def __init__(self, PORT): self.client_port, self.server_port = PORT self.serv_secret = random.randint(500, 1500) self.target_server_port = '' sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) self.proto_sock = Protocol(sock) self.proto_sock.start(self.server_port) self.hellman = DiffieHellman()
def __init__(self): super(MainWindow, self).__init__() loadUi(os.getcwd() + '/gui.ui', self) self.constraint_input() self.connect_buttons() self.elgamal = Elgamal() self.rsa = RSA() self.dh = DiffieHellman() self.mode = None self.format = None
def __init__(self, port): self.server_port = '' self.port = port self.client_secret = random.randint(500, 1500) sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) self.read_sock = Protocol(sock) self.read_sock.start(port) self.hellman = DiffieHellman() self.write_sock = Protocol( socket.socket(socket.AF_INET, socket.SOCK_DGRAM)) self.main()
def create_dh() -> DiffieHellman: p = 233970423115425145524320034830162017933 curve = WeierstrassCurve(p, -95051, 11279326) point = (182, 85518893674295321206118380980485522083) point_order = 29246302889428143187362802287225875743 return DiffieHellman(curve, point, point_order)
class DiffieHellmanTest(unittest.TestCase): def setUp(self): # sharedSecret = 17 base = 5 modulo = 23 self.alice = DiffieHellman(modulo, base) self.bob = DiffieHellman(modulo, base) def test(self): aPair = self.alice.partialSessionKeyGen() bPair = self.bob.partialSessionKeyGen() a = self.alice.computeTotalSessionKey(bPair[0]) b = self.bob.computeTotalSessionKey(aPair[0]) self.assertEqual(a,b)
def test_map(): curve = MontgomeryCurve(p, 534, 1) w_curve = WeierstrassCurve(p, -95051, 11279326) point = (4, 85518893674295321206118380980485522083) dh = DiffieHellman(curve, point, point_order=given_point_order) expected = (182, 85518893674295321206118380980485522083) assert m_point_to_w_curve(point) == expected alice_keypair = dh.generate_keypair() alice_public = alice_keypair.public assert curve.is_identity(curve.scalar_mult(alice_public, given_point_order)) assert w_curve.is_identity( w_curve.scalar_mult(m_point_to_w_curve(alice_public), given_point_order))
async def on_ready(): print("-" * 40) print('Started the bot as:', bot.user) print("BOT:", database) users = bot.users for user in users: print(user) df = DiffieHellman() k1 = df.generate_k() database['chats'][str(user.id)] = [] database['users'][str(user.id)] = { 'name': user.name, 'key': df } print("Sending to:", user) u = await bot.fetch_user(user.id) try: await u.send(f'===KEYEXCH===\nvalue:{k1}') except: print("Erorr sending key-exchange to:", user) print("-" * 40)
def __init__(self): DEBUG_POSITION = 'Symbiosis_Bee:Bee:Init:' self.alive = True # Flower Socket self.flower = socket.socket(socket.AF_INET, socket.SOCK_STREAM) # Deflector Socket self.deflector = socket.socket(socket.AF_INET, socket.SOCK_STREAM) # Diffie Hellman self.dh = DiffieHellman() self.exchange = False # Stream self.stream = Stream()
async def on_message(message): #Ignore MSGs if they're not DMs #TODO implement end-to-end group chatting if message.author == bot.user or not isinstance(message.channel, discord.DMChannel): return #database['chats'][str(message.author.id)].append(message.content) if message.content.startswith("===KEYEXCH==="): # Perform a Diffie-Hellman key exchange print(f"Key exchange started with {message.author.name}") k2 = message.content.find("value:") df = DiffieHellman() k1 = df.generate_k() key = df.generate_full_key(k2) database['users'][str(message.author.id)]['key'] = df print("Key with user: "******" is ", database['users'][str(message.author.id)]['key'].key) await message.author.send(f"===KEYACK===\nvalue:{k1}") elif message.content.startswith("===KEYACK==="): value = message.content.find("value:") k2 = message.content[value+6:] df = database['users'][str(message.author.id)]['key'] df.generate_full_key(k2) database['users'][str(message.author.id)]['key'] = df print("Key with user: "******" is ", database['users'][str(message.author.id)]['key'].key) elif message.content.startswith("===MSG==="): # Recieve a message: content = message.content[9:] try: key = database['users'][str(message.author.id)]['key'].key aes = AESCipher( key ) decrypted = aes.decrypt(content) except: print("Error while decrypting message") return print(content) print(decrypted) # 0 - Sent by someone # 1 - Sent by you database['chats'][str(message.author.id)].append( [0, decrypted] )
def get_line(): line = None while line is None: line = conn.recv() return line if len(sys.argv) == 2: # server try: conn.listen(int(sys.argv[1])) except: print "Unable to open port %d" % int(sys.argv[1]) sys.exit() dh = DiffieHellman() p, g, A = dh.generate_public_broadcast() conn.send(str(p)) conn.send(str(g)) conn.send(str(A)) B = int(get_line()) crypto_protocol = CryptoProtocol(dh.get_shared_secret(B)) elif len(sys.argv) == 3: # client try: conn.connect(sys.argv[1], int(sys.argv[2])) except: print "Unable to connect to %s at port %d" % (sys.argv[1], int(sys.argv[2])) sys.exit() p = int(get_line()) g = int(get_line())
class MainWindow(QMainWindow): def __init__(self): super(MainWindow, self).__init__() loadUi(os.getcwd() + '/gui.ui', self) self.constraint_input() self.connect_buttons() self.elgamal = Elgamal() self.rsa = RSA() self.dh = DiffieHellman() self.mode = None self.format = None def constraint_input(self): self.onlyInt = QIntValidator() self.RSA_key_e_value.setValidator(self.onlyInt) self.RSA_key_d_value.setValidator(self.onlyInt) self.RSA_key_n_value.setValidator(self.onlyInt) self.RSA_sess_n_value.setValidator(self.onlyInt) self.RSA_sess_g_value.setValidator(self.onlyInt) self.RSA_sess_x_value.setValidator(self.onlyInt) self.RSA_sess_y_value.setValidator(self.onlyInt) self.EG_key_p_value.setValidator(self.onlyInt) self.EG_key_g_value.setValidator(self.onlyInt) self.EG_key_x_value.setValidator(self.onlyInt) self.EG_key_y_value.setValidator(self.onlyInt) self.EG_sess_n_value.setValidator(self.onlyInt) self.EG_sess_g_value.setValidator(self.onlyInt) self.EG_sess_x_value.setValidator(self.onlyInt) self.EG_sess_y_value.setValidator(self.onlyInt) self.RSA_output_text.setReadOnly(True) self.EG_output_text.setReadOnly(True) def