Crypton: una recopilación para aprender cripto(grafía) defensiva/ofensiva

Ampliamos nuestro material de estudio para estas vacaciones con una fantástica recopilación de explicaciones e implementaciones de todos los ataques existentes en varios sistemas de cifrado, firma digital y algoritmos de hashing junto con ejemplos de retos de CTFs. Esta joya, que te hará ser una auténtica máquina en la categoría "crypto", la tenemos en un repositorio de Github gracias a Ashutosh Ahelleya aka s0rc3r3r de @teambi0s que ha nombrado su proyecto como Crypton.

En definitiva podemos decir que Crypton es una auténtica biblioteca para aprender y practicar criptografía defensiva y ofensiva, estructurada de la siguiente manera:



1. Block Ciphers

S.No. Topic Explanation Impl./Exploit Challenge#
1 Block Cipher Basics- working of block ciphers, padding etc.
[link]


2 Modes of Encryption- different modes of operation on block ciphers: ECB, CBC, CTR
[link]


3 Block Size Detection- detect blocksize of a block cipher encrypting data on a remote service
[link]


4 Mode Detection- detect type of mode of encryption: independent or dependent encryption of blocks
[link]


5 ECB Byte at a Time- byte at a time decryption of a secret string running on a remote service encrypting input+secret in ECB mode
[link]

[link]
6 CBC IV Detection- detect the value of Initialisation Vector on a remote service that is encrypting our input using a block cipher in CBC mode
[link]
[link]

7 CBC Bit Flipping Attack- exploiting cookie generation mechanism to login as admin when cookie is generated using a block cipher in CBC mode
[link]

[link]
8 CBC Byte at a Time- byte at a time decryption of a secret string running on a remote service encrypting input+secret in ECB mode
[link]
[link]

9 CBC Padding Oracle Attack- decryption of data encrypted by a vulnerable service providing encryption/decryption
[link]

[link]
10 CTR Bit Flipping- exploiting cookie generation mechanism to login as admin when cookie is generated using a block cipher in CBC mode
[link]

[link]

2. RSA Encryption

S.No. Topic Explanation Impl./Exploit Challenge#
1 Unpadded RSA Enc/Dec- key generation, distribution, encryption/decryption, verification of decryption formula and padding in RSA
[link]


2 Direct Root Attack- attack on unpadded RSA with low public key exponent
[link]


3 Fermat's Factorisation- technique used to factor modulus n when p and q values are in proximity
[link]
[link]
[link]
4 Pollard's p-1 Factorisation- technique to factorise n when both of it's factors p & q, p-1 and q-1 have very small prime divisors
[link]
[link]
[link]
5 Common Modulus Attack- decrypt ciphertext when it's corresponding plaintext is encrypted two different times with the same modulus n
[link]
[link]
[link]
6 Common Prime Attack- retrieve factors of moduli n1 and n2 when they have a common factor
[link]

[link]
7 Wiener's Attack- get value of decryption key exponent d when d < N0.25
[link]
[link]
[link]
8 Wiener's Attack Variant- get value of decryption key exponent d when d is a few bits greater than N0.25 or d < N0.25
[link]
[link]
[link]
9 Coppersmith's Attack- coppersmith's theorem, attack on stereotyped messages and factoring n with high bits known
[link]
[link]
[link]
10 Franklin Reiter Related Message Attack- attack to retrieve related messages encrypted using the same modulus
[link]
[link]
[link]
11 Hastad's Broadcast Attack- with extension- attack to retrieve a message broadcasted among different people, encrypted using same exponent but different moduli
[link]
[link]- script needs to be fixed
[link]
12 PKCS1-v1.5-Padded-RSA-Encryption/Decryption- ASN1 encoding, padded RSA encryption (needs to be fixed)



13 Intro-RSA-Challenges- basic challenges in RSA related to Number Theory
[link]

[link]

3. Message Authentication Codes (MACs)

S.No. Topic Explanation Impl./Exploit Challenge#
1 Message Authentication Code- internals and security analysis of MACs
[link]


2 CBC MAC Forgery- generating two message M1 and M2 having the same CBC-MAC authentication tag
[link]

[link]
3 Length Extension Attack on CBC-MAC- generate a valid authentication tag of message M1 || M2 (concatenation) given MAC(M1)
[link]
[link]


4. Discrete Logarithm Problem

S.No. Topic Explanation Impl./Exploit Challenge#
1 DLP- cyclic groups, discrete logarithm problem, Baby-Step-Giant-Step algorithm
[link]

[link]
2 Elliptic Curve DLP- defining identity element, inverse of a point, cyclic groups over points on an EC, Hasse's theorem, ECDLP [link]



5. ElGamal Encryption

S.No. Topic Explanation Impl./Exploit Challenge#
1 ElGamal Cryptosystem- Encryption/Decryption- key generation, encryption, decryption in ElGamal Cryptosystem
[link]
[link]
[link]

6. Authenticated Encryption (AE)

S.No. Topic Explanation Impl./Exploit Challenge#
1 AE basics & internals- working of authenticated encryption
[link]


2 AE with MACs- different techniques of implementing AE with MACs: Encrypt and MAC, MAC then encrypt and encrypt then MAC
[link]


3 Authenticated Ciphers
[link]


4 AE with Associated Data
[link]


5 AES-GCM- encryption in AES-GCM, Wegman-Carter MAC
[link]
[link]

6 Forbidden Attack on AES-GCM- attack on AES-GCM due to nonce-reuse
[link]

[link]

7. Elliptic Curves

S.No. Topic Explanation Impl./Exploit Challenge#
1 Elliptic Curve Internals- defining Elliptic Curves, point addition, point doubling and scalar multiplication
[link]



8. Digital Signatures

S.No. Topic Explanation Impl./Exploit Challenge#
1 ElGamal Signatures- key generation, signature generation, signature verification and correctness of ElGamal Signature scheme
[link]
[link]
[link]
2 Elliptic Curve DSA- signature generation, signature verification and correctness of signature algorithm
[link]


3 Attack k-reuse ECDSA- forging of ECDSA signatures due to reuse of k
[link]


4 Unpadded RSA Digital Signatures- signature generation and verification in RSA digital signature scheme
[link]
[link]
5 PKCS1-v1.5 padded RSA Digital Signatures
[link]
[link]

6 e=3 Bleichenbacher's Attack
[link]
[link]
[link]

TODO
  1. RSA Encryption
    • Chosen Ciphertext Attack on RSA Cryptosystem- Byte by Byte decryption
    • Padding Oracle Attack on PKCS1 padded RSA encryption systemat
    • Fermat's Factorisation
      • Sieve Improvement
    • Coppersmith's Attack
      • Boneh Durfee Attack
    • Hastad's Broadcast Attack
      • Implementation of HBA on padded messages
    • PKCS1-v1.5 Padded RSA encryption 
Propuestas: email al autor.

Proyecto: https://github.com/ashutosh1206/Crypton

Comentarios