block ciphers

.gitignore

@@ -6,7 +6,7 @@ src/crypto_pkg.egg-info
 src/crypto_pkg/__pycache__/
 src/crypto_pkg/contracts/__pycache__/
 src/crypto_pkg/number_theory/__pycache__/
-src/crypto_pkg/rsa/__pycache__/
+src/crypto_pkg/ciphers/asymmetric/rsa/__pycache__/
 tests/__pycache__/
 
 

README.md

@@ -1,5 +1,33 @@
 # crypto_pkg
 
-Package with RSA and DGVH encryption schemes used.
+Package containing symmetric and asymmetric key ciphers and attacks
 
-This package is used by the [BruteSniffing_Fisher](https://github.com/programmingAthlete/BruteSniffing_Fisher) repository.
+## Ciphers 
+<ul>
+<li>Asymmetric Key (PKE)</li>
+<ul>
+<li>Textbook RSA</li>
+<li>DGVH</li>
+</ul>
+<li>Symmetric key</li>
+<ul>
+<li>AES</li>
+<li>Modified vulnerable version of AES - AES without shift rows</li>
+</ul>
+</ul>
+
+## Attacks
+The following attacks are on know plain text attacks.
+<ul>
+<li>Double encryption attack on AES</li>
+<li>Key recovery on the modified version of AES</li>
+</ul>
+
+Usage examples are provided in the attacks source code files
+<ul>
+<li>attacks/block_ciphers/double_encryption.py</li>
+<li>attacks/block_ciphers/modified_aes.py</li>
+</ul>
+
+## Usage
+The <i>Textbook RSA</i> and the <i>DGVH</i> PKEs are used in the [BruteSniffing_Fisher](https://github.com/programmingAthlete/BruteSniffing_Fisher) repository.

requirements.txt

@@ -0,0 +1 @@
+pycryptodome==3.19.0

setup.py

@@ -1,6 +1,6 @@
 from setuptools import setup, find_packages
 
-__version__ = "0.0.2"
+__version__ = "1.0.0"
 
 with open("README.md", "r", encoding="utf-8") as fh:
     long_description = fh.read()