connect_buttons(self): # Main menu buttons self.rsabutton.clicked.connect( lambda: self.stackedWidget.setCurrentIndex(1)) self.egbutton.clicked.connect( lambda: self.stackedWidget.setCurrentIndex(2)) # RSA buttons self.RSA_key_savebutton.clicked.connect(self.rsa_save_key) self.RSA_act_execbutton.clicked.connect(self.rsa_execute) self.RSA_key_genbutton.clicked.connect(self.rsa_generate_key) self.RSA_key_filebutton.clicked.connect(self.rsa_import_key) self.RSA_act_decbutton.clicked.connect(self.set_mode_dec) self.RSA_act_encbutton.clicked.connect(self.set_mode_enc) self.RSA_input_filebutton.clicked.connect(self.rsa_get_input_file) self.RSA_fmt_txtbutton.clicked.connect(self.set_format_txt) self.RSA_fmt_filebutton.clicked.connect(self.set_format_file) self.RSA_returnbutton.clicked.connect( lambda: self.stackedWidget.setCurrentIndex(0)) self.RSA_sess_genbutton.clicked.connect( self.rsa_diffiehellman_generate_key) # Elgamal buttons self.EG_key_savebutton.clicked.connect(self.elgamal_save_key) self.EG_act_execbutton.clicked.connect(self.elgamal_execute) self.EG_key_genbutton.clicked.connect(self.elgamal_generate_key) self.EG_key_filebutton.clicked.connect(self.elgamal_import_key) self.EG_act_decbutton.clicked.connect(self.set_mode_dec) self.EG_act_encbutton.clicked.connect(self.set_mode_enc) self.EG_input_filebutton.clicked.connect(self.elgamal_get_input_file) self.EG_fmt_txtbutton.clicked.connect(self.set_format_txt) self.EG_fmt_filebutton.clicked.connect(self.set_format_file) self.EG_returnbutton.clicked.connect( lambda: self.stackedWidget.setCurrentIndex(0)) self.EG_sess_genbutton.clicked.connect( self.eg_diffiehellman_generate_key) # DIFFIE HELMAN STUFF def rsa_diffiehellman_generate_key(self): self.dh.generate_parameters() n, g, x, y = self.dh.get_parameters() self.RSA_sess_n_value.setText(str(n)) self.RSA_sess_g_value.setText(str(g)) self.RSA_sess_x_value.setText(str(x)) self.RSA_sess_y_value.setText(str(y)) sess_key = self.dh.get_session_key() self.RSA_sess_result.setText(str(sess_key)) def eg_diffiehellman_generate_key(self): self.dh.generate_parameters() n, g, x, y = self.dh.get_parameters() self.EG_sess_n_value.setText(str(n)) self.EG_sess_g_value.setText(str(g)) self.EG_sess_x_value.setText(str(x)) self.EG_sess_y_value.setText(str(y)) sess_key = self.dh.get_session_key() self.EG_sess_result.setText(str(sess_key)) # RSA STUFF def rsa_save_key(self): fileNamePub, _ = QFileDialog.getSaveFileName( None, "Save RSA Public Key", "", "Public Key File (*.pub)") fileNamePri, _ = QFileDialog.getSaveFileName( None, "Save RSA Private Key", "", "Private Key File (*.pri)") # self.rsa.generate_key() self.rsa.save_generated_keys(fileNamePub, fileNamePri) def rsa_set_public_key(self): e = int(self.RSA_key_e_value.text()) n = int(self.RSA_key_n_value.text()) self.rsa.set_public_key(e, n) def rsa_set_private_key(self): d = int(self.RSA_key_d_value.text()) n = int(self.RSA_key_n_value.text()) self.rsa.set_private_key(d, n) def rsa_execute(self): self.rsa_set_public_key() self.rsa_set_private_key() st = time.time() if self.mode == 'enc': if self.format == 'txt': self.rsa.get_input( bytes(self.RSA_input_text.toPlainText(), 'UTF-8', errors='ignore')) self.rsa.encrypt() self.RSA_output_text.setText(self.rsa.get_cipher_text()) # print("RSA get cipher text: ", bytes(self.rsa.get_cipher_text(), 'UTF-8')) elif self.format == 'file': if self.rsa_inpfile == None: self.display_value_error("File belum dipilih") return assert self.rsa_inpfile is not None self.rsa.enc_from_file(self.rsa_inpfile) self.rsa.encrypt() fileName, _ = QFileDialog.getSaveFileName( None, "Save Encrypted File", "", "All Files (*)") print("tes({})".format(fileName)) if fileName == "": return self.rsa.enc_write_file(fileName) # Print file size self.RSA_size_value.setText( str(os.path.getsize(fileName) / 1000)) else: self.display_value_error("Format belum dipilih") return elif self.mode == 'dec': if self.format == 'txt': check = self.RSA_input_text.toPlainText() print("RSA_input toPlainText ", check) print("length of text = {}".format(len(check))) for c in check: print(c, end='') print() self.rsa.get_input( bytes(self.RSA_input_text.toPlainText(), 'UTF-8', errors='ignore')) self.rsa.parse_msg_to_enc() self.rsa.decrypt() self.RSA_output_text.setText(self.rsa.get_plain_text()) elif self.format == 'file': if self.rsa_inpfile == None: self.display_value_error("File belum dipilih") return assert self.rsa_inpfile is not None self.rsa.dec_from_file(self.rsa_inpfile) self.rsa.decrypt() fileName, _ = QFileDialog.getSaveFileName( None, "Save Encrypted File", "", "All Files (*)") print("tes({})".format(fileName)) if fileName == "": return self.rsa.dec_write_file(fileName) # Print file size self.RSA_size_value.setText( str(os.path.getsize(fileName) / 1000)) else: self.display_value_error("Format belum dipilih") return else: self.display_value_error("Aksi belum dipilih") return end = str(time.time() - st) # Set time execution self.RSA_time_value.setText(end) def rsa_generate_key(self): self.rsa.generate_key() d, n1 = self.rsa.get_private_key() e, n2 = self.rsa.get_public_key() assert n1 == n2 self.RSA_key_n_value.setText(str(n1)) self.RSA_key_d_value.setText(str(d)) self.RSA_key_e_value.setText(str(e)) def rsa_import_key(self): fileNamePub, _ = QFileDialog.getOpenFileName( None, "Import RSA Public Key", "", "Public Key File (*.pub)") fileNamePri, _ = QFileDialog.getOpenFileName( None, "Import RSA Private Key", "", "Private Key File (*.pri)") self.rsa.import_public_key(fileNamePub) self.rsa.import_private_key(fileNamePri) # display the imported key in the text box d, n1 = self.rsa.get_private_key() e, n2 = self.rsa.get_public_key() assert n1 == n2 self.RSA_key_n_value.setText(str(n1)) self.RSA_key_d_value.setText(str(d)) self.RSA_key_e_value.setText(str(e)) def rsa_get_input_file(self): fileName, _ = QFileDialog.getOpenFileName(None, "Get Input File", "", "All Files (*)") self.rsa_inpfile = fileName fileName = fileName.split('/')[-1] self.RSA_inp_file_label.setText("Chosen file: {}".format(fileName)) # ELGAMAL STUFF def elgamal_save_key(self): fileNamePub, _ = QFileDialog.getSaveFileName( None, "Save Elgamal Public Key", "", "Public Key File (*.pub)") fileNamePri, _ = QFileDialog.getSaveFileName( None, "Save Elgamal Private Key", "", "Private Key File (*.pri)") self.elgamal.generate_key() self.elgamal.save_generated_keys(fileNamePub, fileNamePri) def elgamal_set_public_key(self): p = int(self.EG_key_p_value.text()) g = int(self.EG_key_g_value.text()) y = int(self.EG_key_y_value.text()) self.elgamal.set_public_key(p, g, y) def elgamal_set_private_key(self): p = int(self.EG_key_p_value.text()) x = int(self.EG_key_x_value.text()) self.elgamal.set_private_key(p, x) def elgamal_execute(self): self.elgamal_set_public_key() self.elgamal_set_private_key() st = time.time() if self.mode == 'enc': if self.format == 'txt': self.elgamal.get_input( bytes(self.EG_input_text.toPlainText(), 'UTF-8', errors='ignore')) self.elgamal.encrypt() self.EG_output_text.setText(self.elgamal.get_cipher_text()) elif self.format == 'file': self.elgamal.enc_from_file(self.elgamal_inpfile) self.elgamal.encrypt() fileName, _ = QFileDialog.getSaveFileName( None, "Save Encrypted File", "", "All Files (*)") self.elgamal.enc_write_file(fileName) # Print file size self.EG_size_value.setText( str(os.path.getsize(fileName) / 1000)) else: self.display_value_error("Format belum dipilih") return elif self.mode == 'dec': if self.format == 'txt': self.elgamal.get_input( bytes(self.EG_input_text.toPlainText(), 'UTF-8', errors='ignore')) self.elgamal.parse_msg_to_enc() self.elgamal.decrypt() self.EG_output_text.setText(self.elgamal.get_plain_text()) elif self.format == 'file': self.elgamal.dec_from_file(self.elgamal_inpfile) self.elgamal.decrypt() fileName, _ = QFileDialog.getSaveFileName( None, "Save Encrypted File", "", "All Files (*)") self.elgamal.dec_write_file(fileName) # Print file self.EG_size_value.setText( str(os.path.getsize(fileName) / 1000)) else: self.display_value_error("Format belum dipilih") return else: self.display_value_error("Aksi belum dipilih") return end = str(time.time() - st) # Set time execution self.EG_time_value.setText(end) def elgamal_get_input_file(self): fileName, _ = QFileDialog.getOpenFileName(None, "Get Input File", "", "All Files (*)") self.elgamal_inpfile = fileName fileName = fileName.split('/')[-1] self.EG_inp_file_label.setText("Chosen file: {}".format(fileName)) def elgamal_import_key(self): fileNamePub, _ = QFileDialog.getOpenFileName( None, "Import Elgamal Public Key", "", "Public Key File (*.pub)") fileNamePri, _ = QFileDialog.getOpenFileName( None, "Import Elgamal Private Key", "", "Private Key File (*.pri)") self.elgamal.import_public_key(fileNamePub) self.elgamal.import_private_key(fileNamePri) def elgamal_generate_key(self): self.elgamal.generate_key() g, y, p = self.elgamal.get_public_key() x, p = self.elgamal.get_private_key() self.EG_key_p_value.setText(str(p)) self.EG_key_g_value.setText(str(g)) self.EG_key_x_value.setText(str(x)) self.EG_key_y_value.setText(str(y)) # OTHER STUFF def set_mode_enc(self): self.mode = 'enc' def set_mode_dec(self): self.mode = 'dec' def set_format_txt(self): self.format = 'txt' def set_format_file(self): self.format = 'file' # VALIDATION STUFF def display_value_error(self, err_msg: str): msg = QMessageBox() msg.setIcon(QMessageBox.Warning) msg.setText("Error") msg.setInformativeText(err_msg) msg.setWindowTitle("Error") msg.setStandardButtons(QMessageBox.Ok) retval = msg.exec_()
class Client: def __init__(self, port): self.server_port = '' self.port = port self.client_secret = random.randint(500, 1500) sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) self.read_sock = Protocol(sock) self.read_sock.start(port) self.hellman = DiffieHellman() self.write_sock = Protocol( socket.socket(socket.AF_INET, socket.SOCK_DGRAM)) self.main() def listening(self): while True: data = self.read_sock.read() data = json.loads(data) if 'encry' in data.keys(): msg = self.hellman.decry(data['data'], self.top_secret_key) print('msg: ', msg) else: print('something ', data['data']) def speak(self): while True: data = input() self.write_sock.write( self.make_header(self.hellman.encry(data, self.top_secret_key)), self.server_port) def check_header(self, data): fdata = json.loads(data) if fdata['type'] == 'SERVER': self.server_port = fdata['addr'] else: print('ciota neto') def make_header(self, data): fdata = {"type": "CLIENT", "addr": self.port, "data": data} return json.dumps(fdata) def handshake(self): self.write_sock.write(self.make_header('SYN'), self.server_port) data = self.read_sock.read() data = json.loads(data) self.top_secret_key = self.hellman.get_secret_key( data['key'], self.client_secret) data.update({ 'encry': 'Diffie Hellman', 'key': self.hellman.generate_key(self.client_secret) }) data = json.dumps(data) self.write_sock.write(data, self.server_port) def main(self): data = self.read_sock.read() self.check_header(data) print('SERVER PORT -> ', self.server_port, '\n', json.loads(data)['data']) self.handshake() start_new_thread(self.speak, ()) self.listening()
def main(): #replace g with 1, p, p-1... #just watch the generated secret key result #1 : all secret keys are 1 #p : all secret keys are 0 #p-1: half secret keys are 1 # half secret keys are p-1 dh = DiffieHellman(DiffieHellman.p, 1) a_pri, a_pub, a_p, a_g = dh.gen_key_pair() b_pri, b_pub, b_p, b_g = dh.gen_key_pair() a_sk = dh.gen_sec_key(b_pub, a_pri) key_a = sha1.sha1(str(a_sk))[:16] print a_sk print binascii.hexlify(key_a) dh = DiffieHellman(DiffieHellman.p, DiffieHellman.p) a_pri, a_pub, a_p, a_g = dh.gen_key_pair() b_pri, b_pub, b_p, b_g = dh.gen_key_pair() a_sk = dh.gen_sec_key(b_pub, a_pri) key_a = sha1.sha1(str(a_sk))[:16] print a_sk print binascii.hexlify(key_a) dh = DiffieHellman(DiffieHellman.p, DiffieHellman.p-1) a_pri, a_pub, a_p, a_g = dh.gen_key_pair() b_pri, b_pub, b_p, b_g = dh.gen_key_pair() a_sk = dh.gen_sec_key(b_pub, a_pri) key_a = sha1.sha1(str(a_sk))[:16] print a_sk print binascii.hexlify(key_a)
def setUp(self): # sharedSecret = 17 base = 5 modulo = 23 self.alice = DiffieHellman(modulo, base) self.bob = DiffieHellman(modulo, base)
