From 5facaf23f3521eb24093daf232480cf930f0e7aa Mon Sep 17 00:00:00 2001 From: Bill Buchanan Date: Thu, 3 Feb 2022 18:20:53 +0000 Subject: [PATCH 1/6] Update possible_ans.md --- unit02_symmetric/lab/possible_ans.md | 41 ++++++++++++++++------------ 1 file changed, 24 insertions(+), 17 deletions(-) diff --git a/unit02_symmetric/lab/possible_ans.md b/unit02_symmetric/lab/possible_ans.md index b91d43b..3509666 100644 --- a/unit02_symmetric/lab/possible_ans.md +++ b/unit02_symmetric/lab/possible_ans.md @@ -57,29 +57,36 @@ plaintext = decrypt(ciphertext,key,modes.ECB()) plaintext = unpad(plaintext) print(" decrypt: ",plaintext.decode()) - ``` A sample is [here](https://replit.com/@billbuchanan/des2#main.py). A sample run is: ``` -napier@napier-virtual-machine:~$ python d1.py hello hello123 -After padding (CMS): 68656c6c6f0b0b0b0b0b0b0b0b0b0b0b -Cipher (ECB): 0a7ec77951291795bac6690c9e7f4c0d - decrypt: hello -napier@napier-virtual-machine:~$ python d1.py inkwell orange -After padding (CMS): 696e6b77656c6c090909090909090909 -Cipher (ECB): 484299ceec1ad83b1ce848b0a9733c8d - decrypt: inkwell -napier@napier-virtual-machine:~$ python d1.py security qwerty -After padding (CMS): 73656375726974790808080808080808 -Cipher (ECB): 6be35165e2c9a624de4f401692fe7161 - decrypt: security -napier@napier-virtual-machine:~$ python d1.py Africa changme -After padding (CMS): 4166726963610a0a0a0a0a0a0a0a0a0a -Cipher (ECB): ab453ac52cd3b1a61b35d6e85e4568f8 - decrypt: Africa +$ python d1.py hello hello123 +Before padding: hello +Passphrase: hello123 +After padding (CMS): b'68656c6c6f030303' +Cipher (ECB): b'4cd924baf0c9ac60' + decrypt: hello +$ python padding_des2.py inkwell orange +Before padding: inkwell +Passphrase: orange +After padding (CMS): b'696e6b77656c6c01' +Cipher (ECB): b'9e0971175e4dfd5a' + decrypt: inkwell +$ python d1.py security qwerty +Before padding: security +Passphrase: qwerty +After padding (CMS): b'73656375726974790808080808080808' +Cipher (ECB): b'c043b5bba3191fd888223899ba2bcbea' + decrypt: security +$ python d1.py Africa changme +Before padding: Africa +Passphrase: changeme +After padding (CMS): b'4166726963610202' +Cipher (ECB): b'b2a350deec0b0718' + decrypt: Africa ``` From 0acac1f267d1057f4e23ac0a50091bf05eee79d0 Mon Sep 17 00:00:00 2001 From: Bill Buchanan Date: Thu, 3 Feb 2022 18:25:43 +0000 Subject: [PATCH 2/6] Update possible_ans.md --- unit02_symmetric/lab/possible_ans.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/unit02_symmetric/lab/possible_ans.md b/unit02_symmetric/lab/possible_ans.md index 3509666..215c61a 100644 --- a/unit02_symmetric/lab/possible_ans.md +++ b/unit02_symmetric/lab/possible_ans.md @@ -1,4 +1,4 @@ - +## A.1 From 08521e41c9c77a8b0ad76d9b6478a587b3bcffca Mon Sep 17 00:00:00 2001 From: Bill Buchanan Date: Thu, 3 Feb 2022 18:55:22 +0000 Subject: [PATCH 3/6] Update possible_ans.md --- unit02_symmetric/lab/possible_ans.md | 61 ++++++++++++++++++---------- 1 file changed, 39 insertions(+), 22 deletions(-) diff --git a/unit02_symmetric/lab/possible_ans.md b/unit02_symmetric/lab/possible_ans.md index 215c61a..734c8ee 100644 --- a/unit02_symmetric/lab/possible_ans.md +++ b/unit02_symmetric/lab/possible_ans.md @@ -1,4 +1,10 @@ ## A.1 +openssl list-cipher-commands +openssl version +openssl prime –hex 1111 +openssl enc -aes-256-cbc -in myfile.txt -out