src/crypto_pkg/ciphers/symmetric/aes.py

@@ -0,0 +1,266 @@
+import copy
+
+gf256_log_table = [
+    0x00, 0x00, 0x19, 0x01, 0x32, 0x02, 0x1a, 0xc6, 0x4b, 0xc7, 0x1b, 0x68, 0x33, 0xee, 0xdf, 0x03,
+    0x64, 0x04, 0xe0, 0x0e, 0x34, 0x8d, 0x81, 0xef, 0x4c, 0x71, 0x08, 0xc8, 0xf8, 0x69, 0x1c, 0xc1,
+    0x7d, 0xc2, 0x1d, 0xb5, 0xf9, 0xb9, 0x27, 0x6a, 0x4d, 0xe4, 0xa6, 0x72, 0x9a, 0xc9, 0x09, 0x78,
+    0x65, 0x2f, 0x8a, 0x05, 0x21, 0x0f, 0xe1, 0x24, 0x12, 0xf0, 0x82, 0x45, 0x35, 0x93, 0xda, 0x8e,
+    0x96, 0x8f, 0xdb, 0xbd, 0x36, 0xd0, 0xce, 0x94, 0x13, 0x5c, 0xd2, 0xf1, 0x40, 0x46, 0x83, 0x38,
+    0x66, 0xdd, 0xfd, 0x30, 0xbf, 0x06, 0x8b, 0x62, 0xb3, 0x25, 0xe2, 0x98, 0x22, 0x88, 0x91, 0x10,
+    0x7e, 0x6e, 0x48, 0xc3, 0xa3, 0xb6, 0x1e, 0x42, 0x3a, 0x6b, 0x28, 0x54, 0xfa, 0x85, 0x3d, 0xba,
+    0x2b, 0x79, 0x0a, 0x15, 0x9b, 0x9f, 0x5e, 0xca, 0x4e, 0xd4, 0xac, 0xe5, 0xf3, 0x73, 0xa7, 0x57,
+    0xaf, 0x58, 0xa8, 0x50, 0xf4, 0xea, 0xd6, 0x74, 0x4f, 0xae, 0xe9, 0xd5, 0xe7, 0xe6, 0xad, 0xe8,
+    0x2c, 0xd7, 0x75, 0x7a, 0xeb, 0x16, 0x0b, 0xf5, 0x59, 0xcb, 0x5f, 0xb0, 0x9c, 0xa9, 0x51, 0xa0,
+    0x7f, 0x0c, 0xf6, 0x6f, 0x17, 0xc4, 0x49, 0xec, 0xd8, 0x43, 0x1f, 0x2d, 0xa4, 0x76, 0x7b, 0xb7,
+    0xcc, 0xbb, 0x3e, 0x5a, 0xfb, 0x60, 0xb1, 0x86, 0x3b, 0x52, 0xa1, 0x6c, 0xaa, 0x55, 0x29, 0x9d,
+    0x97, 0xb2, 0x87, 0x90, 0x61, 0xbe, 0xdc, 0xfc, 0xbc, 0x95, 0xcf, 0xcd, 0x37, 0x3f, 0x5b, 0xd1,
+    0x53, 0x39, 0x84, 0x3c, 0x41, 0xa2, 0x6d, 0x47, 0x14, 0x2a, 0x9e, 0x5d, 0x56, 0xf2, 0xd3, 0xab,
+    0x44, 0x11, 0x92, 0xd9, 0x23, 0x20, 0x2e, 0x89, 0xb4, 0x7c, 0xb8, 0x26, 0x77, 0x99, 0xe3, 0xa5,
+    0x67, 0x4a, 0xed, 0xde, 0xc5, 0x31, 0xfe, 0x18, 0x0d, 0x63, 0x8c, 0x80, 0xc0, 0xf7, 0x70, 0x07
+]
+
+gf256_antilog_table = [
+    0x01, 0x03, 0x05, 0x0f, 0x11, 0x33, 0x55, 0xff, 0x1a, 0x2e, 0x72, 0x96, 0xa1, 0xf8, 0x13, 0x35,
+    0x5f, 0xe1, 0x38, 0x48, 0xd8, 0x73, 0x95, 0xa4, 0xf7, 0x02, 0x06, 0x0a, 0x1e, 0x22, 0x66, 0xaa,
+    0xe5, 0x34, 0x5c, 0xe4, 0x37, 0x59, 0xeb, 0x26, 0x6a, 0xbe, 0xd9, 0x70, 0x90, 0xab, 0xe6, 0x31,
+    0x53, 0xf5, 0x04, 0x0c, 0x14, 0x3c, 0x44, 0xcc, 0x4f, 0xd1, 0x68, 0xb8, 0xd3, 0x6e, 0xb2, 0xcd,
+    0x4c, 0xd4, 0x67, 0xa9, 0xe0, 0x3b, 0x4d, 0xd7, 0x62, 0xa6, 0xf1, 0x08, 0x18, 0x28, 0x78, 0x88,
+    0x83, 0x9e, 0xb9, 0xd0, 0x6b, 0xbd, 0xdc, 0x7f, 0x81, 0x98, 0xb3, 0xce, 0x49, 0xdb, 0x76, 0x9a,
+    0xb5, 0xc4, 0x57, 0xf9, 0x10, 0x30, 0x50, 0xf0, 0x0b, 0x1d, 0x27, 0x69, 0xbb, 0xd6, 0x61, 0xa3,
+    0xfe, 0x19, 0x2b, 0x7d, 0x87, 0x92, 0xad, 0xec, 0x2f, 0x71, 0x93, 0xae, 0xe9, 0x20, 0x60, 0xa0,
+    0xfb, 0x16, 0x3a, 0x4e, 0xd2, 0x6d, 0xb7, 0xc2, 0x5d, 0xe7, 0x32, 0x56, 0xfa, 0x15, 0x3f, 0x41,
+    0xc3, 0x5e, 0xe2, 0x3d, 0x47, 0xc9, 0x40, 0xc0, 0x5b, 0xed, 0x2c, 0x74, 0x9c, 0xbf, 0xda, 0x75,
+    0x9f, 0xba, 0xd5, 0x64, 0xac, 0xef, 0x2a, 0x7e, 0x82, 0x9d, 0xbc, 0xdf, 0x7a, 0x8e, 0x89, 0x80,
+    0x9b, 0xb6, 0xc1, 0x58, 0xe8, 0x23, 0x65, 0xaf, 0xea, 0x25, 0x6f, 0xb1, 0xc8, 0x43, 0xc5, 0x54,
+    0xfc, 0x1f, 0x21, 0x63, 0xa5, 0xf4, 0x07, 0x09, 0x1b, 0x2d, 0x77, 0x99, 0xb0, 0xcb, 0x46, 0xca,
+    0x45, 0xcf, 0x4a, 0xde, 0x79, 0x8b, 0x86, 0x91, 0xa8, 0xe3, 0x3e, 0x42, 0xc6, 0x51, 0xf3, 0x0e,
+    0x12, 0x36, 0x5a, 0xee, 0x29, 0x7b, 0x8d, 0x8c, 0x8f, 0x8a, 0x85, 0x94, 0xa7, 0xf2, 0x0d, 0x17,
+    0x39, 0x4b, 0xdd, 0x7c, 0x84, 0x97, 0xa2, 0xfd, 0x1c, 0x24, 0x6c, 0xb4, 0xc7, 0x52, 0xf6, 0x01
+]
+
+sbox_table = [
