def Handshake(password, reader, writer): myPrivateKey = Private() myNonce = os.urandom(32) WriteBin(writer, myPrivateKey.get_public().serialize()) WriteBin(writer, myNonce) theirPublicKey = ReadBin(reader) theirNonce = ReadBin(reader) if myNonce == theirNonce: return None if theirPublicKey in (b'\x00' * 32, b'\x01' + (b'\x00' * 31)): return None theirPublicKey = Public(theirPublicKey) sharedKey = myPrivateKey.get_shared_key(theirPublicKey) myProof = ComputeProof(sharedKey, theirNonce + password) WriteBin(writer, myProof) theirProof = ReadBin(reader) if not VerifyProof(sharedKey, myNonce + password, theirProof): return None return sharedKey
def test_hashfunc(self): priv1 = Private(seed=b"abc") priv2 = Private(seed=b"def") shared_sha256 = priv1.get_shared_key(priv2.get_public()) e = b"da959ffe77ebeb4757fe5ba310e28ede425ae0d0ff5ec9c884e2d08f311cf5e5" self.assertEqual(hexlify(shared_sha256), e) # confirm the hash function remains what we think it is def myhash(shared_key): return sha256(b"curve25519-shared:"+shared_key).digest() shared_myhash = priv1.get_shared_key(priv2.get_public(), myhash) self.assertEqual(hexlify(shared_myhash), e) def hexhash(shared_key): return sha1(shared_key).hexdigest().encode() shared_hexhash = priv1.get_shared_key(priv2.get_public(), hexhash) self.assertEqual(shared_hexhash, b"80eec98222c8edc4324fb9477a3c775ce7c6c93a")
def test_basic(self): secret1 = b"abcdefghijklmnopqrstuvwxyz123456" self.assertEqual(len(secret1), 32) secret2 = b"654321zyxwvutsrqponmlkjihgfedcba" self.assertEqual(len(secret2), 32) priv1 = Private(secret=secret1) pub1 = priv1.get_public() priv2 = Private(secret=secret2) pub2 = priv2.get_public() shared12 = priv1.get_shared_key(pub2) e = b"b0818125eab42a8ac1af5e8b9b9c15ed2605c2bbe9675de89e5e6e7f442b9598" self.assertEqual(hexlify(shared12), e) shared21 = priv2.get_shared_key(pub1) self.assertEqual(shared12, shared21) pub2a = Public(pub2.serialize()) shared12a = priv1.get_shared_key(pub2a) self.assertEqual(hexlify(shared12a), e)
def test_hashfunc(self): priv1 = Private(seed=b"abc") priv2 = Private(seed=b"def") shared_sha256 = priv1.get_shared_key(priv2.get_public()) e = b"da959ffe77ebeb4757fe5ba310e28ede425ae0d0ff5ec9c884e2d08f311cf5e5" self.assertEqual(hexlify(shared_sha256), e) # confirm the hash function remains what we think it is def myhash(shared_key): return sha256(b"curve25519-shared:" + shared_key).digest() shared_myhash = priv1.get_shared_key(priv2.get_public(), myhash) self.assertEqual(hexlify(shared_myhash), e) def hexhash(shared_key): return sha1(shared_key).hexdigest().encode() shared_hexhash = priv1.get_shared_key(priv2.get_public(), hexhash) self.assertEqual(shared_hexhash, b"80eec98222c8edc4324fb9477a3c775ce7c6c93a")
return "%d" % s if s >= 1.0: return "%.2fs" % s if s >= 0.01: return "%dms" % (1000*s) if s >= 0.001: return "%.1fms" % (1000*s) if s >= 0.000001: return "%.1fus" % (1000000*s) return "%dns" % (1000000000*s) def nohash(key): return key for i in range(count): p = Private() start = time() pub = p.get_public() elapsed_get_public += time() - start pub2 = Private().get_public() start = time() shared = p.get_shared_key(pub2) #, hashfunc=nohash) elapsed_get_shared += time() - start print("get_public: %s" % abbreviate_time(elapsed_get_public / count)) print("get_shared: %s" % abbreviate_time(elapsed_get_shared / count)) # these take about 560us-570us each (with the default compiler settings, -Os) # on my laptop, same with -O2 # of which the python overhead is about 5us # and the get_shared_key() hash step adds about 5us
#!/usr/bin/env python3 from curve25519 import Private, Public from binascii import hexlify keys = set() for i in range(30): myPrivate = Private() val = int.to_bytes( 325606250916557431795983626356110631294008115727848805560023387167927233504, 32, 'little') theirPublic = Public(val) shared = myPrivate.get_shared_key(theirPublic) print(hexlify(shared)) keys.add(shared) print("[~] Num of different keys: {}".format(len(keys)))
import sys import os from curve25519 import Private, Public import nacl.secret import hmac import hashlib from pwn import * context.log_level = 'debug' sk = Private() mypk = b'\xed\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x7f' pk = Public(mypk) myshare = sk.get_shared_key(pk) def getmac(myn): c = remote('mitm.ctfcompetition.com', 1337) c.sendline('c') pk = c.recvline() n0 = c.recvline() c.sendline(hexlify(mypk)) c.sendline(myn) mac = c.recvline() c.close() return mac '''