diff options
| -rw-r--r-- | .Makefile.common | 2 | ||||
| -rw-r--r-- | lib/lib4.c | 22 | ||||
| -rw-r--r-- | lib/lib4.h | 7 | ||||
| -rw-r--r-- | set4/25.txt | 64 | ||||
| -rw-r--r-- | set4/Makefile | 9 | ||||
| -rw-r--r-- | set4/task25.c | 53 |
6 files changed, 156 insertions, 1 deletions
diff --git a/.Makefile.common b/.Makefile.common index b4c5ab3..a5eee02 100644 --- a/.Makefile.common +++ b/.Makefile.common @@ -1,5 +1,5 @@ ## define variables used in all makefiles -LIB=../lib/lib2.c ../lib/lib.c ../lib/lib3.c +LIB=../lib/lib2.c ../lib/lib.c ../lib/lib3.c ../lib/lib4.c CC=gcc CFLAGS := -g $(CFLAGS) CLIBS=`pkg-config --cflags --libs libcrypto` diff --git a/lib/lib4.c b/lib/lib4.c new file mode 100644 index 0000000..475efe9 --- /dev/null +++ b/lib/lib4.c @@ -0,0 +1,22 @@ +#include "lib4.h" +#include "lib3.h" +#include "lib2.h" +#include "lib.h" +/** + * encrypt always with the same key, same nonce? + * + **/ +int aes_ctr_edit(char *ciphertext, int ciphertext_length, int offset, char *newtext) +{ + // do not allow greater ciphertexts + if((strlen(newtext)+offset) > ciphertext_length) + return 1; + + // insert newtext at offset and reencrpyt + char *plaintext = malloc(ciphertext_length); + aes_ctr(ciphertext, ciphertext_length, plaintext, key, nonce); + memcpy(&plaintext[offset], newtext, strlen(newtext)); + + aes_ctr(plaintext, ciphertext_length, ciphertext, key, nonce); + return 0; +} diff --git a/lib/lib4.h b/lib/lib4.h new file mode 100644 index 0000000..dee52a7 --- /dev/null +++ b/lib/lib4.h @@ -0,0 +1,7 @@ +#ifndef __LIB_4__ +#define __LIB_4__ + + +int aes_ctr_edit(char *ciphertext, int ciphertext_length, int offset, char *newtext); + +#endif diff --git a/set4/25.txt b/set4/25.txt new file mode 100644 index 0000000..c02ff8a --- /dev/null +++ b/set4/25.txt @@ -0,0 +1,64 @@ +CRIwqt4+szDbqkNY+I0qbDe3LQz0wiw0SuxBQtAM5TDdMbjCMD/venUDW9BL +PEXODbk6a48oMbAY6DDZsuLbc0uR9cp9hQ0QQGATyyCESq2NSsvhx5zKlLtz +dsnfK5ED5srKjK7Fz4Q38/ttd+stL/9WnDzlJvAo7WBsjI5YJc2gmAYayNfm +CW2lhZE/ZLG0CBD2aPw0W417QYb4cAIOW92jYRiJ4PTsBBHDe8o4JwqaUac6 +rqdi833kbyAOV/Y2RMbN0oDb9Rq8uRHvbrqQJaJieaswEtMkgUt3P5Ttgeh7 +J+hE6TR0uHot8WzHyAKNbUWHoi/5zcRCUipvVOYLoBZXlNu4qnwoCZRSBgvC +wTdz3Cbsp/P2wXB8tiz6l9rL2bLhBt13Qxyhhu0H0+JKj6soSeX5ZD1Rpilp +9ncR1tHW8+uurQKyXN4xKeGjaKLOejr2xDIw+aWF7GszU4qJhXBnXTIUUNUf +RlwEpS6FZcsMzemQF30ezSJHfpW7DVHzwiLyeiTJRKoVUwo43PXupnJXDmUy +sCa2nQz/iEwyor6kPekLv1csm1Pa2LZmbA9Ujzz8zb/gFXtQqBAN4zA8/wt0 +VfoOsEZwcsaLOWUPtF/Ry3VhlKwXE7gGH/bbShAIKQqMqqUkEucZ3HPHAVp7 +ZCn3Ox6+c5QJ3Uv8V7L7SprofPFN6F+kfDM4zAc59do5twgDoClCbxxG0L19 +TBGHiYP3CygeY1HLMrX6KqypJfFJW5O9wNIF0qfOC2lWFgwayOwq41xdFSCW +0/EBSc7cJw3N06WThrW5LimAOt5L9c7Ik4YIxu0K9JZwAxfcU4ShYu6euYmW +LP98+qvRnIrXkePugS9TSOJOHzKUoOcb1/KYd9NZFHEcp58Df6rXFiz9DSq8 +0rR5Kfs+M+Vuq5Z6zY98/SP0A6URIr9NFu+Cs9/gf+q4TRwsOzRMjMQzJL8f +7TXPEHH2+qEcpDKz/5pE0cvrgHr63XKu4XbzLCOBz0DoFAw3vkuxGwJq4Cpx +kt+eCtxSKUzNtXMn/mbPqPl4NZNJ8yzMqTFSODS4bYTBaN/uQYcOAF3NBYFd +5x9TzIAoW6ai13a8h/s9i5FlVRJDe2cetQhArrIVBquF0L0mUXMWNPFKkaQE +BsxpMCYh7pp7YlyCNode12k5jY1/lc8jQLQJ+EJHdCdM5t3emRzkPgND4a7O +NhoIkUUS2R1oEV1toDj9iDzGVFwOvWyt4GzA9XdxT333JU/n8m+N6hs23MBc +Z086kp9rJGVxZ5f80jRz3ZcjU6zWjR9ucRyjbsuVn1t4EJEm6A7KaHm13m0v +wN/O4KYTiiY3aO3siayjNrrNBpn1OeLv9UUneLSCdxcUqjRvOrdA5NYv25Hb +4wkFCIhC/Y2ze/kNyis6FrXtStcjKC1w9Kg8O25VXB1Fmpu+4nzpbNdJ9LXa +hF7wjOPXN6dixVKpzwTYjEFDSMaMhaTOTCaqJig97624wv79URbCgsyzwaC7 +YXRtbTstbFuEFBee3uW7B3xXw72mymM2BS2uPQ5NIwmacbhta8aCRQEGqIZ0 +78YrrOlZIjar3lbTCo5o6nbbDq9bvilirWG/SgWINuc3pWl5CscRcgQQNp7o +LBgrSkQkv9AjZYcvisnr89TxjoxBO0Y93jgp4T14LnVwWQVx3l3d6S1wlsci +dVeaM24E/JtS8k9XAvgSoKCjyiqsawBMzScXCIRCk6nqX8ZaJU3rZ0LeOMTU +w6MC4dC+aY9SrCvNQub19mBdtJUwOBOqGdfd5IoqQkaL6DfOkmpnsCs5PuLb +GZBVhah5L87IY7r6TB1V7KboXH8PZIYc1zlemMZGU0o7+etxZWHgpdeX6JbJ +Is3ilAzYqw/Hz65no7eUxcDg1aOaxemuPqnYRGhW6PvjZbwAtfQPlofhB0jT +Ht5bRlzF17rn9q/6wzlc1ssp2xmeFzXoxffpELABV6+yj3gfQ/bxIB9NWjdZ +K08RX9rjm9CcBlRQeTZrD67SYQWqRpT5t7zcVDnx1s7ZffLBWm/vXLfPzMaQ +YEJ4EfoduSutjshXvR+VQRPs2TWcF7OsaE4csedKUGFuo9DYfFIHFDNg+1Py +rlWJ0J/X0PduAuCZ+uQSsM/ex/vfXp6Z39ngq4exUXoPtAIqafrDMd8SuAty +EZhyY9V9Lp2qNQDbl6JI39bDz+6pDmjJ2jlnpMCezRK89cG11IqiUWvIPxHj +oiT1guH1uk4sQ2Pc1J4zjJNsZgoJDcPBbfss4kAqUJvQyFbzWshhtVeAv3dm +gwUENIhNK/erjpgw2BIRayzYw001jAIF5c7rYg38o6x3YdAtU3d3QpuwG5xD +fODxzfL3yEKQr48C/KqxI87uGwyg6H5gc2AcLU9JYt5QoDFoC7PFxcE3RVqc +7/Um9Js9X9UyriEjftWt86/tEyG7F9tWGxGNEZo3MOydwX/7jtwoxQE5ybFj +WndqLp8DV3naLQsh/Fz8JnTYHvOR72vuiw/x5D5PFuXV0aSVvmw5Wnb09q/B +owS14WzoHH6ekaWbh78xlypn/L/M+nIIEX1Ol3TaVOqIxvXZ2sjm86xRz0Ed +oHFfupSekdBULCqptxpFpBshZFvauUH8Ez7wA7wjL65GVlZ0f74U7MJVu9Sw +sZdgsLmnsQvr5n2ojNNBEv+qKG2wpUYTmWRaRc5EClUNfhzh8iDdHIsl6edO +ewORRrNiBay1NCzlfz1cj6VlYYQUM9bDEyqrwO400XQNpoFOxo4fxUdd+AHm +CBhHbyCR81/C6LQTG2JQBvjykG4pmoqnYPxDyeiCEG+JFHmP1IL+jggdjWhL +WQatslrWxuESEl3PEsrAkMF7gt0dBLgnWsc1cmzntG1rlXVi/Hs2TAU3RxEm +MSWDFubSivLWSqZj/XfGWwVpP6fsnsfxpY3d3h/fTxDu7U8GddaFRQhJ+0ZO +dx6nRJUW3u6xnhH3mYVRk88EMtpEpKrSIWfXphgDUPZ0f4agRzehkn9vtzCm +NjFnQb0/shnqTh4Mo/8oommbsBTUKPYS7/1oQCi12QABjJDt+LyUan+4iwvC +i0k0IUIHvk21381vC0ixYDZxzY64+xx/RNID+iplgzq9PDZgjc8L7jMg+2+m +rxPS56e71m5E2zufZ4d+nFjIg+dHD/ShNPzVpXizRVUERztLuak8Asah3/yv +wOrH1mKEMMGC1/6qfvZUgFLJH5V0Ep0n2K/Fbs0VljENIN8cjkCKdG8aBnef +EhITdV7CVjXcivQ6efkbOQCfkfcwWpaBFC8tD/zebXFE+JshW16D4EWXMnSm +/9HcGwHvtlAj04rwrZ5tRvAgf1IR83kqqiTvqfENcj7ddCFwtNZrQK7EJhgB +5Tr1tBFcb9InPRtS3KYteYHl3HWR9t8E2YGE8IGrS1sQibxaK/C0kKbqIrKp +npwtoOLsZPNbPw6K2jpko9NeZAx7PYFmamR4D50KtzgELQcaEsi5aCztMg7f +p1mK6ijyMKIRKwNKIYHagRRVLNgQLg/WTKzGVbWwq6kQaQyArwQCUXo4uRty +zGMaKbTG4dns1OFB1g7NCiPb6s1lv0/lHFAF6HwoYV/FPSL/pirxyDSBb/FR +RA3PIfmvGfMUGFVWlyS7+O73l5oIJHxuaJrR4EenzAu4Avpa5d+VuiYbM10a +LaVegVPvFn4pCP4U/Nbbw4OTCFX2HKmWEiVBB0O3J9xwXWpxN1Vr5CDi75Fq +NhxYCjgSJzWOUD34Y1dAfcj57VINmQVEWyc8Tch8vg9MnHGCOfOjRqp0VGyA +S15AVD2QS1V6fhRimJSVyT6QuGb8tKRsl2N+a2Xze36vgMhw7XK7zh//jC2H diff --git a/set4/Makefile b/set4/Makefile new file mode 100644 index 0000000..8b0ffbd --- /dev/null +++ b/set4/Makefile @@ -0,0 +1,9 @@ +include ../.Makefile.common +COBJS=$(shell find . -type f -name "task*.c" | sed "s/\(.*\)\.c/\1.o/g") +TARGETS=$(shell find . -type f -name "task*.c" | sed "s/\(.*\)\.c/\1/g") + +all: $(TARGETS) + +clean: + @echo -e "\tDEL\t$(TARGETS)" + @rm $(TARGETS) diff --git a/set4/task25.c b/set4/task25.c new file mode 100644 index 0000000..7a29bf9 --- /dev/null +++ b/set4/task25.c @@ -0,0 +1,53 @@ +#include "../lib/lib.h" +#include "../lib/lib2.h" +#include "../lib/lib3.h" +#include "../lib/lib4.h" +#include <time.h> + +/** + * Assume same key AND same nonce, this leads to the same keystream + * every time. Than it is easy to discover the keystream with the edit + * function. Simple XOR cihertext agianst out inserted text. + * + * If the nonce change for each edit call, the above won't work. We have for + * every edit a new keystream, that makes it harder. + * + * + **/ + +int main() +{ + generate_random_bytes(key, 16); + generate_random_bytes(nonce, 16); + + char *file_content; + int file_length = read_base64_file("25.txt", &file_content); + char *base64_decoded = malloc(file_length); + + int base64_decoded_length = decode_base64(file_content, base64_decoded); + // the file ist AES-ECB encrypted + char *plain_tmp = malloc(base64_decoded_length); + aes_ecb(base64_decoded, base64_decoded_length, plain_tmp, "YELLOW SUBMARINE", + 16, 0); + char *ciphertext = malloc(base64_decoded_length); + + aes_ctr(plain_tmp, base64_decoded_length, ciphertext, key, nonce); + + // start the attack + // recover 4-byte-keystream in each iteration + char *org_ciphertext = malloc(base64_decoded_length); + memcpy(org_ciphertext, ciphertext, base64_decoded_length); + int i, j; + char keystream[16]; + char *plaintext = malloc(base64_decoded_length); + char newtext[16] = "ABABABABABABABAB"; + for(i=0;i<(base64_decoded_length/16);i++) { + aes_ctr_edit(ciphertext, base64_decoded_length, (i*16), newtext); + for(j=0;j<16;j++) { + keystream[j] = newtext[j] ^ ciphertext[i*16+j]; + plaintext[i*16+j] = keystream[j] ^ org_ciphertext[i*16+j]; + } + } + + printf("Recovered plaintext: %s\n", plaintext); +} |