+    0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76,
+    0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0,
+    0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15,
+    0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75,
+    0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84,
+    0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf,
+    0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8,
+    0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2,
+    0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73,
+    0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb,
+    0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79,
+    0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08,
+    0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a,
+    0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e,
+    0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf,
+    0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
+]
+
+reversed_box = [0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, 0xbf, 0x40, 0xa3,
+                0x9e, 0x81, 0xf3, 0xd7, 0xfb, 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f,
+                0xff, 0x87, 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb, 0x54,
+                0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d, 0xee, 0x4c, 0x95, 0x0b,
+                0x42, 0xfa, 0xc3, 0x4e, 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24,
+                0xb2, 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25, 0x72, 0xf8,
+                0xf6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xd4, 0xa4, 0x5c, 0xcc, 0x5d,
+                0x65, 0xb6, 0x92, 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda,
+                0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84, 0x90, 0xd8, 0xab,
+                0x00, 0x8c, 0xbc, 0xd3, 0x0a, 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3,
+                0x45, 0x06, 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02, 0xc1,
+                0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b, 0x3a, 0x91, 0x11, 0x41,
+                0x4f, 0x67, 0xdc, 0xea, 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6,
+                0x73, 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85, 0xe2, 0xf9,
+                0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e, 0x47, 0xf1, 0x1a, 0x71, 0x1d,
+                0x29, 0xc5, 0x89, 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b,
+                0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20, 0x9a, 0xdb, 0xc0,
+                0xfe, 0x78, 0xcd, 0x5a, 0xf4, 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07,
+                0xc7, 0x31, 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f, 0x60,
+                0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d, 0x2d, 0xe5, 0x7a, 0x9f,
+                0x93, 0xc9, 0x9c, 0xef, 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5,
+                0xb0, 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61, 0x17, 0x2b,
+                0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26, 0xe1, 0x69, 0x14, 0x63, 0x55,
+                0x21, 0x0c, 0x7d]
+
+r_con = [[0x01, 0x00, 0x00, 0x00], [0x02, 0x00, 0x00, 0x00], [0x04, 0x00, 0x00, 0x00], [0x08, 0x00, 0x00, 0x00],
+         [0x10, 0x00, 0x00, 0x00],
