16)
alice_iv = os.urandom(16)
alice_message = alice_iv + cbc.encrypt(alice.session_key()[:16], message, IV = alice_iv)
bob_message = bob_iv + cbc.encrypt(bob.session_key()[:16], cbc.decrypt(bob.session_key()[:16], alice_message)[16:], IV = bob_iv)
# mitm'd
message = "Tm8gb25lIGNhbiByZWFkIHRoaXM=".decode("base64")
alice = DiffieHellman(NIST_GENERATOR, NIST_PRIME)
bob = DiffieHellman(NIST_GENERATOR, NIST_PRIME)
mitm = DiffieHellman(NIST_GENERATOR, NIST_PRIME)
alice.make_secret()
bob.make_secret()
bob.get_response(NIST_PRIME)
alice.get_response(NIST_PRIME)
assert bob.session_key() == alice.session_key()
real_key = bob.session_key()
alice_message = alice_iv + cbc.encrypt(alice.session_key()[:16], message, IV = alice_iv)
relayed_msg = alice_message
bob_message = bob_iv + cbc.encrypt(bob.session_key()[:16], cbc.decrypt(bob.session_key()[:16], relayed_msg)[16:], IV = bob_iv)
injected_key = sha1.sha1(hex(0).strip("0xL")).hexdigest().decode("hex")
print "Alice and Bob's secret message:"
print "%r" % (cbc.decrypt(injected_key[:16], relayed_msg)[16:],)
def messageReceivingService(self):
while True:
received = self.receiveData()
print "[Incoming] received raw message: " + received
# special message for exchanging Diffie Hellman keys
if(received[0] == MSG_TYPE_DH):
partial_session_key_received = int(received[1:])
if(self.mode == 'client'):
partial_session_key_generated = self.dh.partialSessionKeyGen()[0]
self.socket.sendall(MSG_TYPE_DH + str(partial_session_key_generated) + TERMINATORS)
self.total_session_key = self.dh.computeTotalSessionKey(partial_session_key_received)
self.key_estabilshment_inprogress = False
# regular messages sent by user
else:
received = received[1:]
# HMAC is first 16 bytes (32 hex digits)
receivedHmac = received[:32]
ciphertext = received[32:]
print "[Incoming] hmac received: "+ receivedHmac
print "[Incoming] ciphertext received: " + ciphertext
plaintext = CBC.decrypt(self.cipher, ciphertext)
print "[Incoming] plaintext decrypted: " + plaintext
self.console.text = self.console.text + "\nReceived: " + plaintext
generatedHmac = hmac_gen.genHmac(self.shared_secret_hash, plaintext)
print "[Incoming] hmac to compare with: " + generatedHmac
if(receivedHmac != generatedHmac):
print "ERROR: Message integrity compromised!"
def messageReceivingService(self):
while True:
received = self.receiveData()
print "[Incoming] received raw message: " + received
# special message for exchanging Diffie Hellman keys
if (received[0] == MSG_TYPE_DH):
partial_session_key_received = int(received[1:])
if (self.mode == 'client'):
partial_session_key_generated = self.dh.partialSessionKeyGen(
)[0]
self.socket.sendall(MSG_TYPE_DH +
str(partial_session_key_generated) +
TERMINATORS)
self.total_session_key = self.dh.computeTotalSessionKey(
partial_session_key_received)
self.key_estabilshment_inprogress = False
# regular messages sent by user
else:
received = received[1:]
# HMAC is first 16 bytes (32 hex digits)
receivedHmac = received[:32]
ciphertext = received[32:]
print "[Incoming] hmac received: " + receivedHmac
print "[Incoming] ciphertext received: " + ciphertext
plaintext = CBC.decrypt(self.cipher, ciphertext)
print "[Incoming] plaintext decrypted: " + plaintext
self.console.text = self.console.text + "\nReceived: " + plaintext
generatedHmac = hmac_gen.genHmac(self.shared_secret_hash,
plaintext)
print "[Incoming] hmac to compare with: " + generatedHmac
if (receivedHmac != generatedHmac):
print "ERROR: Message integrity compromised!"
