commit 16141c2d65793aa732bb44106e5eb7e984aa2cc2
parent 1d57fa2d5a66bfea0f853304970b1e558bb5fe1c
Author: mpizzzle <michael.770211@gmail.com>
Date: Sat, 21 Oct 2017 21:36:07 +0100
renaming some variables
Diffstat:
1 file changed, 29 insertions(+), 25 deletions(-)
diff --git a/set2/byte_at_a_time_ecb_decryption_harder.py b/set2/byte_at_a_time_ecb_decryption_harder.py
@@ -9,42 +9,46 @@ pt3 = "dXN0IHRvIHNheSBoaQpEaWQgeW91IHN0b3A/IE5vLCBJIGp1c3QgZHJvdmUg\n"
pt4 = "YnkK"
key = Random.new().read(AES.block_size)
-pt = str(pt1 + pt2 + pt3 + pt4).decode("base64") # no peeking!
-r = Random.new().read(random.randint(1, 100))
-aes_bs = AES.block_size
+plaintext = str(pt1 + pt2 + pt3 + pt4).decode("base64") # no peeking!
+rand_buffer = Random.new().read(random.randint(1, 100))
def encryption_oracle(msg):
- return AES.new(key, AES.MODE_ECB).encrypt(r + msg + pt + ''.join(['\x04' for i in range(aes_bs - (len(r + msg + pt) % aes_bs))]) if len(r + msg + pt) % aes_bs != 0 else r + msg + pt)
+ padding = ''
+
+ if len(rand_buffer + msg + plaintext) % AES.block_size != 0:
+ padding += ''.join(['\x04' for i in range(AES.block_size - (len(rand_buffer + msg + plaintext) % AES.block_size))])
+
+ return AES.new(key, AES.MODE_ECB).encrypt(rand_buffer + msg + plaintext + padding)
def find_len_of_random_prefix():
- estimate = -1
-
- for i in range(aes_bs):
- prefix_len = 0
- a = encryption_oracle(''.join('\x00' for j in range(i)))
- b = encryption_oracle(''.join("\x00" for j in range(i + 1)))
- a_blocks = [a[j:j + aes_bs] for j in range(0, len(a), aes_bs)]
- b_blocks = [b[j:j + aes_bs] for j in range(0, len(b), aes_bs)]
-
- for block_a, block_b in zip(a_blocks, b_blocks):
- if block_a == block_b:
- prefix_len += aes_bs
+ prefix_len = -1
+
+ for i in range(AES.block_size):
+ estimate = 0
+ cipher_a = encryption_oracle(''.join('\x00' for j in range(i)))
+ cipher_b = encryption_oracle(''.join("\x00" for j in range(i + 1)))
+ a_blocks = [cipher_a[j:j + AES.block_size] for j in range(0, len(cipher_a), AES.block_size)]
+ b_blocks = [cipher_b[j:j + AES.block_size] for j in range(0, len(cipher_b), AES.block_size)]
+
+ for a, b in zip(a_blocks, b_blocks):
+ if a == b:
+ estimate += AES.block_size
else:
- if estimate == -1:
- estimate = prefix_len
- if estimate != prefix_len:
- return estimate + aes_bs - i
+ if prefix_len == -1:
+ prefix_len = estimate
+ if prefix_len != estimate:
+ return prefix_len + AES.block_size - i
break
return 0
prefix = find_len_of_random_prefix()
-mod = aes_bs - prefix % aes_bs
+mod = AES.block_size - prefix % AES.block_size
buf = aaa = "AAAAAAAAAAAAAAA"
aa = ''.join("A" for i in range(mod))
for i in range(len(encryption_oracle('')) - prefix):
- dict = {encryption_oracle(aa + aaa[i:] + chr(j))[prefix + mod : prefix + mod + aes_bs] : chr(j) for j in range(0xff)}
- cipher = encryption_oracle(aa + buf[i % aes_bs:])
- aaa += dict[cipher[prefix + mod + (aes_bs * (i / aes_bs)) : prefix + mod + (aes_bs * ((i + aes_bs) / aes_bs))]]
+ dict = {encryption_oracle(aa + aaa[i:] + chr(j))[mod + prefix : mod + prefix + AES.block_size] : chr(j) for j in range(0xff)}
+ cipher = encryption_oracle(aa + buf[i % AES.block_size:])
+ aaa += dict[cipher[mod + prefix + (AES.block_size * (i / AES.block_size)) : mod + prefix + (AES.block_size * ((i + AES.block_size) / AES.block_size))]]
-print aaa[aes_bs - 1:]
+print aaa[AES.block_size - 1:]
