1 files changed, 53 insertions, 0 deletions

diff --git a/set4/task25.c b/set4/task25.c
new file mode 100644
index 0000000..7a29bf9
--- /dev/null
+++ b/set4/task25.c
@@ -0,0 +1,53 @@
+#include "../lib/lib.h"
+#include "../lib/lib2.h"
+#include "../lib/lib3.h"
+#include "../lib/lib4.h"
+#include <time.h>
+
+/**
+  * Assume same key AND same nonce, this leads to the same keystream
+  * every time. Than it is easy to discover the keystream with the edit
+  * function. Simple XOR cihertext agianst out inserted text.
+  *
+  * If the nonce change for each edit call, the above won't work. We have for
+  * every edit a new keystream, that makes it harder. 
+  * 
+  *
+  **/
+
+int main()
+{
+	generate_random_bytes(key, 16);
+	generate_random_bytes(nonce, 16);
+
+	char *file_content;
+	int file_length = read_base64_file("25.txt", &file_content);
+	char *base64_decoded = malloc(file_length);
+	
+	int base64_decoded_length = decode_base64(file_content, base64_decoded);
+	// the file ist AES-ECB encrypted
+	char *plain_tmp = malloc(base64_decoded_length);
+	aes_ecb(base64_decoded, base64_decoded_length, plain_tmp, "YELLOW SUBMARINE",
+			16, 0);
+	char *ciphertext = malloc(base64_decoded_length);
+
+	aes_ctr(plain_tmp, base64_decoded_length, ciphertext, key, nonce);
+
+	// start the attack
+	// recover 4-byte-keystream in each iteration
+	char *org_ciphertext = malloc(base64_decoded_length);
+	memcpy(org_ciphertext, ciphertext, base64_decoded_length);
+	int i, j;
+	char keystream[16];
+	char *plaintext = malloc(base64_decoded_length);
+	char newtext[16] = "ABABABABABABABAB";
+	for(i=0;i<(base64_decoded_length/16);i++) {
+		aes_ctr_edit(ciphertext, base64_decoded_length, (i*16), newtext);
+		for(j=0;j<16;j++) {
+			keystream[j] = newtext[j] ^ ciphertext[i*16+j];
+			plaintext[i*16+j] = keystream[j] ^ org_ciphertext[i*16+j];
+		}
+	}
+
+	printf("Recovered plaintext: %s\n", plaintext);
+}