+         [0x20, 0x00, 0x00, 0x00], [0x40, 0x00, 0x00, 0x00], [0x80, 0x00, 0x00, 0x00], [0x1b, 0x00, 0x00, 0x00],
+         [0x36, 0x00, 0x00, 0x00]]
+
+
+def print_byte_array(byte_array):
+    print("0x", end="")
+    out = ""
+    for r in range(0, 4):
+        for c in range(0, 4):
+            print(str(f'{int(byte_array[r * 4 + c]):02x}'), end='')
+    print("\n")
+    return out
+
+
+def print_byte_matrix(byte_matrix):
+    for r in range(0, 4):
+        for c in range(0, 4):
+            print(str(f'{byte_matrix[r][c]:02x}') + " ", end='')
+        print("\n")
+
+
+def get_array_from_state(byte_array):
+    out = [byte_array[j][i] for i in range(4) for j in range(4)]
+    return out
+
+
+def gf256_mul(a, b):
+    if a != 0 and b != 0:
+        u = gf256_log_table[a]
+        v = gf256_log_table[b]
+        s = (u + v) % 255
+        r = gf256_antilog_table[s]
+    else:
+        r = 0
+    return r
+
+
+def array_to_matrix(byte_array) -> []:
+    matrix = [[0, 0, 0, 0], [0, 0, 0, 0], [0, 0, 0, 0], [0, 0, 0, 0]]
+    for r in range(0, 4):
+        for c in range(0, 4):
+            matrix[r][c] = byte_array[r + 4 * c]
+    return matrix
+
+
+class CustomAES:
+
+    def aes_add_round_key(self, byte_matrix, key_matrix):
+        r = []
+        for i in range(len(byte_matrix)):
+            r.append([])
+            for j in range(len(byte_matrix[i])):
+                byte_item = byte_matrix[i][j] ^ key_matrix[i][j] % 256
+                r[i].append(byte_item)
+        return r
+
+    def g(self, column):
+        n_c = column[::-1]
+        s_c = [sbox_table[item] for item in n_c]
+        return s_c
+
+    def get_column(self, row, i):
+        return row[i:4 + i]
+
+    def generate_keys(self, base_key):
+        key_state = array_to_matrix(base_key)
+        new_state = base_key
+        key_schedule = [key_state]
+        for key_round in range(len(r_con)):
+            last_column = new_state[-4:]
+            g_c = self.g(column=last_column)
+            col_1 = new_state[:4]
+            state_1 = r_con[key_round]
+            n_col_0 = [col_1[i] ^ state_1[i] ^ g_c[i] for i in range(4)]
+            n_col_1 = [item1 ^ item2 for item1, item2 in zip(self.get_column(new_state, 1), n_col_0)]
+            n_col_2 = [item1 ^ item2 for item1, item2 in zip(self.get_column(new_state, 2), n_col_1)]
+            n_col_3 = [item1 ^ item2 for item1, item2 in zip(self.get_column(new_state, 3), n_col_2)]
+            new_state = n_col_0 + n_col_1 + n_col_2 + n_col_3
+            key_schedule.append(array_to_matrix(new_state))
+        return key_schedule
+
+    def encrypt(self, plain_text, key):
+        ks = self.generate_keys(base_key=key)
+        state = array_to_matrix(plain_text)
+        s_k = self.aes_add_round_key(state, ks[0])
+        print("plaintext : ")
+        print_byte_array(plain_text)
+        print("stateMatrix  : ")
+        print_byte_matrix(state)
+        print("roundkey  : ")
+        print_byte_matrix(ks[0])
+        print("\n")
+
+        pn = get_array_from_state(s_k)
+        for i in range(1, 10):
+            tmp = self.aes_round_trans(plain_text=pn, round_key=ks[i])
+            pn = tmp
+        pn = self.aes_round_trans(plain_text=pn, round_key=ks[-1], last=True)
+        return pn
+
+    def aes_sub_bytes(self, byte_matrix, inverse=False):
+        box = sbox_table
+        if inverse:
+            box = reversed_box
+        n = []
