except myrand.NoTimeSeed:
return False
else:
return s
urls = [url,
'?token=7d8bb0e5fbfc417aa7f9132a11182d82',
'token=f4c7765d7af043ae9ffa16d89357663f',
'token=dada53bc868a0308bf93',
'token=2364db032587e3473342',
'token=dbad1e77cbc961a31448']
times = [int(time()),
int(mktime(strptime('Thu Jul 30 20:20:00 2015'))),
int(mktime(strptime('Thu Apr 2 19:17:00 2015'))),
int(mktime(strptime('Mon Feb 23 19:06:00 2015'))),
int(mktime(strptime('Mon Feb 19 13:08:00 2015'))),
int(mktime(strptime('Mon Feb 9 08:27:00 2015')))]
for i in range(len(urls)):
ts = url_is_time_seeded(urls[i], times[i])
if ts:
print "Seed", ts, "found, meaning", ctime(ts)
else:
print "Not time seeded"
#### tests, if any ####
assert decipher == plaintext
assert winning_decrypt == plaintext
warn("Passed assertions:", __file__)
#!/usr/bin/env python
# chal25.py - Break random access read/write CTR
#
# Copyright (C) 2015 Andrew J. Zimolzak <*****@*****.**>,
# and licensed under GNU GPL version 3. Full notice is found in
# the file 'LICENSE' in the same directory as this file.
from cryptopals import warn, xor_str
from fakeserver import ctr_ciphertext, edit_public, ctr_cheat
# test editing
edited = edit_public(ctr_ciphertext, 4, 'COOL')
lines = ctr_cheat(edited).splitlines()[0:4]
# use editing to get keystream & thus plaintext
keystream = edit_public(ctr_ciphertext, 0, "\x00" * len(ctr_ciphertext))
print xor_str(keystream, ctr_ciphertext)
#### tests, if any ####
assert lines[0] == "I'm COOL and I'm ringin' the bell "
warn("Passed assertions:", __file__)
# After finding the first 16 bytes of keystream, I easily deduced the
# full text from Google. Now I can deduce the whole keystream from the
# longest line, and then decrypt as follows:
line00 = "I have met them at close of day"
line04 = "I have passed with a nod of the head"
line37 = "He, too, has been changed in his turn,"
print "guesses:"
print[xor_str(ciphertexts[0][0:len(line00)], line00)]
print[xor_str(ciphertexts[4][0:len(line04)], line04)]
print[xor_str(ciphertexts[37][0:len(line37)], line37)]
keystream = xor_str(ciphertexts[37][0:len(line37)], line37)
plaintexts = [""] * len(ciphertexts)
for i in range(len(ciphertexts)):
for j in range(len(ciphertexts[i])):
plaintexts[i] = plaintexts[i] + xor_str(ciphertexts[i][j],
keystream[j])
print '\n'.join(plaintexts)
#### tests ####
assert plaintexts[1] == "Coming with vivid faces"
assert len(ciphertexts) == 40
warn("Passed assertions (" + __file__ + ")")
longstring = ''.join(map(hexord, profile[0]))
word = ""
for i in range(len(longstring)):
word += longstring[i]
if i % 8 == 7:
print word,
word = ''
print
#### tests, CTR ####
assert len(ctr_nonce) == 8
assert len(ctr_ciphertext) == len(plain)
assert plain.splitlines()[9] == "To just let it flow, let my concepts go "
cryptopals.warn("Passed assertions:", __file__)
#### tests ####
_plaintext = "YELLOW SUB"
_key = open('unknown_key.txt', 'r').read().splitlines()[0]
_plaintext = pad_multiple(_plaintext, AES.block_size)
_iv = Random.new().read(AES.block_size)
_cipher = AES.new(_key, AES.MODE_CBC, _iv)
_ciphertext = _cipher.encrypt(_plaintext)
assert (padding_is_valid(_ciphertext, _iv))
_plaintext = "YELLOW SUBMAR\x04\x04\x04"
_key = open('unknown_key.txt', 'r').read().splitlines()[0]