encrypted.bin +openssl enc -aes-256-cbc -in myfile.txt -out encrypted.bin –base64 +openssl enc -d -aes-256-cbc -in encrypted.bin -pass pass:napier -base64 @@ -96,43 +102,54 @@ Answer: * /vA6BD+ZXu8j6KrTHi1Y+w== - italy ```python -ffrom Crypto.Cipher import AES +from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes +from cryptography.hazmat.primitives import padding +from cryptography.hazmat.backends import default_backend + import hashlib -import sys import binascii -import Padding import base64 -val='fox' password='hello' -cipher='' -import sys - -if (len(sys.argv)>1): - cipher=(sys.argv[1]) -if (len(sys.argv)>2): - password=(sys.argv[2]) - -plaintext=val def encrypt(plaintext,key, mode): - encobj = AES.new(key,mode) - return(encobj.encrypt(plaintext)) + method=algorithms.AES(key) + cipher = Cipher(method,mode, default_backend()) + encryptor = cipher.encryptor() + ct = encryptor.update(plaintext) + encryptor.finalize() + return(ct) def decrypt(ciphertext,key, mode): - encobj = AES.new(key,mode) - return(encobj.decrypt(ciphertext)) + method=algorithms.AES(key) + cipher = Cipher(method, mode, default_backend()) + decryptor = cipher.decryptor() + pl = decryptor.update(ciphertext) + decryptor.finalize() + return(pl) + +def pad(data,size=128): + padder = padding.PKCS7(size).padder() + padded_data = padder.update(data) + padded_data += padder.finalize() + return(padded_data) + +def unpad(data,size=128): + padder = padding.PKCS7(size).unpadder() + unpadded_data = padder.update(data) + unpadded_data += padder.finalize() + return(unpadded_data) key = hashlib.sha256(password.encode()).digest() -cipher='/vA6BD+ZXu8j6KrTHi1Y+w==' +cipher='/vA6BD+ZXu8j6KrTHi1Y+w==' ciphertext = base64.b64decode(cipher) -plaintext = decrypt(ciphertext,key,AES.MODE_ECB) -print (plaintext) -plaintext = Padding.removePadding(plaintext.decode(),blocksize=Padding.AES_blocksize,mode='CMS') -print (" decrypt: "+plaintext) +print("Cipher (ECB): ",binascii.hexlify(bytearray(ciphertext))) + +plaintext = decrypt(ciphertext,key,modes.ECB()) + +plaintext = unpad(plaintext) +print(" decrypt: ",plaintext.decode()) ``` A sample is [here](https://repl.it/@billbuchanan/ch02ans05#main.py). From 9bc6da58185f36ef66b60e3cb5262650b5dc9898 Mon Sep 17 00:00:00 2001 From: Bill Buchanan Date: Thu, 3 Feb 2022 19:04:25 +0000 Subject: [PATCH 4/6] Update possible_ans.md --- unit02_symmetric/lab/possible_ans.md | 173 ++++++++++++++++----------- 1 file changed, 102 insertions(+), 71 deletions(-) diff --git a/unit02_symmetric/lab/possible_ans.md b/unit02_symmetric/lab/possible_ans.md index 734c8ee..c824a13 100644 --- a/unit02_symmetric/lab/possible_ans.md +++ b/unit02_symmetric/lab/possible_ans.md @@ -1,11 +1,71 @@ ## A.1 openssl list-cipher-commands + openssl version + openssl prime –hex 1111 + openssl enc -aes-256-cbc -in myfile.txt -out encrypted.bin + openssl enc -aes-256-cbc -in myfile.txt -out encrypted.bin –base64 + openssl enc -d -aes-256-cbc -in encrypted.bin -pass pass:napier -base64 +## D1 +```python +from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes +from cryptography.hazmat.primitives import padding + +import hashlib +import sys +import binascii + +val='hello' +password='hello' + +plaintext=val + +def encrypt(plaintext,key, mode): + method=algorithms.AES(key) + cipher = Cipher(method, mode) + encryptor = cipher.encryptor() + ct = encryptor.update(plaintext) + encryptor.finalize() + return(ct) + +def decrypt(ciphertext,key, mode): + method=algorithms.AES(key) + cipher = Cipher(method, mode) + decryptor = cipher.decryptor() + pl = decryptor.update(ciphertext) + decryptor.finalize() + return(pl) + +def pad(data,size=128): + padder = padding.PKCS7(size).padder() + padded_data = padder.update(data) + padded_data += padder.finalize() + return(padded_data) + +def unpad(data,size=128): + padder = padding.PKCS7(size).unpadder() + unpadded_data = padder.update(data) + unpadded_data += padder.finalize() + return(unpadded_data) + +key = hashlib.sha256(password.encode()).digest() + +plaintext=pad(plaintext.encode()) + +print("After padding (CMS): ",binascii.hexlify(bytearray(plaintext))) + +ciphertext = encrypt(plaintext,key,modes.ECB()) +print("Cipher (ECB): ",binascii.hexlify(bytearray(ciphertext))) + +plaintext = decrypt(ciphertext,key,modes.ECB()) + +plaintext = unpad(plaintext) +print(" decrypt: ",plaintext.decode()) + +``` ## D2 @@ -97,61 +157,7 @@ Cipher (ECB): b'b2a350deec0b0718' -## D.3 -Answer: -* /vA6BD+ZXu8j6KrTHi1Y+w== - italy -```python -from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes -from cryptography.hazmat.primitives import padding -from cryptography.hazmat.backends import default_backend - -import hashlib -import binascii -import base64 - -password='hello' - - -def encrypt(plaintext,key, mode): - method=algorithms.AES(key) - cipher = Cipher(method,mode, default_backend()) - encryptor = cipher.encryptor() - ct = encryptor.update(plaintext) + encryptor.finalize() - return(ct) - -def decrypt(ciphertext,key, mode): - method=algorithms.AES(key) - cipher = Cipher(method, mode, default_backend()) - decryptor = cipher.decryptor() - pl = decryptor.update(ciphertext) + decryptor.finalize() - return(pl) - -def pad(data,size=128): - padder = padding.PKCS7(size).padder() - padded_data = padder.update(data) - padded_data += padder.finalize() - return(padded_data) - -def unpad(data,size=128): - padder = padding.PKCS7(size).unpadder() - unpadded_data = padder.update(data) - unpadded_data += padder.finalize() - return(unpadded_data) - -key = hashlib.sha256(password.encode()).digest() - - -cipher='/vA6BD+ZXu8j6KrTHi1Y+w==' -ciphertext = base64.b64decode(cipher) -print("Cipher (ECB): ",binascii.hexlify(bytearray(ciphertext))) - -plaintext = decrypt(ciphertext,key,modes.ECB()) - -plaintext = unpad(plaintext) -print(" decrypt: ",plaintext.decode()) -``` -A sample is [here](https://repl.it/@billbuchanan/ch02ans05#main.py). ## E.1 Answers: @@ -268,35 +274,60 @@ A sample is [here](https://repl.it/@billbuchanan/ch02ans07#main.py). ## E.3 In this case we will convert from Base-64 into a byte array and then try to decrypt: +Answer: +* /vA6BD+ZXu8j6KrTHi1Y+w== - italy + ```python -from Crypto.Cipher import AES +from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes +from cryptography.hazmat.primitives import padding +from cryptography.hazmat.backends import default_backend + import hashlib -import sys import binascii -import Padding import base64 +password='hello' + + +def encrypt(plaintext,key, mode): + method=algorithms.AES(key) + cipher = Cipher(method,mode, default_backend()) + encryptor = cipher.encryptor() + ct = encryptor.update(plaintext) + encryptor.finalize() + return(ct) + def