/CryptoAttacks

Implementation of attacks on cryptosystems

Primary LanguagePythonMIT LicenseMIT

Cryptography attacks

Requirements:

  • Python 2.7 or 3.7
  • future
  • pycrypto
  • gmpy2
  • BeautifulSoup4
  • requests
  • termcolor

Installation:

git clone https://github.com/GrosQuildu/CryptoAttacks
cd CryptoAttacks
python ./setup.py install

Attacks:

(* means Sage script)

  • Classic
  • Block
    • CBC
      • Bit flipping
      • Padding oracle
        • Decrypt ciphertext
        • Forge ciphertext that will decrypt to given plaintext
      • Key as IV
    • ECB
      • Byte-at-time decryption
      • Known plaintexts
    • GCM
      • auth key recovery with biased nonce
    • Whitebox AES
      • Differential fault analysis*
  • Public Key
    • RSA
      • Small e, small plaintext
      • Common primes
      • Wiener's small private exponent
      • Hastad's broadcast
      • Faulty (RSA-CRT)
      • Parity oracle
      • Blinding (signatures/ciphertexts)
      • Bleichenbacher'06 signature forgery
      • Duplicate-Signature Key Selection
      • Bleichenbacher's PKCS1.5 oracle
      • Manger's OAEP oracle
  • Elliptic Curves
  • Hash
    • Length extension (sha1, md4)
  • PRNG
    • Linear Congruence generator
  • Utils
  • Math

For docs(strings) check CryptoAttacks/docs/

For example uses check CryptoAttacks/tests/

To change verbosity:

from CryptoAttacks.Utils import log

log.level = 'debug'  # debug, info, success

Most functions takes and returns bytes (not str), to use with python2 do:

from builtings import bytes

arg = bytes(b'some arg')