def main(): random.seed(time.time()) # regular communication message = "This is a secret message".decode("base64") alice = DiffieHellman(NIST_GENERATOR, NIST_PRIME) bob = DiffieHellman(NIST_GENERATOR, NIST_PRIME) bob.get_response(alice.make_secret()) alice.get_response(bob.make_secret()) print "Alice's key:" print "%r" % (alice.session_key(),) print "Bob's key:" print "%r" % (bob.session_key(),) assert bob.session_key() == alice.session_key() bob_iv = os.urandom(16) alice_iv = os.urandom(16) alice_message = alice_iv + cbc.encrypt(alice.session_key()[:16], message, IV = alice_iv) bob_message = bob_iv + cbc.encrypt(bob.session_key()[:16], cbc.decrypt(bob.session_key()[:16], alice_message)[16:], IV = bob_iv) # mitm'd message = "Tm8gb25lIGNhbiByZWFkIHRoaXM=".decode("base64") alice = DiffieHellman(NIST_GENERATOR, NIST_PRIME) bob = DiffieHellman(NIST_GENERATOR, NIST_PRIME) mitm = DiffieHellman(NIST_GENERATOR, NIST_PRIME) alice.make_secret() bob.make_secret() bob.get_response(NIST_PRIME) alice.get_response(NIST_PRIME) assert bob.session_key() == alice.session_key() real_key = bob.session_key() alice_message = alice_iv + cbc.encrypt(alice.session_key()[:16], message, IV = alice_iv) relayed_msg = alice_message bob_message = bob_iv + cbc.encrypt(bob.session_key()[:16], cbc.decrypt(bob.session_key()[:16], relayed_msg)[16:], IV = bob_iv) injected_key = sha1.sha1(hex(0).strip("0xL")).hexdigest().decode("hex") print "Alice and Bob's secret message:" print "%r" % (cbc.decrypt(injected_key[:16], relayed_msg)[16:],)
def __init__(self, q, alpha): self.__tcp = socket.socket(socket.AF_INET, socket.SOCK_STREAM) self.__s_des = SimpleDes() self.__rc4 = RC4() self.__encryption = None self.__diffie_hellman = DiffieHellman(q, alpha)
from sha1 import SHA1 from diffie_hellman import DiffieHellman from rsa_dsa import RSADSA # RSA DSA keys = rsa_keys.generate_rsa_keys(256) rsa_dsa = RSADSA(keys['n']) sign = rsa_dsa.sign(SHA1, 'ARTYOM', keys['d']) print(rsa_dsa.verify(SHA1, sign, keys['e'])) curve = EllipticCurve(67) # Diffie-Hellman dh = DiffieHellman(curve, curve.points[3]) a_private = 7 a_public = dh.gen_public(a_private) b_private = 13 b_public = dh.gen_public(b_private) secret = dh.gen_secret(a_private, b_public) print(dh.gen_secret(a_private, b_public) == dh.gen_secret(b_private, a_public)) # EC DSA point = curve.prime_order_point() ec_dsa = ECDSA(curve, point) private = 4
def mutualAuthentication(self): bits = 16 nonce = self.mutual_auth.generate_nonce(bits) self.dh = DiffieHellman.defaultInstance() if self.mode == 'client': # send client challenge self.socket.sendall('im alice,' + str(nonce) + TERMINATORS) print '[MutualAuthentication] client sent: im alice,' + str(nonce) # receive challenge response from client server_response = self.receiveData() server_nonce = server_response.split(',',1)[0] server_encrypted = server_response.split(',',1)[1] print '[MutualAuthentication] client received nonce from server: ' + server_nonce print '[MutualAuthentication] client received encrypted text: ' + server_encrypted plaintext = self.mutual_auth.decrypt_ciphertext(server_encrypted) print '[MutualAuthentication] client decrypted plaintext: ' + plaintext # check that nonce is correct and you weren't the one to encrypt it if(not self.mutual_auth.check_name(plaintext) and self.mutual_auth.check_nonce(plaintext)): # extract partial key sent by server server_partial_session_key = self.mutual_auth.get_partner_dh_value(plaintext) print '[MutualAuthentication] extracted server partial key: ' + str(server_partial_session_key) # generate client partial key client_partial_session_key = self.dh.partialSessionKeyGen()[0] # compute the session key self.total_session_key = self.dh.computeTotalSessionKey(server_partial_session_key) # encrypt server nonce and client partial key with shared secret and send encrypted = self.mutual_auth.encrypt_nonce(server_nonce, client_partial_session_key) self.socket.sendall(encrypted + TERMINATORS) print '[MutualAuthentication] client sending encrypted text: ' + encrypted print '[MutualAuthentication] success in authenticating server' return True else: print '[MutualAuthentication] cannot authenticate server, check falied' return False # server mode else: #server # wait to receive nonce from client client_response = self.receiveData() client_nonce = client_response.split(',')[1] print '[MutualAuthentication] received client_nonce:'+str(client_nonce) # generate server partial key server_partial_session_key = self.dh.partialSessionKeyGen()[0] # encrypt client nonce and server partial key with shared secret encrypted = self.mutual_auth.encrypt_nonce(client_nonce, server_partial_session_key) # send server nonce along with encrypter message self.socket.sendall(str(nonce) + ',' + encrypted + TERMINATORS) print '[MutualAuthentication] server sending nonce: ' + str(nonce) print '[MutualAuthentication] server sending encrypted text: ' + encrypted # receive client challenge response client_second_response = self.receiveData() print '[MutualAuthentication] server received client response: ' + str(client_second_response) # decrypt client response plaintext = self.mutual_auth.decrypt_ciphertext(client_second_response) print '[MutualAuthentication] server decrypted plaintext: ' + plaintext # check that nonce is correct and you weren't the one to encrypt it if(not self.mutual_auth.check_name(plaintext) and self.mutual_auth.check_nonce(plaintext)): # extract client partial key client_partial_session_key = self.mutual_auth.get_partner_dh_value(plaintext) print '[MutualAuthentication] extracted the client partial key: ' + str(client_partial_session_key) # compute session key self.total_session_key = self.dh.computeTotalSessionKey(client_partial_session_key) print '[MutualAuthentication] success in authenticating client' return True else: print '[MutualAuthentication] cannot authenticate client, check falied' return False
class Client: __port = 5354 __key: str def __init__(self, q, alpha): self.__tcp = socket.socket(socket.AF_INET, socket.SOCK_STREAM) self.__s_des = SimpleDes() self.__rc4 = RC4() self.__encryption = None self.__diffie_hellman = DiffieHellman(q, alpha) def connect(self, host: str): dest = (host, self.__port) self.__tcp.connect(dest) sockets_list = [sys.stdin, self.__tcp] while True: read_sockets, write_socket, error_socket = select.select(sockets_list, [], []) for socks in read_sockets: if socks == self.__tcp: socks: socket.socket messages: list = socks.recv(2048).decode().split("\x02") controls = messages[1].split(" ") if controls[0] == "\dh_end": kp = controls[1] self.__key = self.__diffie_hellman.calculate_sessionkey(int(kp)) print("Chave de diffie hellman trocadas!") #self.__key = bin(self.__key)[2:].zfill(10)[-10:] elif controls[0] == "\dh_begin": kp = controls[1] y = self.__diffie_hellman.calculate_pubkey() self.__key = self.__diffie_hellman.calculate_sessionkey(int(kp)) print("Chave de diffie hellman trocadas!") #self.__key = bin(self.__key)[2:].zfill(10)[-10:] msg = "\dh_end " + str(y) self.__tcp.send(bytes(msg.encode())) else: decrypted_message = self.__verify_encryption(messages[1]) print(messages[0] + decrypted_message) else: message: str = sys.stdin.readline()[:-1] self.__erase_line() if message[:5] == "\exit": exit(1) if message == "\dh_begin": y = self.__diffie_hellman.calculate_pubkey() msg = "\dh_begin " + str(y) self.__tcp.send(bytes(msg.encode())) else: if self.__encryption: encrypted_message: str = self.__encryption(message, True) self.__tcp.send(bytes(encrypted_message.encode())) else: self.__tcp.send(bytes(message.encode())) sys.stdout.write("<You> {}".format(self.__verify_start_encryption(message) + "\n")) sys.stdout.flush() def __use_s_des(self, message: str, encrypt: bool): if encrypt: execute = self.__s_des.encrypt else: execute = self.__s_des.decrypt bin_message = list(format(ord(x), 'b') for x in message) s_des_message = self.__execute_s_des(bin_message, execute) return self.__binary_list_to_ascii(s_des_message) def __execute_s_des(self, bin_message, execute: SimpleDes.encrypt) -> list: s_des_message = list() for byte in bin_message: byte: str s_des_message.append(execute(byte.zfill(8), self.__key)) return s_des_message @staticmethod def __binary_list_to_ascii(text: list) -> str: return "".join([chr(int(i, 2)) for i in text]) def __verify_encryption(self, message: str): if self.__encryption is None: return self.__verify_start_encryption(message) else: decrypt_message = self.__encryption(message, False) return self.__verify_start_encryption(decrypt_message) def __use_rc4(self, message: str, encrypt: bool): return self.__rc4.execute(message, self.__key) def __start_encryption(self, message: str) -> bool: commands = message.split(" ") if commands[0] == "\crypt": type_encryption = commands[1] if type_encryption == "sdes": self.__encryption = self.__use_s_des self.__key = bin(int(self.__key))[2:].zfill(10)[-10:] #self.__key = bin(self.__key)[2:].zfill(10)[-10:] return True '''if self.__have_quotes(commands[2]): key = commands[2][1:-1] self.__encryption = self.__use_s_des if len(key) < 10: self.__key = key.zfill(10) else: self.__key = key[:10] return True return False''' elif type_encryption == "rc4": self.__encryption = self.__use_rc4 self.__key = str(self.__key) '''if self.__have_quotes(commands[2]): self.__encryption = self.__use_rc4 #self.__key = commands[2][1:-1] return True return False''' elif type_encryption == "none": self.__encryption = None return True else: return False return False def __check_type_encryption(self, message: str): if self.__start_encryption(message): if self.__encryption == self.__use_s_des: return "Cifra Simple DES ativada" elif self.__encryption == self.__use_rc4: return "Cifra RC4 ativada" else: return "Comunicação sem cifra" else: return message def __verify_start_encryption(self, message: str): if self.__start_encryption(message): return self.__check_type_encryption(message) return message def __erase_line(self): CURSOR_UP_ONE = '\x1b[1A' ERASE_LINE = '\x1b[2K' sys.stdout.write(CURSOR_UP_ONE) sys.stdout.write(ERASE_LINE) @staticmethod def __have_quotes(command: str) -> bool: if command[0] == command[-1] == "\"": return True return False def __del__(self): print("saindo do chat...") self.__tcp.close()
#!/usr/bin/env python # -*- coding: utf-8 -*- # pylint: disable=C0330 """key_exchange.py Test script for Diffie-Hellman implemented within this folder. """ from __future__ import absolute_import from random import getrandbits from diffie_hellman import DiffieHellman XA, XB = getrandbits(512), getrandbits(512) for i in [ (589_559_306_225_789_680_238_449, 99_848_060_646_461_381_236_408), (1_076_504_068_900_685_093_590_721, 594_761_277_746_183_138_644_459), ]: alice = DiffieHellman(XA, *i) bob = DiffieHellman(XB, *i) A = alice.gen_shared_secret(bob.gen_public_key()) B = bob.gen_shared_secret(alice.gen_public_key()) assert A == B
class Server: def __init__(self, PORT): self.client_port, self.server_port = PORT self.serv_secret = random.randint(500, 1500) self.target_server_port = '' sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) self.proto_sock = Protocol(sock) self.proto_sock.start(self.server_port) self.hellman = DiffieHellman() def handshake(self, data): dat = json.loads(data) if 'encry' not in dat.keys(): dat.update({'key': self.hellman.generate_key(self.serv_secret)}) dat1 = json.dumps(dat) self.proto_sock.write(dat1, dat['addr']) data = self.proto_sock.read() data = json.loads(data) self.top_secret_key = self.hellman.get_secret_key(data['key'], self.serv_secret) def listening(self): first = {"type": "SERVER", "addr" : self.server_port, "data": 'bib-bib-bib...'} first = json.dumps(first) self.proto_sock.write(first, self.client_port) data = self.proto_sock.read() self.handshake(data) while True: data = self.proto_sock.read() dta, typ = self.check_header(data) if typ == 'CLIENT': self.waiting_for_conn() else: self.connected_state() def waiting_for_conn(self): print('waiting_for_conn') self.proto_sock.write(self.make_header(self.encry('Enter number(target server port): ')), self.client_port) while True: data = self.proto_sock.read() dte, typ = self.check_header(data) dte = self.hellman.decry(dte, self.top_secret_key) if dte.isdigit(): self.target_server_port += dte self.proto_sock.write(self.make_header(self.encry('next digit')), self.client_port) else: self.proto_sock.write(self.make_header(self.encry('speak pls')), self.client_port) self.connected_state() def encry(self, data): return self.hellman.encry(data, self.top_secret_key) def connected_state(self): print('connected_state') self.proto_sock.write(self.make_header('connection successful'), int(self.target_server_port)) while True: data = self.proto_sock.read() dta, typ = self.check_header(data) if typ == 'CLIENT': data = self.hellman.decry(dta, self.top_secret_key) self.proto_sock.write(self.make_header(data), int(self.target_server_port)) else: self.proto_sock.write(self.make_header(self.encry(dta)), self.client_port) def make_header(self, data): fdata = {"type": "SERVER", "addr" : self.server_port, "data": data, "encry": "Diffie Hellman"} return json.dumps(fdata) def check_header(self, data): fdata = json.loads(data) if fdata['type'] == 'SERVER': self.target_server_port = fdata['addr'] return fdata['data'], fdata['type']
def handle(self, flower): DEBUG_POSITION = 'Symbiosis_Server:Server:Handle:' dh = DiffieHellman() data_proxy = b'' keys = [] aes_recv = None timeout = TIMEOUT while self.running: (read, _, exception) = select.select([flower], [], [flower], timeout) if exception: if DEBUG: print(DEBUG_POSITION, 'select exception이 발생했습니다:') if DEBUG: print(exception) return elif read: for i in read: try: # Receive Data data_proxy = data_proxy + i.recv(1024) if len(data_proxy) >= 1024: # Raw Cell raw_cell, data_proxy = data_proxy[0:1024], data_proxy[1024:] # Decode Cell cell = decodeCell(raw_cell) if cell['type'] == SYMBIOSIS_CELL_TYPE_REQUEST: # Decrypt data = cell['data'] decrypted = b'' while len(data) >= 16: decrypted = decrypted + aes_recv.decrypt(data[:16]) data = data[16:] decrypted = decrypted + data # Digest digest = SHA256.new(decrypted + keys[0]).digest() if digest != cell['digest']: continue # Connect to Squid with streamID if not cell['streamID'] in self.stream.streams.keys(): if self.stream.connect('localhost', 3128, cell['streamID']) == False: if DEBUG: print(DEBUG_POSITION, 'Squid에 연결할 수 없습니다.') continue # Send Data self.stream.send(cell['streamID'], decrypted) elif cell['type'] == SYMBIOSIS_CELL_TYPE_KEY_REQUEST: print("Key Exchange: Start") # g_x g_x = cell['data'] # g_y g_y = dh.publicKey.to_bytes((dh.publicKey.bit_length() + 7) // 8, 'big') # H(K) dh.genKey(int.from_bytes(g_x, byteorder='big')) K = dh.getKey() # h_k = SHA256.new(K.decode('utf-8')).digest() h = hashlib.sha256() h.update(str(K).encode(encoding='utf_8', errors='strict')) h_k = h.digest() # certificate crt = open("./ss.crt").read().encode() # sig = sign(SHA256(g_y)) prk = RSA.importKey(open('private.key','r').read()) hash = SHA256.new(g_y).digest() n = int(prk.sign(hash, '')[0]) sig = n.to_bytes((n.bit_length() + 7) // 8, 'big') # Keys for i in range(4): keys = keys + [ str(i).encode() + K[1:] ] aes_recv = AES.new(keys[1], AES.MODE_ECB) aes_send = AES.new(keys[3], AES.MODE_ECB) # crt:1099, g_y:512, sig:256, h_k:32 data = crt + g_y + sig + h_k while len(data) > 0: if len(data) <= 987: end = 1 else: end = 0 flower.send(encodeCell(SYMBIOSIS_CELL_TYPE_KEY_RESPONSE, len(data[:987]), end, bytes(32), data[:987])) data = data[987:] self.exchange = True print('Key Exchange: End') except socket.error as e: if DEBUG: print(DEBUG_POSITION, '알 수 없는 오류가 발생했습니다:') if DEBUG: print(e) return if self.exchange == True: self.stream.select(flower, SYMBIOSIS_CELL_TYPE_RESPONSE, aes_send, keys[2])
def mutualAuthentication(self): bits = 16 nonce = self.mutual_auth.generate_nonce(bits) self.dh = DiffieHellman.defaultInstance() if self.mode == 'client': # send client challenge self.socket.sendall('im alice,' + str(nonce) + TERMINATORS) print '[MutualAuthentication] client sent: im alice,' + str(nonce) # receive challenge response from client server_response = self.receiveData() server_nonce = server_response.split(',', 1)[0] server_encrypted = server_response.split(',', 1)[1] print '[MutualAuthentication] client received nonce from server: ' + server_nonce print '[MutualAuthentication] client received encrypted text: ' + server_encrypted plaintext = self.mutual_auth.decrypt_ciphertext(server_encrypted) print '[MutualAuthentication] client decrypted plaintext: ' + plaintext # check that nonce is correct and you weren't the one to encrypt it if (not self.mutual_auth.check_name(plaintext) and self.mutual_auth.check_nonce(plaintext)): # extract partial key sent by server server_partial_session_key = self.mutual_auth.get_partner_dh_value( plaintext) print '[MutualAuthentication] extracted server partial key: ' + str( server_partial_session_key) # generate client partial key client_partial_session_key = self.dh.partialSessionKeyGen()[0] # compute the session key self.total_session_key = self.dh.computeTotalSessionKey( server_partial_session_key) # encrypt server nonce and client partial key with shared secret and send encrypted = self.mutual_auth.encrypt_nonce( server_nonce, client_partial_session_key) self.socket.sendall(encrypted + TERMINATORS) print '[MutualAuthentication] client sending encrypted text: ' + encrypted print '[MutualAuthentication] success in authenticating server' return True else: print '[MutualAuthentication] cannot authenticate server, check falied' return False # server mode else: #server # wait to receive nonce from client client_response = self.receiveData() client_nonce = client_response.split(',')[1] print '[MutualAuthentication] received client_nonce:' + str( client_nonce) # generate server partial key server_partial_session_key = self.dh.partialSessionKeyGen()[0] # encrypt client nonce and server partial key with shared secret encrypted = self.mutual_auth.encrypt_nonce( client_nonce, server_partial_session_key) # send server nonce along with encrypter message self.socket.sendall(str(nonce) + ',' + encrypted + TERMINATORS) print '[MutualAuthentication] server sending nonce: ' + str(nonce) print '[MutualAuthentication] server sending encrypted text: ' + encrypted # receive client challenge response client_second_response = self.receiveData() print '[MutualAuthentication] server received client response: ' + str( client_second_response) # decrypt client response plaintext = self.mutual_auth.decrypt_ciphertext( client_second_response) print '[MutualAuthentication] server decrypted plaintext: ' + plaintext # check that nonce is correct and you weren't the one to encrypt it if (not self.mutual_auth.check_name(plaintext) and self.mutual_auth.check_nonce(plaintext)): # extract client partial key client_partial_session_key = self.mutual_auth.get_partner_dh_value( plaintext) print '[MutualAuthentication] extracted the client partial key: ' + str( client_partial_session_key) # compute session key self.total_session_key = self.dh.computeTotalSessionKey( client_partial_session_key) print '[MutualAuthentication] success in authenticating client' return True else: print '[MutualAuthentication] cannot authenticate client, check falied' return False
