This repository contains my naive solutions to the Cryptopals Challenges written in Node.js.
I used (and slightly modified) following implementations of SHA1 and MD4 for challenges 29 and 30:
Challenge |
Status |
Notes |
1. Convert hex to base64 |
✅ |
|
2. Fixed XOR |
✅ |
|
3. Single-byte XOR cipher |
✅ |
|
4. Detect single-character XOR |
✅ |
|
5. Implement repeating-key XOR |
✅ |
|
6. Break repeating-key XOR |
✅ |
|
7. AES in ECB mode |
✅ |
|
8. Detect AES in ECB mode |
✅ |
|
Challenge |
Status |
Notes |
9. Implement PKCS#7 padding |
✅ |
|
10. Implement CBC mode |
✅ |
|
11. An ECB/CBC detection oracle |
✅ |
|
12. Byte-at-a-time ECB decryption (Simple) |
✅ |
|
13. ECB cut-and-paste |
✅ |
|
14. Byte-at-a-time ECB decryption (Harder) |
✅ |
|
15. PKCS#7 padding validation |
✅ |
|
16. CBC bitflipping attacks |
✅ |
|
Set 3 - Block & stream crypto
Challenge |
Status |
Notes |
17. The CBC padding oracle |
✅ |
|
18. Implement CTR, the stream cipher mode |
✅ |
|
19. Break fixed-nonce CTR mode using substitutions |
✅ |
|
20. Break fixed-nonce CTR statistically |
✅ |
|
21. Implement the MT19937 Mersenne Twister RNG |
✅ |
|
22. Crack an MT19937 seed |
✅ |
|
23. Clone an MT19937 RNG from its output |
✅ |
|
24. Create the MT19937 stream cipher and break it |
✅ |
|
Set 4 - Stream crypto and randomness
Challenge |
Status |
Notes |
25. Break 'random access read/write' AES CTR |
✅ |
|
26. CTR bitflipping |
✅ |
|
27. Recover the key from CBC with IV=Key |
✅ |
|
28. Implement a SHA-1 keyed MAC |
✅ |
|
29. Break a SHA-1 keyed MAC using length extension |
✅ |
|
30. Break an MD4 keyed MAC using length extension |
✅ |
|
31. Implement and break HMAC-SHA1 with an artificial timing leak |
✅ |
|
32. Break HMAC-SHA1 with a slightly less artificial timing leak |
✅ |
too slow? |
Set 5 - Diffie-Hellman and friends
Challenge |
Status |
Notes |
33. Implement Diffie-Hellman |
✅ |
|
34. Implement a MITM key-fixing attack on Diffie-Hellman with parameter injection |
✅ |
|
35. Implement DH with negotiated groups, and break with malicious 'g' parameters |
✅ |
|
36. Implement Secure Remote Password (SRP) |
✅ |
|
37. Break SRP with a zero key |
✅ |
|
38. Offline dictionary attack on simplified SRP |
✅ |
|
39. Implement RSA |
✅ |
|
40. Implement an E=3 RSA Broadcast attack |
✅ |
|
Challenge |
Status |
Notes |
41. Implement unpadded message recovery oracle |
✅ |
|
42. Bleichenbacher's e=3 RSA Attack |
✅ |
|
43. DSA key recovery from nonce |
✅ |
|
44. DSA nonce recovery from repeated nonce |
✅ |
|
45. DSA parameter tampering |
✅ |
|
46. RSA parity oracle |
✅ |
|
47. Bleichenbacher's PKCS 1.5 Padding Oracle (Simple Case) |
✅ |
|
48. Bleichenbacher's PKCS 1.5 Padding Oracle (Complete Case) |
✅ |
|
Challenge |
Status |
Notes |
49. CBC-MAC Message Forgery |
✅ |
|
50. Hashing with CBC-MAC |
✅ |
|
51. Compression Ratio Side-Channel Attacks |
✅ |
|
52. Iterated Hash Function Multicollisions |
✅ |
|
53. Kelsey and Schneier's Expandable Messages |
✅ |
|
54. Kelsey and Kohno's Nostradamus Attack |
✅ |
|
55. MD4 Collisions |
✅ |
|
56. RC4 Single-Byte Biases |
✅ |
|