import sys
import re
import bitpy as bp
from collections import Counter
to_be_analized = sys.argv[1]
system = bp.get_string(to_be_analized)
if '=' in system:
eoc = 'equations'
else:
eoc = 'clauses'
if ('+' in system) or ('*' in system):
boa = 'algebraic'
else:
boa = 'boolean'
system = bp.xor_in_standard_syntax(system)
print('\n*** System of ' + boa + ' ' + eoc + ' ***\n')
n_of_lines = str(len(system.split('\n')))
print('Number of lines: ' + n_of_lines + '\n')
if boa == 'algebraic':
op_dict = dict(Counter(re.findall(r'[+*]', system)))
for op in op_dict:
print(op + ': ' + str(op_dict[op]))
elif boa == 'boolean':
op_dict = dict(Counter(re.findall(r'[&|~\^]', system)))
for op in op_dict:
print(op + ': ' + str(op_dict[op]))
import sys
import bitpy as bp
# r = desired round
r = sys.argv[1]
system = bp.get_string('structures/gf2/sha_1_separated.txt')
equations = system.split('\n')
last = list(filter(lambda x: x[0:7] == 'T00' + r + '31', equations))[0]
equations = equations[0:equations.index(last) + 1]
xors = list(filter(lambda x: '+' in x, equations))
ands = list(filter(lambda x: '*' in x, equations))
bp.store_string('structures/gf2/sha_1_' + r + '.txt', '\n'.join(ands + xors))
import sys
import re
import bitpy as bp
wl = int(sys.argv[1])
n = int(sys.argv[2])
systems = [''] * n
systems[0] = bp.get_string('./structures/sha_1.txt')
system = bp.get_string('./structures/sha_1_handy.txt')
for i in range(1, n):
systems[i] = system.replace('H_', 'Z' + bp.fi(i - 1))
systems[i] = systems[i].replace('_', bp.fi(i))
sha_1 = '\n'.join(systems)
bp.store_string('./structures/sha_1_' + str(n) + '_blocks.txt', sha_1)
H = bp.get_words('H.txt')
for i in range(len(H)):
for j in range(wl):
sha_1 = sha_1.replace(bp.bit('H' + bp.fi(0) + bp.fi(i), j),\
str(bool(H[i] >> j & 1)))
test_check = input('Do you want to test it? [y/n] ')
if test_check == 'y':
low = 56 + (n - 2) * 64
high = 119 + (n - 2) * 64
string = input('Type a string (escapes not allowed) with a x number of ' +\
'chars such that ' + str(low) + ' ≤ x ≤ ' + str(high) + '.\n')
W = bp.words_from_string(32, string)
for i in range(n):
for j in range(16):
import sys
import bitpy as bp
wl = int(sys.argv[1])
system = bp.get_string('./structures/sha_1.txt')
system = bp.simplify_across(system)
bp.store_string('./structures/sha_1_no_assignments.txt', system)
H = bp.get_words('H.txt')
for i in range(len(H)):
for j in range(wl):
system = system.replace(bp.bit('H' + bp.fi(0) + bp.fi(i), j),\
str(bool(H[i] >> j & 1)).lower())
system = bp.simplify_across(system)
bp.store_string('./structures/sha_1_first_block.txt', system)
W = bp.words_from_string(wl, "Chiara")
system = bp.xor_in_standard_syntax(system)
system = bp.not_in_python_syntax(system)
for i in range(len(W)):
for j in range(wl):
system = system.replace(bp.bit('W' + bp.fi(0) + bp.fi(i), j),\
str(bool(W[i] >> j & 1)))
exec(system)
''' This module takes SHA-1 system and create two files containing the
CNF form. The first (sha_1_total_cnf.txt) contains the ordinary CNF
form, the second (sha_1_cnf.txt) contains the version for speed up
about xor clauses in CryptoMiniSat.
PAY ATTENTION
It could take long time to return.