try: bogus_point = curve.find_point_of_order(r, curve_order) confused_response = bob_keypair.compute_secret(bogus_point) # brute for which r for confused response current_point = bogus_point for x in range(1, r): if current_point == confused_response: yield (x, r) break current_point = curve.add_points(current_point, bogus_point) except ValueError as err: continue if __name__ == "__main__": dh = DiffieHellman(given_curve, point, point_order=given_order) alice_keypair = dh.generate_keypair() bob_keypair = dh.generate_keypair() alice_key = alice_keypair.compute_secret(bob_keypair.public) bob_key = bob_keypair.compute_secret(alice_keypair.public) assert alice_key == bob_key, 'Key should have been shared' # Begin Subgroup Confinement Attack bad_curve1 = WeierstrassCurve(p, -95051, 210) order_curve1 = 233970423115425145550826547352470124412 bad_curve2 = WeierstrassCurve(p, -95051, 504) order_curve2 = 233970423115425145544350131142039591210 bad_curve3 = WeierstrassCurve(p, -95051, 727) order_curve3 = 233970423115425145545378039958152057148
from binascii import hexlify from diffie_hellman import DiffieHellman p = 11 g = 2 d1 = DiffieHellman(generator=g, prime=p, key_length=3) # d2 = DiffieHellman(generator=g, prime=p, key_length=3) # print(d1.public_key) # print(d2.public_key) # d1.gen_key(d2.public_key) # d2.gen_key(d1.public_key) d1.gen_key(2) print('Public key: ' + str(d1.public_key)) print('Private key: ' + str(d1.private_key)) print(d1.get_key()) # d1.show_params() # d1.show_results() # d2.show_params() # d2.show_results() # if d1.get_key() == d2.get_key(): # print('Shared keys match') # print('Key: ', hexlify(bytes(d1.key, 'ascii'))) # print(d1.get_key()) # else: # print("Shared secrets didn't match!") # print("Shared secret A: ", d1.gen_secret(d2.public_key))
except: print "Unable to open port %d" % client_port sys.exit() try: conn_server.connect(server_ip, server_port) except: print "Unable to connect to %s at port %d" % (server_ip, server_port) # Key exchange: Later can be added some other variants too.####### p_server = int(get_line(conn_server)) g_server = int(get_line(conn_server)) A_server = int(get_line(conn_server)) dh_server = DiffieHellman(p_server, g_server) _, _, B_server = dh_server.generate_public_broadcast() conn_server.send(str(B_server)) crypto_protocol_server = CryptoProtocol(dh_server.get_shared_secret(A_server)) p_client = p_server g_client = g_server dh_client = DiffieHellman(p_server, g_server) _, _, A_client = dh_client.generate_public_broadcast() conn_client.send(str(p_client)) conn_client.send(str(g_client)) conn_client.send(str(A_client)) B_client = int(get_line(conn_client))
class Bee: def __init__(self): DEBUG_POSITION = 'Symbiosis_Bee:Bee:Init:' self.alive = True # Flower Socket self.flower = socket.socket(socket.AF_INET, socket.SOCK_STREAM) # Deflector Socket self.deflector = socket.socket(socket.AF_INET, socket.SOCK_STREAM) # Diffie Hellman self.dh = DiffieHellman() self.exchange = False # Stream self.stream = Stream() def fly(self, flower_host, flower_port, deflector_host, deflector_port): DEBUG_POSITION = 'Symbiosis_Bee:Bee:Fly:' # Connect to Deflector # try: # self.deflector.connect((deflector_host, deflector_port)) # except socket.error as e: # if DEBUG: print(DEBUG_POSITION, 'Deflector와의 연결에 실패하였습니다:') # if DEBUG: print(e) # return # Connect to Flower try: self.flower.connect((flower_host, flower_port)) except socket.error as e: if DEBUG: print(DEBUG_POSITION, 'Flower와의 연결에 실패하였습니다:') if DEBUG: print(e) return if DEBUG: print('Key Exchange: Start') self.exchange = False # Key Exchange data = self.dh.publicKey.to_bytes((self.dh.publicKey.bit_length() + 7) // 8, 'big') self.flower.send(encodeCell(SYMBIOSIS_CELL_TYPE_KEY_REQUEST, len(data), 0, bytes(32), data)) # Catch : Select _thread.start_new_thread(self.catch, (self.flower, self.deflector)) # self.catch(self.flower, self.deflector) # Feel : Browsing self.feel() # Die self.die() def feel(self): DEBUG_POSITION = 'Symbiosis_Bee:Bee:Feel:' try: listener = socket.socket(socket.AF_INET, socket.SOCK_STREAM); listener.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) listener.bind(('', SYMBIOSIS_BEE_PORT)) listener.listen(5) while self.alive: if self.exchange == False: continue # Accept conn, _ = listener.accept() # Stream self.stream.add(conn) except socket.error as e: if listener: listener.close() if DEBUG: print(DEBUG_POSITION, 'Browser의 요청을 기다리던 도중 오류가 발생했습니다:') if DEBUG: print(e) def catch(self, flower, deflector): DEBUG_POSITION = 'Symbiosis_Bee:Bee:Catch:' data_flower = b'' data_deflector = b'' key_data = b'' keys = [] aes_recv = None timeout = TIMEOUT while self.alive: # (read, _, exception) = select.select([flower, deflector], [], [flower, deflector], timeout) (read, _, exception) = select.select([flower], [], [flower], timeout) if exception: if DEBUG: print(DEBUG_POSITION, 'select exception이 발생했습니다:') if DEBUG: print(exception) return elif read: for i in read: if i == flower: try: # Receive Data data_flower = data_flower + i.recv(1024) if len(data_flower) >= 1024: # Raw Cell raw_cell, data_flower = data_flower[0:1024], data_flower[1024:] # Decode Cell cell = decodeCell(raw_cell) #printCell(cell) if cell['type'] == SYMBIOSIS_CELL_TYPE_RESPONSE: # Decrypt data = cell['data'] decrypted = b'' while len(data) >= 16: decrypted = decrypted + aes_recv.decrypt(data[:16]) data = data[16:] decrypted = decrypted + data # Digest digest = SHA256.new(decrypted + keys[2]).digest() if digest != cell['digest']: continue # Send Data self.stream.send(cell['streamID'], decrypted) elif cell['type'] == SYMBIOSIS_CELL_TYPE_REQUEST: # Flower Request print('FLOWER REQ > BEE > DEFLECTOR:') #printCell(cell) deflector.send(raw_cell) pass elif cell['type'] == SYMBIOSIS_CELL_TYPE_KEY_REQUEST: # Flower Key Request #deflector.send(raw_cell) pass elif cell['type'] == SYMBIOSIS_CELL_TYPE_KEY_RESPONSE: # crt:1099, g_y:512, sig:256, h_k:32 key_data = key_data + cell['data'] if cell['streamID'] == 0: continue # split crt = key_data[:1099] g_y = key_data[1099:1099+512] sig = (int.from_bytes(key_data[1099+512:1099+512+256], byteorder='big'), ) h_k = key_data[1099+512+256:] key_data = b'' # get public key from crt pem = crt.decode('utf-8') lines = pem.replace(" ",'').split() der = a2b_base64(''.join(lines[1:-1]).encode('ascii')) cert = DerSequence() cert.decode(der) tbsCertificate = DerSequence() tbsCertificate.decode(cert[0]) subjectPublicKeyInfo = tbsCertificate[5] puk = RSA.importKey(subjectPublicKeyInfo) # verify hash = SHA256.new(g_y).digest() if puk.verify(hash, sig): print("Key Exchange: Verify") self.dh.genKey(int.from_bytes(g_y, byteorder='big')) # h.digest() = SHA256.new(K).digest() K = self.dh.getKey() h = hashlib.sha256() h.update(str(K).encode(encoding='utf_8', errors='strict')) if h_k == h.digest(): print("Key Exchange: Complete") K = self.dh.getKey() aes = AES.new(K, AES.MODE_ECB) # Keys for i in range(4): keys = keys + [ str(i).encode() + K[1:] ] aes_recv = AES.new(keys[3], AES.MODE_ECB) aes_send = AES.new(keys[1], AES.MODE_ECB) self.exchange = True else: print("Key Exchange: Retry") data = self.dh.publicKey.to_bytes((self.dh.publicKey.bit_length() + 7) // 8, 'big') self.flower.send(encodeCell(SYMBIOSIS_CELL_TYPE_KEY_REQUEST, len(data), 0, bytes(32), data)) else: print("Key Exchange: Retry") data = self.dh.publicKey.to_bytes((self.dh.publicKey.bit_length() + 7) // 8, 'big') self.flower.send(encodeCell(SYMBIOSIS_CELL_TYPE_KEY_REQUEST, len(data), 0, bytes(32), data)) except socket.error as e: if DEBUG: print(DEBUG_POSITION, '알 수 없는 오류가 발생했습니다:flower') if DEBUG: print(e) return elif i == deflector: try: # Receive Data data_deflector = data_deflector + i.recv(1024) if len(data_deflector) >= 1024: # Raw Cell raw_cell, data_deflector = data_deflector[0:1024], data_deflector[1024:] # Deflector Response print('DEFLECTOR RES > BEE > FLOWER') flower.send(raw_cell) except socket.error as e: if DEBUG: print(DEBUG_POSITION, '알 수 없는 오류가 발생했습니다:deflector') if DEBUG: print(e) return if self.exchange == True: self.stream.select(flower, SYMBIOSIS_CELL_TYPE_REQUEST, aes_send, keys[0]) def die(self): DEBUG_POSITION = 'Symbiosis_Bee:Bee:Die:' self.alive = False self.stream.clear() self.stream = None self.deflector.close() self.deflector = None self.flower.close() self.flower = None
def main(): random.seed(time.time()) # regular communication message = "This is a secret message".decode("base64") alice = DiffieHellman(NIST_GENERATOR, NIST_PRIME) bob = DiffieHellman(NIST_GENERATOR, NIST_PRIME) bob.get_response(alice.make_secret()) alice.get_response(bob.make_secret()) assert bob.session_key() == alice.session_key() # g = 1 # 1^x = 1 mod p for any x message = "ZyA9IDEgc3V4=".decode("base64") alice = DiffieHellman(1, NIST_PRIME) bob = DiffieHellman(1, NIST_PRIME) bob.get_response(alice.make_secret()) alice.get_response(bob.make_secret()) assert bob.session_key() == alice.session_key() real_key = bob.session_key() bob_iv = os.urandom(16) alice_iv = os.urandom(16) alice_message = alice_iv + cbc.encrypt(alice.session_key()[:16], message, IV = alice_iv) relayed_msg = alice_message bob_message = bob_iv + cbc.encrypt(bob.session_key()[:16], cbc.decrypt(bob.session_key()[:16], relayed_msg)[16:], IV = bob_iv) injected_key = sha1.sha1(hex(1).strip("0xL")).hexdigest().decode("hex") print "g = 1:" print "Alice and Bob's secret message:" print "%r" % (cbc.decrypt(injected_key[:16], relayed_msg)[16:],) # g = p # p^x = 0 mod p for any x message = "ZyA9IHAgaXMgdXNlbGVzcw==".decode("base64") alice = DiffieHellman(NIST_PRIME, NIST_PRIME) bob = DiffieHellman(NIST_PRIME, NIST_PRIME) bob.get_response(alice.make_secret()) alice.get_response(bob.make_secret()) assert bob.session_key() == alice.session_key() real_key = bob.session_key() bob_iv = os.urandom(16) alice_iv = os.urandom(16) alice_message = alice_iv + cbc.encrypt(alice.session_key()[:16], message, IV = alice_iv) relayed_msg = alice_message bob_message = bob_iv + cbc.encrypt(bob.session_key()[:16], cbc.decrypt(bob.session_key()[:16], relayed_msg)[16:], IV = bob_iv) injected_key = sha1.sha1(hex(0).strip("0xL")).hexdigest().decode("hex") print "g = p:" print "Alice and Bob's secret message:" print "%r" % (cbc.decrypt(injected_key[:16], relayed_msg)[16:],) # g = p - 1 # If the exponent is even the result will be 1, if odd, it will be (p-1) # for that reason, in any combination of results, the final session key will always be either 1 or p-1 (only if both a & b turned out odd thus g^a == g^b == p-1 == g^ab) message = "ZXZlbiBvciBvZGQ/".decode("base64") alice = DiffieHellman(NIST_PRIME-1 , NIST_PRIME) bob = DiffieHellman(NIST_PRIME-1, NIST_PRIME) alice_secret = alice.make_secret() bob_secret = bob.make_secret() bob.get_response(alice_secret) alice.get_response(bob_secret) assert bob.session_key() == alice.session_key() real_key = bob.session_key() bob_iv = os.urandom(16) alice_iv = os.urandom(16) alice_message = alice_iv + cbc.encrypt(alice.session_key()[:16], message, IV = alice_iv) relayed_msg = alice_message bob_message = bob_iv + cbc.encrypt(bob.session_key()[:16], cbc.decrypt(bob.session_key()[:16], relayed_msg)[16:], IV = bob_iv) if (alice_secret + bob_secret == 2*(NIST_PRIME-1)): # 25% chance of the session key being p-1 injected_key = sha1.sha1(hex(NIST_PRIME-1).strip("0xL")).hexdigest().decode("hex") else: injected_key = sha1.sha1(hex(1).strip("0xL")).hexdigest().decode("hex") print "g = p-1:" print "Alice and Bob's secret message:" print "%r" % (cbc.decrypt(injected_key[:16], relayed_msg)[16:],)