decrypt(ciphertext,key, mode): - encobj = AES.new(key,mode) - return(encobj.decrypt(ciphertext)) + method=algorithms.AES(key) + cipher = Cipher(method, mode, default_backend()) + decryptor = cipher.decryptor() + pl = decryptor.update(ciphertext) + decryptor.finalize() + return(pl) -password = "hello" - -c='1jDmCTD1IfbXbyyHgAyrdg==' -ciphertext = base64.b64decode(c) -print ("Cipher (ECB): ",binascii.hexlify(ciphertext)) +def pad(data,size=128): + padder = padding.PKCS7(size).padder() + padded_data = padder.update(data) + padded_data += padder.finalize() + return(padded_data) +def unpad(data,size=128): + padder = padding.PKCS7(size).unpadder() + unpadded_data = padder.update(data) + unpadded_data += padder.finalize() + return(unpadded_data) key = hashlib.sha256(password.encode()).digest() -plaintext = decrypt(ciphertext,key,AES.MODE_ECB) - -plaintext = Padding.removePadding(plaintext.decode(),blocksize=Padding.AES_blocksize,mode='CMS') -print (" decrypt: ",plaintext) -print (" Key found: ",password) -``` -A sample is [here](https://repl.it/@billbuchanan/ch02sample01#main.py). +cipher='/vA6BD+ZXu8j6KrTHi1Y+w==' +ciphertext = base64.b64decode(cipher) +print("Cipher (ECB): ",binascii.hexlify(bytearray(ciphertext))) + +plaintext = decrypt(ciphertext,key,modes.ECB()) + +plaintext = unpad(plaintext) +print(" decrypt: ",plaintext.decode()) +``` +A sample is [here](https://repl.it/@billbuchanan/ch02ans05#main.py). ## F.1 Plaintext: norway From 7c74ad6c260fdc569d9e8a15fa03a24526ef7e8a Mon Sep 17 00:00:00 2001 From: Bill Buchanan Date: Thu, 3 Feb 2022 19:14:53 +0000 Subject: [PATCH 5/6] Update possible_ans.md --- unit02_symmetric/lab/possible_ans.md | 67 +++++++++++++++++++++------- 1 file changed, 50 insertions(+), 17 deletions(-) diff --git a/unit02_symmetric/lab/possible_ans.md b/unit02_symmetric/lab/possible_ans.md index c824a13..996e72a 100644 --- a/unit02_symmetric/lab/possible_ans.md +++ b/unit02_symmetric/lab/possible_ans.md @@ -237,39 +237,72 @@ Answers: DES uses a 64-bit key, of which we have use 56 bits for the actual key. We thus need to truncate our SHA-256 generated key, down to a 64-bit key. We can do that in Python with [:8]. A possible solution for E.2: ```python -from Crypto.Cipher import DES +from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes +from cryptography.hazmat.primitives import padding +from cryptography.hazmat.backends import default_backend +import sys import hashlib -import sys import binascii -import Padding -val='fox' +val='hello' password='hello' -cipher='' -import sys +plaintext=val def encrypt(plaintext,key, mode): - encobj = DES.new(key,mode) - return(encobj.encrypt(plaintext)) + method=algorithms.TripleDES(key) + cipher = Cipher(method,mode, default_backend()) + encryptor = cipher.encryptor() + ct = encryptor.update(plaintext) + encryptor.finalize() + return(ct) def decrypt(ciphertext,key, mode): - encobj = DES.new(key,mode) - return(encobj.decrypt(ciphertext)) + method=algorithms.TripleDES(key) + cipher = Cipher(method, mode, default_backend()) + decryptor = cipher.decryptor() + pl = decryptor.update(ciphertext) + decryptor.finalize() + return(pl) -key = hashlib.sha256(password.encode()).digest() +def pad(data,size=64): + padder = padding.PKCS7(size).padder() + padded_data = padder.update(data) + padded_data += padder.finalize() + return(padded_data) + +def unpad(data,size=64): + padder = padding.PKCS7(size).unpadder() + unpadded_data = padder.update(data) + unpadded_data += padder.finalize() + return(unpadded_data) -ciphertext=binascii.unhexlify("f37ee42f2267458d") -plaintext = decrypt(ciphertext,key[:8],DES.MODE_ECB) -print (plaintext) +if (len(sys.argv)>1): + plaintext=str(sys.argv[1]) +if (len(sys.argv)>2): + password=str(sys.argv[2]) + -plaintext = Padding.removePadding(plaintext.decode(),blocksize=Padding.AES_blocksize,mode='CMS') -print (" decrypt: "+plaintext) + +print("Before padding: ",plaintext) +print("Passphrase: ",password) + +key = hashlib.sha256(password.encode()).digest()[:16] + + + +plaintext=pad(plaintext.encode()) + +ciphertext=binascii.unhexlify("0b8bd1e345e7bbf0") +print("Cipher (ECB): ",binascii.hexlify(bytearray(ciphertext))) + +plaintext = decrypt(ciphertext,key,modes.ECB()) + +plaintext = unpad(plaintext) +print(" decrypt: ",plaintext.decode()) ``` -A sample is [here](https://repl.it/@billbuchanan/ch02ans07#main.py). +A sample is [here](https://replit.com/@billbuchanan/desdec#main.py). ## E.3 In this case we will convert from Base-64 into a byte array and then try to decrypt: From c475679b9d1ea14ae1dc76d45706358bd168fa60 Mon Sep 17 00:00:00 2001 From: Bill Buchanan Date: Thu, 3 Feb 2022 19:23:41 +0000 Subject: [PATCH 6/6] Update possible_ans.md --- unit02_symmetric/lab/possible_ans.md | 36 +++++++++++++++++++--------- 1 file changed, 25 insertions(+), 11 deletions(-) diff --git a/unit02_symmetric/lab/possible_ans.md b/unit02_symmetric/lab/possible_ans.md index 996e72a..664ebad 100644 --- a/unit02_symmetric/lab/possible_ans.md +++ b/unit02_symmetric/lab/possible_ans.md @@ -370,18 +370,33 @@ Key: changeme A sample code is: ```python -from Crypto.Cipher import AES +from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes +from cryptography.hazmat.primitives import padding +from cryptography.hazmat.backends import default_backend + import hashlib -import sys -import binascii -import Padding import base64 +import binascii + +password='hello' +cipher='b436bd84d16db330359edebf49725c62' +pw = ["hello","ankle","changeme","123456"] + def decrypt(ciphertext,key, mode): - encobj = AES.new(key,mode) - return(encobj.decrypt(ciphertext)) + method=algorithms.AES(key) + cipher = Cipher(method, mode, default_backend()) + decryptor = cipher.decryptor() + pl = decryptor.update(ciphertext) + decryptor.finalize() + return(pl) + + +def unpad(data,size=128): + padder = padding.PKCS7(size).unpadder() + unpadded_data = padder.update(data) + unpadded_data += padder.finalize() + return(unpadded_data) -pw = ["hello","ankle","changeme","123456"] c='1jDmCTD1IfbXbyyHgAyrdg==' ciphertext = base64.b64decode(c) @@ -392,16 +407,15 @@ for password in pw: try: key = hashlib.sha256(password.encode()).digest() - - plaintext = decrypt(ciphertext,key,AES.MODE_ECB) + plaintext = decrypt(ciphertext,key,modes.ECB()) - plaintext = Padding.removePadding(plaintext.decode(),blocksize=Padding.AES_blocksize,mode='CMS') + plaintext = unpad(plaintext) print (" decrypt: ",plaintext) print (" Key found: ",password) except: print(".") ``` -A sample is [here](https://repl.it/@billbuchanan/ch02ans08#main.py). +A sample is [here](https://replit.com/@billbuchanan/aescrack01#main.py). ## G.1 Answers: