def main(): random.seed(time.time()) # regular communication message = "This is a secret message".decode("base64") alice = DiffieHellman(NIST_GENERATOR, NIST_PRIME) bob = DiffieHellman(NIST_GENERATOR, NIST_PRIME) bob.get_response(alice.make_secret()) alice.get_response(bob.make_secret()) print "Alice's key:" print "%r" % (alice.session_key(),) print "Bob's key:" print "%r" % (bob.session_key(),) assert bob.session_key() == alice.session_key() bob_iv = os.urandom(16) alice_iv = os.urandom(16) alice_message = alice_iv + cbc.encrypt(alice.session_key()[:16], message, IV = alice_iv) bob_message = bob_iv + cbc.encrypt(bob.session_key()[:16], cbc.decrypt(bob.session_key()[:16], alice_message)[16:], IV = bob_iv) # mitm'd message = "Tm8gb25lIGNhbiByZWFkIHRoaXM=".decode("base64") alice = DiffieHellman(NIST_GENERATOR, NIST_PRIME) bob = DiffieHellman(NIST_GENERATOR, NIST_PRIME) mitm = DiffieHellman(NIST_GENERATOR, NIST_PRIME) alice.make_secret() bob.make_secret() bob.get_response(NIST_PRIME) alice.get_response(NIST_PRIME) assert bob.session_key() == alice.session_key() real_key = bob.session_key() alice_message = alice_iv + cbc.encrypt(alice.session_key()[:16], message, IV = alice_iv) relayed_msg = alice_message bob_message = bob_iv + cbc.encrypt(bob.session_key()[:16], cbc.decrypt(bob.session_key()[:16], relayed_msg)[16:], IV = bob_iv) injected_key = sha1.sha1(hex(0).strip("0xL")).hexdigest().decode("hex") print "Alice and Bob's secret message:" print "%r" % (cbc.decrypt(injected_key[:16], relayed_msg)[16:],)
def main(): random.seed(time.time()) # regular communication message = "This is a secret message".decode("base64") alice = DiffieHellman(NIST_GENERATOR, NIST_PRIME) bob = DiffieHellman(NIST_GENERATOR, NIST_PRIME) bob.get_response(alice.make_secret()) alice.get_response(bob.make_secret()) assert bob.session_key() == alice.session_key() # g = 1 # 1^x = 1 mod p for any x message = "ZyA9IDEgc3V4=".decode("base64") alice = DiffieHellman(1, NIST_PRIME) bob = DiffieHellman(1, NIST_PRIME) bob.get_response(alice.make_secret()) alice.get_response(bob.make_secret()) assert bob.session_key() == alice.session_key() real_key = bob.session_key() bob_iv = os.urandom(16) alice_iv = os.urandom(16) alice_message = alice_iv + cbc.encrypt(alice.session_key()[:16], message, IV = alice_iv) relayed_msg = alice_message bob_message = bob_iv + cbc.encrypt(bob.session_key()[:16], cbc.decrypt(bob.session_key()[:16], relayed_msg)[16:], IV = bob_iv) injected_key = sha1.sha1(hex(1).strip("0xL")).hexdigest().decode("hex") print "g = 1:" print "Alice and Bob's secret message:" print "%r" % (cbc.decrypt(injected_key[:16], relayed_msg)[16:],) # g = p # p^x = 0 mod p for any x message = "ZyA9IHAgaXMgdXNlbGVzcw==".decode("base64") alice = DiffieHellman(NIST_PRIME, NIST_PRIME) bob = DiffieHellman(NIST_PRIME, NIST_PRIME) bob.get_response(alice.make_secret()) alice.get_response(bob.make_secret()) assert bob.session_key() == alice.session_key() real_key = bob.session_key() bob_iv = os.urandom(16) alice_iv = os.urandom(16) alice_message = alice_iv + cbc.encrypt(alice.session_key()[:16], message, IV = alice_iv) relayed_msg = alice_message bob_message = bob_iv + cbc.encrypt(bob.session_key()[:16], cbc.decrypt(bob.session_key()[:16], relayed_msg)[16:], IV = bob_iv) injected_key = sha1.sha1(hex(0).strip("0xL")).hexdigest().decode("hex") print "g = p:" print "Alice and Bob's secret message:" print "%r" % (cbc.decrypt(injected_key[:16], relayed_msg)[16:],) # g = p - 1 # If the exponent is even the result will be 1, if odd, it will be (p-1) # for that reason, in any combination of results, the final session key will always be either 1 or p-1 (only if both a & b turned out odd thus g^a == g^b == p-1 == g^ab) message = "ZXZlbiBvciBvZGQ/".decode("base64") alice = DiffieHellman(NIST_PRIME-1 , NIST_PRIME) bob = DiffieHellman(NIST_PRIME-1, NIST_PRIME) alice_secret = alice.make_secret() bob_secret = bob.make_secret() bob.get_response(alice_secret) alice.get_response(bob_secret) assert bob.session_key() == alice.session_key() real_key = bob.session_key() bob_iv = os.urandom(16) alice_iv = os.urandom(16) alice_message = alice_iv + cbc.encrypt(alice.session_key()[:16], message, IV = alice_iv) relayed_msg = alice_message bob_message = bob_iv + cbc.encrypt(bob.session_key()[:16], cbc.decrypt(bob.session_key()[:16], relayed_msg)[16:], IV = bob_iv) if (alice_secret + bob_secret == 2*(NIST_PRIME-1)): # 25% chance of the session key being p-1 injected_key = sha1.sha1(hex(NIST_PRIME-1).strip("0xL")).hexdigest().decode("hex") else: injected_key = sha1.sha1(hex(1).strip("0xL")).hexdigest().decode("hex") print "g = p-1:" print "Alice and Bob's secret message:" print "%r" % (cbc.decrypt(injected_key[:16], relayed_msg)[16:],)