+        for i in range(len(byte_matrix)):
+            n.append([])
+            for j in range(len(byte_matrix[i])):
+                n[i].append(box[byte_matrix[i][j]])
+        return n
+
+    @staticmethod
+    def shift_right(i, j):
+        return (j + i) % 4
+
+    @staticmethod
+    def shift_left(i, j):
+        return (j - i) % 4
+
+    def aes_shift_rows(self, byte_matrix, inverse=False):
+        operation = self.shift_right
+        if inverse:
+            operation = self.shift_left
+        new = copy.deepcopy(byte_matrix)
+        for i in range(len(byte_matrix)):
+            for j in range(len(byte_matrix[i])):
+                new[i][j] = byte_matrix[i][operation(i=i, j=j)]
+        return new
+
+    def aes_mix_columns(self, byte_matrix, inverse=False):
+        # Matrix for mixColum operation
+        mix_col = [[2, 3, 1, 1], [1, 2, 3, 1], [1, 1, 2, 3], [3, 1, 1, 2]]
+        if inverse:
+            mix_col = [[0x0e, 0x0b, 0x0d, 0x09], [0x09, 0x0e, 0x0b, 0x0d], [0x0d, 0x09, 0x0e, 0x0b],
+                       [0x0b, 0x0d, 0x09, 0x0e]]
+        new = copy.deepcopy(byte_matrix)
+        for i in range(len(byte_matrix)):
+            for j in range(len(byte_matrix[i])):
+                sum = 0
+                for k in range(4):
+                    sum ^= gf256_mul(mix_col[i][k], byte_matrix[k][j])
+                new[i][j] = sum % 256
+        return new
+
+    def aes_round_trans(self, plain_text, round_key=None, last=False):
+        state_matrix = array_to_matrix(plain_text)
+        # subbytes transformation
+        s = self.aes_sub_bytes(state_matrix)
+        # shiftrows transformation
+        n = self.aes_shift_rows(s)
+        # mixcolumns transformation
+        if last:
+            s_k = self.aes_add_round_key(n, round_key)
+            return get_array_from_state(s_k)
+        else:
+            c = self.aes_mix_columns(n)
+            s_k = self.aes_add_round_key(c, round_key)
+            return get_array_from_state(s_k)
+
+    def aes_inv_round_trans(self, plain_text, round_key=None, first=False):
+        state_matrix = array_to_matrix(plain_text)
+        s_k = self.aes_add_round_key(state_matrix, round_key)
+        if not first:
+            s_k = self.aes_mix_columns(byte_matrix=s_k, inverse=True)
+        sw_inv = self.aes_shift_rows(byte_matrix=s_k, inverse=True)
+        s_inv = self.aes_sub_bytes(byte_matrix=sw_inv, inverse=True)
+        return get_array_from_state(s_inv)
+
+    def decrypt(self, cipher_text, key):
+        ks = self.generate_keys(base_key=key)[::-1]
+        ci = cipher_text
+        for i in range(10):
+            if i == 0:
+                tmp = self.aes_inv_round_trans(plain_text=ci, round_key=ks[i], first=True)
+            else:
+                tmp = self.aes_inv_round_trans(plain_text=ci, round_key=ks[i])
+            ci = tmp
+        state_matrix = array_to_matrix(ci)
+        out = self.aes_add_round_key(state_matrix, ks[10])
+        return get_array_from_state(out)

tests/test_dghv.py

@@ -1,7 +1,7 @@
 import unittest
 import random
 
-from crypto_pkg.DGHV.dghv import DGHV
+from crypto_pkg.ciphers.asymmetric.DGHV.dghv import DGHV
 
 
 class TestDGHVScheme(unittest.TestCase):

tests/test_rsa.py

@@ -1,6 +1,6 @@
 import unittest
 
-from crypto_pkg.rsa.rsa_scheme import RSA
+from crypto_pkg.ciphers.asymmetric import RSA
 
 
 class TestRSA(unittest.TestCase):