'''
import sys
import bitpy as bp
preserve_xor = sys.argv[1]
system_file = sys.argv[2]
system = bp.get_string(system_file)
## total
cnf_form = bp.to_total_cnf(system)
bp.store_string('./structures/sha_1_total_cnf.txt', cnf_form)
## preserving xors
if preserve_xor:
cnf_form = bp.to_cnf(system)
bp.store_string('./structures/sha_1_cnf.txt', cnf_form)
add_2 = addition.replace('x', 'C80')
add_2 = add_2.replace('y', 'H02')
add_2 = add_2.replace('c', 'h02')
add_2 = add_2.replace('z', 'Z02')
add_3 = addition.replace('x', 'D80')
add_3 = add_3.replace('y', 'H03')
add_3 = add_3.replace('c', 'h03')
add_3 = add_3.replace('z', 'Z03')
add_4 = addition.replace('x', 'E80')
add_4 = add_4.replace('y', 'H04')
add_4 = add_4.replace('c', 'h04')
add_4 = add_4.replace('z', 'Z04')
return "\n".join((add_0, add_1, add_2, add_3, add_4))
f0 = bp.get_string('./models/cnf/f0.txt')
f1 = bp.get_string('./models/cnf/f1.txt')
f2 = bp.get_string('./models/cnf/f2.txt')
expansion = bp.get_string('./models/cnf/expansion.txt')
addition = bp.get_string('./models/cnf/addition1.txt')
addition_K0 = bp.get_string('./models/cnf/addition1_K0.txt')
addition_K1 = bp.get_string('./models/cnf/addition1_K1.txt')
addition_K2 = bp.get_string('./models/cnf/addition1_K2.txt')
addition_K3 = bp.get_string('./models/cnf/addition1_K3.txt')
reassignments = bp.get_string('./structures/relabels.txt')
wl = int(sys.argv[1])
rotation_A = int(sys.argv[2])
rounds = int(sys.argv[3])
system = []
import sys
import bitpy as bp
addition_depth = int(sys.argv[1])
addition_K_depth = int(sys.argv[2])
## functions F to cnf
for i in range(3):
model = bp.get_string('./models/equations/f' + str(i) + '.txt')
cnf = bp.to_total_cnf(model)
bp.store_string('./models/cnf/f' + str(i) + '.txt', cnf)
## expansion to cnf
model = bp.get_string('./models/equations/expansion.txt')
cnf = bp.to_total_cnf(model)
bp.store_string('./models/cnf/expansion.txt', cnf)
## addition to cnf
if addition_depth != 0:
model = bp.get_string('./models/equations/addition' + str(addition_depth) + '.txt')
cnf = bp.to_total_cnf(model)
bp.store_string('./models/cnf/addition' + str(addition_depth) + '.txt', cnf)
## addition with K to cnf
if addition_K_depth != 0:
for i in range(4):
model = bp.get_string('./models/equations/addition' + str(addition_K_depth) + '_K' + str(i) + '.txt')
def simplify_sumalg(wl, addition, depth):
steps = addition.split('\n')
for i in range(wl - 1):
if i not in range(depth, wl - 1, depth + 1):
sides = steps[i].split('=')
for j in range(2 * wl - 1):
steps[j] = steps[j].replace(sides[0], '(' + sides[1] + ')')
addition = list(filter(lambda x: x[3] == '=', steps[1:]))
return '\n'.join(addition)
wl = int(sys.argv[1])
depth = int(sys.argv[2])
K_depth = int(sys.argv[3])
addition = bp.get_string('models/equations/addition.txt')
addition_K0 = bp.get_string('models/equations/addition_K0.txt')
addition_K1 = bp.get_string('models/equations/addition_K1.txt')
addition_K2 = bp.get_string('models/equations/addition_K2.txt')
addition_K3 = bp.get_string('models/equations/addition_K3.txt')
new_addition = simplify_sumalg(wl, addition, depth)
new_addition_K0 = simplify_sumalg(wl, addition_K0, K_depth)
new_addition_K1 = simplify_sumalg(wl, addition_K1, K_depth)
new_addition_K2 = simplify_sumalg(wl, addition_K2, K_depth)
new_addition_K3 = simplify_sumalg(wl, addition_K3, K_depth)
bp.store_string('models/equations/addition' + str(depth) + '.txt',
new_addition)
bp.store_string('models/equations/addition' + str(K_depth) + '_K0.txt',
new_addition_K0)
import sys
import re
import bitpy as bp
system_path = sys.argv[1]
system = bp.get_string(system_path)
system = system.replace('*', '&')
system = system.replace('+', '^')
string = sys.argv[2]
W = bp.words_from_string(32, string)
for i in range(len(W)):
for j in range(32):
system = system.replace(bp.bit('W' + bp.fi(0) + bp.fi(i), j),\
str(bool(W[i] >> j & 1)))
exec(system)
digest = 0
for j in range(32):
digest ^= eval(bp.bit('Z' + bp.fi(0) + bp.fi(0), j)) << j + 128
digest ^= eval(bp.bit('Z' + bp.fi(0) + bp.fi(1), j)) << j + 96
digest ^= eval(bp.bit('Z' + bp.fi(0) + bp.fi(2), j)) << j + 64
digest ^= eval(bp.bit('Z' + bp.fi(0) + bp.fi(3), j)) << j + 32
digest ^= eval(bp.bit('Z' + bp.fi(0) + bp.fi(4), j)) << j
print(f'{digest:040x}')
import sys
import re
import bitpy as bp
wl = int(sys.argv[1])
round_to_attack = int(sys.argv[2])
file_id = sys.argv[3]
preimage_length = int(sys.argv[4])
cnf = sys.argv[5]
system = bp.get_string(cnf)
clauses = system.split('\n')
last_carry = 'g' + bp.fi(0) + bp.fi(round_to_attack - 1) + bp.fi(wl - 2)
last_clause = list(filter(lambda x: last_carry in x, clauses))[-1]
system = '\n'.join(clauses[0:clauses.index(last_clause) + 1])
states = bp.get_words('./maps/states_' + file_id + '.txt')
for i in range(5):
states[i] = states[round_to_attack - 4 + i] >> (wl * 4)
for i in range(5):
for j in range(wl):
system = system.replace(\
bp.bit('T' + bp.fi(0) + bp.fi(round_to_attack - 5 + i), j),\
str(bool(states[i] >> j & 1)).lower())
fixed, system = bp.fix_bits(wl, system, preimage_length)
system = bp.cnf_simplify_across(system)
system = system.replace('~', '-')
system = system.replace('|', ' ')
system = system.replace('Xor(', 'x')
import sys
import bitpy as bp
def sum_to_xor(expr):
variables = expr.split('+')
if variables[-1] == '1':
variables = variables[:-1]
variables[-1] = '~' + variables[-1]
variables = ','.join(variables)
return variables.join(('Xor(', ')'))
to_translate = sys.argv[1]
translated = sys.argv[2]
system = bp.get_string(to_translate)
system = system.replace('*', '&')
equations = system.split('\n')
for i in range(len(equations)):
if '+' in equations[i]:
equations[i] = equations[i][:8] + sum_to_xor(equations[i][8:])
system = '\n'.join(equations)
xor_ext_form = bp.to_cnf(system)
bp.store_string(translated, xor_ext_form)
import sys
import bitpy as bp
wl = int(sys.argv[1])
file_id = sys.argv[2]
sol_lines = bp.get_string('./temp/preimage_' + file_id + '.txt').split('\n')
sol_lines = list(filter(lambda x: x[0] == 'v', sol_lines[:-1]))
sol_lines = [x[2:] for x in sol_lines]
sol_lines[-1] = sol_lines[-1][0:-2]
sol_bits = ' '.join(sol_lines)
sol_bits = sol_bits.replace(' ', ' ')
sol_bits = sol_bits.split()
var_lines = bp.get_string('./temp/variables_' + file_id + '.txt').split('\n')
fin_dict = {}
for i in range(len(sol_bits)):
if var_lines[i][0] == 'W':
fin_dict[var_lines[i]] = sol_bits[i]
var_lines = bp.get_string('./temp/fixed_' + file_id + '.txt').split('\n')
for i in range(len(var_lines)):
if var_lines[i][0] == '0':
fin_dict[var_lines[i][1:]] = '-1'
else:
fin_dict[var_lines[i][1:]] = '1'
preimage = ''
for i in range(wl * 16):
if fin_dict[bp.bit('W' + bp.fi(0) + bp.fi(i // wl),\
(wl - 1) - i % wl)][0] == '-':
add_2 = addition.replace('x', 'C80')
add_2 = add_2.replace('y', 'H02')
add_2 = add_2.replace('c', 'h02')
add_2 = add_2.replace('z', 'Z02')
add_3 = addition.replace('x', 'D80')
add_3 = add_3.replace('y', 'H03')
add_3 = add_3.replace('c', 'h03')
add_3 = add_3.replace('z', 'Z03')
add_4 = addition.replace('x', 'E80')
add_4 = add_4.replace('y', 'H04')
add_4 = add_4.replace('c', 'h04')
add_4 = add_4.replace('z', 'Z04')
return "\n".join((add_0, add_1, add_2, add_3, add_4))
f0 = bp.get_string('./models/equations/f0.txt')
f1 = bp.get_string('./models/equations/f1.txt')
f2 = bp.get_string('./models/equations/f2.txt')
expansion = bp.get_string('./models/equations/expansion.txt')
addition = bp.get_string('./models/equations/addition.txt')
addition_K0 = bp.get_string('./models/equations/addition_K0.txt')
addition_K1 = bp.get_string('./models/equations/addition_K1.txt')
addition_K2 = bp.get_string('./models/equations/addition_K2.txt')
addition_K3 = bp.get_string('./models/equations/addition_K3.txt')
relabel = bp.get_string('./models/equations/state_relabel.txt')
wl = int(sys.argv[1])
rotation_A = int(sys.argv[2])
rounds = int(sys.argv[3])
system = [initial_relabel(wl)]
