API tools faq
paste
msmouse

Untitled

msmouse
May 26th, 2020
59
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 14.67 KB | None | 0 0
raw download clone embed print report
  1. Note: the correct guesses calculation is not right for some reason
  2. """
  3. An ECB/CBC detection oracle
  4. Now that you have ECB and CBC working:
  5.  
  6. Write a function to generate a random AES key; that's just 16 random bytes.
  7.  
  8. Write a function that encrypts data under an unknown key --- that is, a function that generates a random key and encrypts under it.
  9.  
  10. The function should look like:
  11.  
  12. encryption_oracle(your-input)
  13. => [MEANINGLESS JIBBER JABBER]
  14. Under the hood, have the function append 5-10 bytes (count chosen randomly) before the plaintext and 5-10 bytes after the plaintext.
  15.  
  16. Now, have the function choose to encrypt under ECB 1/2 the time, and under CBC the other half (just use random IVs each time for CBC). Use rand(2) to decide which to use.
  17.  
  18. Detect the block cipher mode the function is using each time. You should end up with a piece of code that, pointed at a block box that might be encrypting ECB or CBC, tells you which one is happening.
  19.  
  20. """
  21.  
  22. [mouse@apiary set2]$ ./challenge11.py
  23. Trying 1000 test using string "Hi, I'm new here. a b c d e f g hs ksadjfkjask ajfiosdjfkjakjfsdijfisjfkasjfkljklfja kjsdfkja ".
  24. ////////////////////////////////////////
  25. CBC Statistics:
  26. 510 lines processed
  27. MIN V,D 425,0
  28. MAX V,D 529,0
  29. Mean V,D: 473, 0
  30. Variance: 1024, 0
  31. Standard deviation: 32, 0
  32. V: Correct guesses: 510 100%
  33. D: Correct guesses: 510 100%
  34. ////////////////////////////////////////
  35. ECB Statistics:
  36. 490 lines processed
  37. MIN V,D 356,0
  38. MAX V,D 471,0
  39. Mean V,D: 413, 0
  40. Variance: 1074, 0
  41. Standard deviation: 32, 0
  42. V: Correct guesses: 227 46%
  43. D: Correct guesses: 490 100%
  44. Trying 1000 test using string "Even out settle scores quick Our disaster recovery requires even more disks Put your bytes up, prove it or you forfeit Got my C64 and we blew it into orbit".
  45. ////////////////////////////////////////
  46. CBC Statistics:
  47. 500 lines processed
  48. MIN V,D 683,0
  49. MAX V,D 721,0
  50. Mean V,D: 704, 0
  51. Variance: 50, 0
  52. Standard deviation: 7, 0
  53. V: Correct guesses: 500 100%
  54. D: Correct guesses: 500 100%
  55. ////////////////////////////////////////
  56. ECB Statistics:
  57. 500 lines processed
  58. MIN V,D 617,0
  59. MAX V,D 659,0
  60. Mean V,D: 639, 0
  61. Variance: 55, 0
  62. Standard deviation: 7, 0
  63. V: Correct guesses: 500 100%
  64. D: Correct guesses: 500 100%
  65. Trying 1000 test using string "M. Bison with eight straight perfects Overvolt emotions make hate break circuits In case you heard, it's a named fake service Optimize our runtime to escape verdicts".
  66. ////////////////////////////////////////
  67. CBC Statistics:
  68. 502 lines processed
  69. MIN V,D 691,0
  70. MAX V,D 789,0
  71. Mean V,D: 765, 0
  72. Variance: 185, 0
  73. Standard deviation: 13, 0
  74. V: Correct guesses: 502 100%
  75. D: Correct guesses: 502 100%
  76. ////////////////////////////////////////
  77. ECB Statistics:
  78. 498 lines processed
  79. MIN V,D 620,0
  80. MAX V,D 720,0
  81. Mean V,D: 702, 0
  82. Variance: 152, 0
  83. Standard deviation: 12, 0
  84. V: Correct guesses: 498 100%
  85. D: Correct guesses: 498 100%
  86. Trying 1000 test using string "Got an integer scope flow That they can't sign Passing code, didn't sanitize Command lines; land mine".
  87. ////////////////////////////////////////
  88. CBC Statistics:
  89. 485 lines processed
  90. MIN V,D 431,0
  91. MAX V,D 533,0
  92. Mean V,D: 509, 0
  93. Variance: 172, 0
  94. Standard deviation: 13, 0
  95. V: Correct guesses: 485 100%
  96. D: Correct guesses: 485 100%
  97. ////////////////////////////////////////
  98. ECB Statistics:
  99. 515 lines processed
  100. MIN V,D 372,0
  101. MAX V,D 470,0
  102. Mean V,D: 446, 0
  103. Variance: 142, 0
  104. Standard deviation: 11, 0
  105. V: Correct guesses: 503 97%
  106. D: Correct guesses: 515 100%
  107. Trying 1000 test using string "fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff".
  108. ////////////////////////////////////////
  109. CBC Statistics:
  110. 520 lines processed
  111. MIN V,D 424,0
  112. MAX V,D 466,0
  113. Mean V,D: 447, 0
  114. Variance: 56, 0
  115. Standard deviation: 7, 0
  116. V: Correct guesses: 520 100%
  117. D: Correct guesses: 520 100%
  118. ////////////////////////////////////////
  119. ECB Statistics:
  120. 480 lines processed
  121. MIN V,D 168,12
  122. MAX V,D 297,20
  123. Mean V,D: 226, 17
  124. Variance: 1343, 14
  125. Standard deviation: 36, 3
  126. V: Correct guesses: 0 0%
  127. D: Correct guesses: 0 0%
  128. Trying 1000 test using string "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa".
  129. ////////////////////////////////////////
  130. CBC Statistics:
  131. 489 lines processed
  132. MIN V,D 423,0
  133. MAX V,D 467,0
  134. Mean V,D: 448, 0
  135. Variance: 56, 0
  136. Standard deviation: 7, 0
  137. V: Correct guesses: 489 100%
  138. D: Correct guesses: 489 100%
  139. ////////////////////////////////////////
  140. ECB Statistics:
  141. 511 lines processed
  142. MIN V,D 170,12
  143. MAX V,D 302,20
  144. Mean V,D: 226, 17
  145. Variance: 1340, 14
  146. Standard deviation: 36, 3
  147. V: Correct guesses: 0 0%
  148. D: Correct guesses: 0 0%
  149. Trying 1000 test using string "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa".
  150. ////////////////////////////////////////
  151. CBC Statistics:
  152. 480 lines processed
  153. MIN V,D 423,0
  154. MAX V,D 466,0
  155. Mean V,D: 447, 0
  156. Variance: 50, 0
  157. Standard deviation: 7, 0
  158. V: Correct guesses: 480 100%
  159. D: Correct guesses: 480 100%
  160. ////////////////////////////////////////
  161. ECB Statistics:
  162. 520 lines processed
  163. MIN V,D 313,2
  164. MAX V,D 387,8
  165. Mean V,D: 350, 3
  166. Variance: 133, 0
  167. Standard deviation: 11, 0
  168. V: Correct guesses: 0 0%
  169. D: Correct guesses: 0 0%
  170. ////////////////////////////////////////
  171. About the tests:
  172. V test: Value is the hamming distance for every
  173. block vs every block, divided by the count of blocks
  174. (including the block vs itsself
  175. V Threshhold: if V > 405 than guess CBC
  176. D test: raw count of the duplicate blocks
  177. D Threshhold: if D < 1 than guess CBC
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!