def test(self): cipherText = cbc.encrypt(self.encryptCipher, self.message) print cipherText plainText = cbc.decrypt(self.decryptCipher, cipherText) print plainText self.assertEqual(plainText, self.message)
import cbc
inp = "Yellow Submarine is cool"
key = ("YELLOW SUBMARINE").encode('UTF-8')
iv = bytes(16)
ip = inp.encode('UTF-8')
a = cbc.encrypt(ip, key, iv)
print(a)
b = cbc.decrypt(a, key, iv)
print(b)
from Crypto.Cipher import AES
import base64
import cbc
f1 = open("gistfile10.txt", "r")
bigstring=bytes()
for line in f1:
line = base64.b64decode(line.rstrip('\n'))
#line = line.decode('UTF-8')
bigstring += line
f1.close()
key = ("YELLOW SUBMARINE").encode('UTF-8')
iv = bytes(16)
#print (bigstring)
ans = cbc.decrypt(bigstring, key, iv)
print (ans.decode('UTF-8'))
def test(self):
cipherText = cbc.encrypt(self.encryptCipher, self.message)
print cipherText
plainText = cbc.decrypt(self.decryptCipher, cipherText)
print plainText
self.assertEqual(plainText, self.message)
import cbc
inp = "Yellow Submarine is cool"
key= ("YELLOW SUBMARINE").encode('UTF-8')
iv = bytes(16)
ip = inp.encode('UTF-8')
a = cbc.encrypt(ip, key, iv)
print (a)
b = cbc.decrypt(a, key, iv)
print (b)
def main():
random.seed(time.time())
# regular communication
message = "This is a secret message".decode("base64")
alice = DiffieHellman(NIST_GENERATOR, NIST_PRIME)
bob = DiffieHellman(NIST_GENERATOR, NIST_PRIME)
bob.get_response(alice.make_secret())
alice.get_response(bob.make_secret())
assert bob.session_key() == alice.session_key()
# g = 1
# 1^x = 1 mod p for any x
message = "ZyA9IDEgc3V4=".decode("base64")
alice = DiffieHellman(1, NIST_PRIME)
bob = DiffieHellman(1, NIST_PRIME)
bob.get_response(alice.make_secret())
alice.get_response(bob.make_secret())
assert bob.session_key() == alice.session_key()
real_key = bob.session_key()
bob_iv = os.urandom(16)
alice_iv = os.urandom(16)
alice_message = alice_iv + cbc.encrypt(alice.session_key()[:16], message, IV = alice_iv)
relayed_msg = alice_message
bob_message = bob_iv + cbc.encrypt(bob.session_key()[:16], cbc.decrypt(bob.session_key()[:16], relayed_msg)[16:], IV = bob_iv)
injected_key = sha1.sha1(hex(1).strip("0xL")).hexdigest().decode("hex")
print "g = 1:"
print "Alice and Bob's secret message:"
print "%r" % (cbc.decrypt(injected_key[:16], relayed_msg)[16:],)
# g = p
# p^x = 0 mod p for any x
message = "ZyA9IHAgaXMgdXNlbGVzcw==".decode("base64")
alice = DiffieHellman(NIST_PRIME, NIST_PRIME)
bob = DiffieHellman(NIST_PRIME, NIST_PRIME)
bob.get_response(alice.make_secret())
alice.get_response(bob.make_secret())
assert bob.session_key() == alice.session_key()
real_key = bob.session_key()
bob_iv = os.urandom(16)
alice_iv = os.urandom(16)
alice_message = alice_iv + cbc.encrypt(alice.session_key()[:16], message, IV = alice_iv)
relayed_msg = alice_message
bob_message = bob_iv + cbc.encrypt(bob.session_key()[:16], cbc.decrypt(bob.session_key()[:16], relayed_msg)[16:], IV = bob_iv)
injected_key = sha1.sha1(hex(0).strip("0xL")).hexdigest().decode("hex")
print "g = p:"
print "Alice and Bob's secret message:"
print "%r" % (cbc.decrypt(injected_key[:16], relayed_msg)[16:],)
# g = p - 1
# If the exponent is even the result will be 1, if odd, it will be (p-1)
# for that reason, in any combination of results, the final session key will always be either 1 or p-1 (only if both a & b turned out odd thus g^a == g^b == p-1 == g^ab)
message = "ZXZlbiBvciBvZGQ/".decode("base64")
alice = DiffieHellman(NIST_PRIME-1 , NIST_PRIME)
bob = DiffieHellman(NIST_PRIME-1, NIST_PRIME)
alice_secret = alice.make_secret()
bob_secret = bob.make_secret()
bob.get_response(alice_secret)
alice.get_response(bob_secret)
assert bob.session_key() == alice.session_key()
real_key = bob.session_key()
bob_iv = os.urandom(16)
alice_iv = os.urandom(16)
alice_message = alice_iv + cbc.encrypt(alice.session_key()[:16], message, IV = alice_iv)
relayed_msg = alice_message
bob_message = bob_iv + cbc.encrypt(bob.session_key()[:16], cbc.decrypt(bob.session_key()[:16], relayed_msg)[16:], IV = bob_iv)
if (alice_secret + bob_secret == 2*(NIST_PRIME-1)):
# 25% chance of the session key being p-1
injected_key = sha1.sha1(hex(NIST_PRIME-1).strip("0xL")).hexdigest().decode("hex")
else:
injected_key = sha1.sha1(hex(1).strip("0xL")).hexdigest().decode("hex")
print "g = p-1:"
print "Alice and Bob's secret message:"
print "%r" % (cbc.decrypt(injected_key[:16], relayed_msg)[16:],)