# Note that we skip the padding in order to give this _plaintext bad padding.
#!/usr/bin/env python
# chal18.py - Implement CTR
#
# Copyright (C) 2015 Andrew J. Zimolzak <*****@*****.**>,
# and licensed under GNU GPL version 3. Full notice is found in
# the file 'LICENSE' in the same directory as this file.
import base64
from cryptopals import warn, ctr
ciphertext = base64.b64decode(
"L77na/nrFsKvynd6HzOoG7GHTLXsTVu9qvY/2syLXzhPweyyMTJULu/6/kXX0KSvoOLSFQ==")
key = "YELLOW SUBMARINE"
nonce = "\x00\x00\x00\x00\x00\x00\x00\x00" # 8 byte nonce
plaintext = ctr(ciphertext, key, nonce, "little")
print plaintext
#### tests ####
assert plaintext[-5:] == "baby "
warn("Passed assertions (" + __file__ + ")")
y = y ^ ((y << s) & b)
y = y ^ ((y << t) & c)
y = y ^ (y >> l) # lowercase L, not numeral 1
self.index += 1
return low_word(y)
def twist(self):
for i in range(n):
x = (self.mt[i] & upper_mask) + (self.mt[(i + 1) % n] & lower_mask)
xa = x >> 1
if (x % 2) != 0:
xa = xa ^ a
self.mt[i] = self.mt[(i+m) % n] ^ xa # store new into MT[]
self.index = 0
class NoTimeSeed(Exception):
def __init__(self, value):
self.value = value
def __str__(self):
return "Number may be from RNG not seeded with time" + repr(self.value)
def find_time_seed(target_num, now):
for s in range(now - 60 * 35, now + 60 * 2):
m = MTRNG(s)
if m.extract_number() == target_num:
return s
raise NoTimeSeed(target_num)
#### tests, if any ####
cryptopals.warn("No errors:", __file__)
#!/usr/bin/env python
# chal21.py - Implement MT19937
#
# Copyright (C) 2015 Andrew J. Zimolzak <*****@*****.**>,
# and licensed under GNU GPL version 3. Full notice is found in
# the file 'LICENSE' in the same directory as this file.
from cryptopals import warn
from myrand import MTRNG
r = MTRNG(12436)
print r.extract_number()
print r.extract_number()
print r.extract_number()
print r.extract_number()
print r.extract_number()
print r.extract_number()
print r.extract_number()
print r.extract_number()
#### tests, if any ####
warn("No errors:", __file__)
return low_word(y)
def twist(self):
for i in range(n):
x = (self.mt[i] & upper_mask) + (self.mt[(i + 1) % n] & lower_mask)
xa = x >> 1
if (x % 2) != 0:
xa = xa ^ a
self.mt[i] = self.mt[(i + m) % n] ^ xa # store new into MT[]
self.index = 0
class NoTimeSeed(Exception):
def __init__(self, value):
self.value = value
def __str__(self):
return "Number may be from RNG not seeded with time" + repr(self.value)
def find_time_seed(target_num, now):
for s in range(now - 60 * 35, now + 60 * 2):
m = MTRNG(s)
if m.extract_number() == target_num:
return s
raise NoTimeSeed(target_num)
#### tests, if any ####
cryptopals.warn("No errors:", __file__)
longstring = ''.join(map(hexord, profile[0]))
word = ""
for i in range(len(longstring)):
word += longstring[i]
if i % 8 == 7:
print word,
word = ''
print
#### tests, CTR ####
assert len(ctr_nonce)==8
assert len(ctr_ciphertext) == len(plain)
assert plain.splitlines()[9] == "To just let it flow, let my concepts go "
cryptopals.warn("Passed assertions:", __file__)
#### tests ####
_plaintext = "YELLOW SUB"
_key = open('unknown_key.txt', 'r').read().splitlines()[0]
_plaintext = pad_multiple(_plaintext, AES.block_size)
_iv = Random.new().read(AES.block_size)
_cipher = AES.new(_key, AES.MODE_CBC, _iv)
_ciphertext = _cipher.encrypt(_plaintext)
assert(padding_is_valid(_ciphertext, _iv))
_plaintext = "YELLOW SUBMAR\x04\x04\x04"
_key = open('unknown_key.txt', 'r').read().splitlines()[0]
# Note that we skip the padding in order to give this _plaintext bad padding.
#!/usr/bin/env python
# chal21.py - Implement MT19937
#
# Copyright (C) 2015 Andrew J. Zimolzak <*****@*****.**>,
# and licensed under GNU GPL version 3. Full notice is found in
# the file 'LICENSE' in the same directory as this file.
from cryptopals import warn
from myrand import MTRNG
r = MTRNG(12436)
print r.extract_number()
print r.extract_number()
print r.extract_number()
print r.extract_number()
print r.extract_number()
print r.extract_number()
print r.extract_number()
print r.extract_number()
#### tests, if any ####
warn("No errors:", __file__)
