@@ -13,133 +13,133 @@ and much more...
1313
1414## Which attacks are implemented?
1515
16- [ 1. Basics] ( lib/set_1_basics.rb )
17- - [x] ** 1. Convert hex to base64**
18- - encodes hex to base64
19- - [x] ** 2. Fixed XOR**
20- - runs XOR
21- - [x] ** 3. Single-byte XOR cipher**
22- - decrypts simple XOR
23- - [x] ** 4. Detect single-character XOR**
24- - finds encrypted line
25- - [x] ** 5. Implement repeating-key XOR**
26- - encrypts a text with a key
27- - [x] ** 6. Break repeating-key XOR**
28- - checks the Hamming distance
29- - breaks a repeating key XOR
30- - [x] ** 7. AES in ECB mode**
31- - decrypts AES-ECB encrypted file
32- - [x] ** 8. Detect AES in ECB mode**
33- - finds the AES-ECB encrypted line
34-
35- [ 2. Block Crypto] ( lib/set_2_block_crypto.rb )
36- - [x] ** 9. Implement PKCS #7 **
37- - appends padding to the input
38- - [x] ** 10. Implement CBC mode**
39- - implements CBC mode decryption from AES-ECB cipher
40- - [x] ** 11. An ECB/CBC detection oracle**
41- - detects ECB or CBC encryption mode
42- - [x] ** 12. Byte-at-a-time ECB decryption (Simple)**
43- - recovers the plain text from an ECB oracle
44- - [x] ** 13. ECB cut-and-paste**
45- - alters ECB encrypted data
46- - [x] ** 14. Byte-at-a-time ECB decryption (Harder)**
47- - recovers the first byte of plain text from a random ECB oracle
48- - recovers the plain text from a random ECB oracle
49- - [x] ** 15. PKCS #7 **
50- - strips valid padding
51- - fails while stripping bad padding
52- - [x] ** 16. CBC bitflipping attacks**
53- - decrypts CBC encrypted data
16+ [ Set 6: Rsa and Dsa] ( lib/set_6_rsa_and_dsa.rb )
17+ - [x] ** 46. RSA parity oracle**
18+ - cracks RSA encrypted message using one bit leak
19+ - [x] ** 45. DSA parameter tampering**
20+ - launches a DOS attack when g = np
21+ - creates a DSA god key that validates any message when g = 1 + np
22+ - [x] ** 44. DSA nonce recovery from repeated nonce**
23+ - recovers DSA secret key x from reused session key k
24+ - [x] ** 43. DSA key recovery from nonce**
25+ - validates well signed message
26+ - doesn't validate bad signed message
27+ - recovers DSA secret key x from insecure session key k
28+ - [x] ** 42. Bleichenbacher's e=3 RSA Attack**
29+ - validates a legit RSA PKCS #1
30+ - generates a fake signature for an e=3 RSA public key
31+ - [x] ** 41. Implement unpadded message recovery oracle**
32+ - recovers unpadded RSA encrypted message
5433
55- [ 3. Block and Stream Crypto] ( lib/set_3_block_and_stream_crypto.rb )
56- - [x] ** 17. The CBC padding oracle**
57- - attacks CBC using padding information
58- - [x] ** 18. Implement CTR, the stream cipher mode**
59- - implements CTR mode using ECB
60- - [x] ** 19. Break fixed-nonce CTR mode using substitutions**
61- - attacks text encrypted with same nonce in CTR mode
62- - [x] ** 20. Break fixed-nonce CTR statistically**
63- - attacks same nonce in CTR as a repeating-key XOR
64- - [x] ** 21. Implement the MT19937 Mersenne Twister RNG**
65- - implements a pseudorandom numbers generators
66- - [x] ** 22. Crack an MT19937 seed**
67- - guesses the seed of a pseudorandom numbers generators
68- - [x] ** 23. Clone an MT19937 RNG from its output**
69- - creates a copy of the state of a PRNG
70- - [x] ** 24. Create the MT19937 stream cipher and break it**
71- - creates a PRNG stream cipher
72- - creates cracks the PRNG stream cipher
73- - checks if a token comes from a MT19937 PRNG seeded with current time
34+ [ Set 5: Diffie Hellman and Friends] ( lib/set_5_diffie_hellman_and_friends.rb )
35+ - [x] ** 40. Implement an E=3 RSA Broadcast attack**
36+ - cracks the broadcast RSA encrypted message when E is 3
37+ - [x] ** 39. Implement RSA**
38+ - encrypts and decrypts a message using RSA cryptosystem
39+ - [x] ** 38. Offline dictionary attack on simplified SRP**
40+ - authenticates when simplified SRP credentials matches
41+ - fails to authenticate when simplified SRP credentials doesn't match
42+ - cracks the password using MITM and dict attack on simplified SRP
43+ - [x] ** 37. Break SRP with a zero key**
44+ - confirms that session value is 0 when injected client key is 0
45+ - confirms that session value is 0 when injected client key is N
46+ - confirms that session value is 0 when injected client key is x * N
47+ - [x] ** 36. Implement Secure Remote Password (SRP)**
48+ - authenticates when credentials matches
49+ - fails to authenticate when credentials doesn't match
50+ - [x] ** 35. Implement DH with negotiated groups, and break with malicious "g" parameters**
51+ - checks the negotiated groups protocol based on Diffie-Hellman
52+ - confirms that generated session key = 1 when injected g = 1
53+ - confirms that generated session key = 0 when injected g = p
54+ - confirms that session key = (1 or p - 1) when injected g = p - 1
55+ - [x] ** 34. Implement a MITM key-fixing attack on Diffie-Hellman with parameter injection**
56+ - checks the Echo protocol based on Diffie-Hellman
57+ - performs a man in the middle attack on Diffie-Hellman
58+ - [x] ** 33. Implement Diffie-Hellman**
59+ - ensures that the Diffie-Hellman session keys are valid
7460
75- [ 4. Stream Crypto and Randomness] ( lib/set_4_stream_crypto_and_randomness.rb )
76- - [x] ** 25. Break "random access read/write" AES CTR**
77- - attacks CTR using random access
78- - [x] ** 26. CTR bitflipping**
79- - modifies CTR encrypted text by flipping bits
80- - [x] ** 27. Recover the key from CBC with IV=Key**
81- - guesses the encryption key when key and IV are the same
82- - [x] ** 28. Implement a SHA-1 keyed MAC**
61+ [ Set 4: Stream Crypto and Randomness] ( lib/set_4_stream_crypto_and_randomness.rb )
62+ - [x] ** 32. Break HMAC-SHA1 with a slightly less artificial timing leak**
63+ - finds the first byte of the HMAC from a tiny timing leak
64+ - creates a valid HMAC from a tiny timing leak
65+ - [x] ** 31. Implement and break HMAC-SHA1 with an artificial timing leak**
66+ - works when the HMAC matches
67+ - finds the first byte of the HMAC from timing leak
68+ - creates a valid HMAC from timing leak
69+ - [x] ** 30. Break an MD4 keyed MAC using length extension**
8370 - works when the MAC matches
8471 - fails when the MAC doesn't match
72+ - creates a valid MD4 MAC from tempered data
8573 - [x] ** 29. Break a SHA-1 keyed MAC using length extension**
8674 - creates a valid SHA-1 MAC from tempered data
87- - [x] ** 30. Break an MD4 keyed MAC using length extension **
75+ - [x] ** 28. Implement a SHA-1 keyed MAC**
8876 - works when the MAC matches
8977 - fails when the MAC doesn't match
90- - creates a valid MD4 MAC from tempered data
91- - [x] ** 31. Implement and break HMAC-SHA1 with an artificial timing leak**
92- - works when the HMAC matches
93- - finds the first byte of the HMAC from timing leak
94- - creates a valid HMAC from timing leak
95- - [x] ** 32. Break HMAC-SHA1 with a slightly less artificial timing leak**
96- - finds the first byte of the HMAC from a tiny timing leak
97- - creates a valid HMAC from a tiny timing leak
78+ - [x] ** 27. Recover the key from CBC with IV=Key**
79+ - guesses the encryption key when key and IV are the same
80+ - [x] ** 26. CTR bitflipping**
81+ - modifies CTR encrypted text by flipping bits
82+ - [x] ** 25. Break "random access read/write" AES CTR**
83+ - attacks CTR using random access
9884
99- [ 5. Diffie Hellman and Friends] ( lib/set_5_diffie_hellman_and_friends.rb )
100- - [x] ** 33. Implement Diffie-Hellman**
101- - ensures that the Diffie-Hellman session keys are valid
102- - [x] ** 34. Implement a MITM key-fixing attack on Diffie-Hellman with parameter injection**
103- - checks the Echo protocol based on Diffie-Hellman
104- - performs a man in the middle attack on Diffie-Hellman
105- - [x] ** 35. Implement DH with negotiated groups, and break with malicious "g" parameters**
106- - checks the negotiated groups protocol based on Diffie-Hellman
107- - confirms that generated session key = 1 when injected g = 1
108- - confirms that generated session key = 0 when injected g = p
109- - confirms that session key = (1 or p - 1) when injected g = p - 1
110- - [x] ** 36. Implement Secure Remote Password (SRP)**
111- - authenticates when credentials matches
112- - fails to authenticate when credentials doesn't match
113- - [x] ** 37. Break SRP with a zero key**
