An implementation of basic ciphers, authentication codes and common attacks.
Implementing a block cipher in both CBC(Chained block cipher) and CTR(counter) mode using AES in ECB(Electronic codebook) mode. CBC MODE
Since CTR mode is not chained it can be parallelised and it uses the pathos.multiprocessing library of python to distribute each block to a different core. Encyption and decryption of a 3.9MB file takes 6.5 seconds, I found that parallelisation did not offer significant improvement in speed as the majority of the time is spent in copying the large text rather than the encryption part.
To authenticate a streamed video against tampering, a SHA256 hash is computed on it. To allow live playing of the video it is broken into chunks and a chained hash is calculated as shown:
Attack on a one time pad when the same stream cipher key is used more than once to encrypt text The attack leverages patterns in the ASCII representation of text to completely decrypt the target ciphertext when given 10 ciphertexts encrypted with the same OTP. In particular we consider what happens when a space character gets xored with a alphabet - It inverts the case of the character. Then by xor'ing the target ciphertext with each of the given ciphertexts we can determine the character present at each position.
The dummy website contains encrypted customer data in its url and uses a chained block cipher for encryption. When the padding for the decrypted CBC ciphertext is invalid it returns a HTTP 403 error(forbidden request). However if the padding is valid but the decrypted message is invalid it returns a HTTP 404 error(URL not found).
Using only this information the padding oracle is able to completely decrypt the ciphertext in at most requests to the server The implementation used a few tricks to speedup the attack such as :
- Use the multiprocessing library in python to speedup the attack by parallelising it across all cores of the CPU
- Each block of the text is assigned to a different core
- Instead of checking all ASCII characters in order it uses a frequency table to check in order of occurence frequency
On a 8 core processor the attack takes 372 seconds for 3 blocks of AES-128 ciphertext
Given a large prime p of size 500 bits , a generator g, h from the group such that where
We need to find the exponent x. The brute force algorithm takes Using a meet in the middle method by maintaining a hash table we can reduce this to i.e by writing the exponent x as where
We hash values of the LHS and check the RHS for each value. After optimizations the attack completes in 1.5 seconds using gmpy2 library in python
Various attacks on RSA when various conditions for choosing primes are relaxed Let N be the RSA modulus where N=pq for large primes p,q
We can find p,q in constant time
We can find p,q in constant time
A basic implementation of the caesar cipher for encryption
A brute force frequency attack to show the weakness of caesar cipher.
Compares the frequency of all possible decryption with the expected frequency of the english alphabet and chooses the one with minimum L1 distance.
An implementation of Simples DES