114- - confirms that session value is 0 when injected client key is 0
115- - confirms that session value is 0 when injected client key is N
116- - confirms that session value is 0 when injected client key is x * N
117- - [x] ** 38. Offline dictionary attack on simplified SRP**
118- - authenticates when simplified SRP credentials matches
119- - fails to authenticate when simplified SRP credentials doesn't match
120- - cracks the password using MITM and dict attack on simplified SRP
121- - [x] ** 39. Implement RSA**
122- - encrypts and decrypts a message using RSA cryptosystem
123- - [x] ** 40. Implement an E=3 RSA Broadcast attack**
124- - cracks the broadcast RSA encrypted message when E is 3
85+ [ Set 3: Block and Stream Crypto] ( lib/set_3_block_and_stream_crypto.rb )
86+ - [x] ** 24. Create the MT19937 stream cipher and break it**
87+ - creates a PRNG stream cipher
88+ - creates cracks the PRNG stream cipher
89+ - checks if a token comes from a MT19937 PRNG seeded with current time
90+ - [x] ** 23. Clone an MT19937 RNG from its output**
91+ - creates a copy of the state of a PRNG
92+ - [x] ** 22. Crack an MT19937 seed**
93+ - guesses the seed of a pseudorandom numbers generators
94+ - [x] ** 21. Implement the MT19937 Mersenne Twister RNG**
95+ - implements a pseudorandom numbers generators
96+ - [x] ** 20. Break fixed-nonce CTR statistically**
97+ - attacks same nonce in CTR as a repeating-key XOR
98+ - [x] ** 19. Break fixed-nonce CTR mode using substitutions**
99+ - attacks text encrypted with same nonce in CTR mode
100+ - [x] ** 18. Implement CTR, the stream cipher mode**
101+ - implements CTR mode using ECB
102+ - [x] ** 17. The CBC padding oracle**
103+ - attacks CBC using padding information
125104
126- [ 6. Rsa and Dsa] ( lib/set_6_rsa_and_dsa.rb )
127- - [x] ** 41. Implement unpadded message recovery oracle**
128- - recovers unpadded RSA encrypted message
129- - [x] ** 42. Bleichenbacher's e=3 RSA Attack**
130- - validates a legit RSA PKCS #1
131- - generates a fake signature for an e=3 RSA public key
132- - [x] ** 43. DSA key recovery from nonce**
133- - validates well signed message
134- - doesn't validate bad signed message
135- - recovers DSA secret key x from insecure session key k
136- - [x] ** 44. DSA nonce recovery from repeated nonce**
137- - recovers DSA secret key x from reused session key k
138- - [x] ** 45. DSA parameter tampering**
139- - launches a DOS attack when g = np
140- - creates a DSA god key that validates any message when g = 1 + np
141- - [x] ** 46. RSA parity oracle**
142- - cracks RSA encrypted message using one bit leak
105+ [ Set 2: Block Crypto] ( lib/set_2_block_crypto.rb )
106+ - [x] ** 16. CBC bitflipping attacks**
107+ - decrypts CBC encrypted data
108+ - [x] ** 15. PKCS #7 **
109+ - strips valid padding
110+ - fails while stripping bad padding
111+ - [x] ** 14. Byte-at-a-time ECB decryption (Harder)**
112+ - recovers the first byte of plain text from a random ECB oracle
113+ - recovers the plain text from a random ECB oracle
114+ - [x] ** 13. ECB cut-and-paste**
115+ - alters ECB encrypted data
116+ - [x] ** 12. Byte-at-a-time ECB decryption (Simple)**
117+ - recovers the plain text from an ECB oracle
118+ - [x] ** 11. An ECB/CBC detection oracle**
119+ - detects ECB or CBC encryption mode
120+ - [x] ** 10. Implement CBC mode**
121+ - implements CBC mode decryption from AES-ECB cipher
122+ - [x] ** 9. Implement PKCS #7 **
123+ - appends padding to the input
124+
125+ [ Set 1: Basics] ( lib/set_1_basics.rb )
126+ - [x] ** 8. Detect AES in ECB mode**
127+ - finds the AES-ECB encrypted line
128+ - [x] ** 7. AES in ECB mode**
129+ - decrypts AES-ECB encrypted file
130+ - [x] ** 6. Break repeating-key XOR**
131+ - checks the Hamming distance
132+ - breaks a repeating key XOR
133+ - [x] ** 5. Implement repeating-key XOR**
134+ - encrypts a text with a key
135+ - [x] ** 4. Detect single-character XOR**
136+ - finds encrypted line
137+ - [x] ** 3. Single-byte XOR cipher**
138+ - decrypts simple XOR
139+ - [x] ** 2. Fixed XOR**
140+ - runs XOR
141+ - [x] ** 1. Convert hex to base64**
142+ - encodes hex to base64
143143
144144#### More details...
145145
0 commit comments