Help with CPA attack

Networking/Security Forums -> Cryptographic Theory and Cryptanalysis - Internal and Transmission Security

Author: siddhartha PostPosted: Thu Oct 15, 2009 4:28 am    Post subject: Help with CPA attack
    ----
Please help, I'm stuck!

I'm dealing with a proprietary file format that contains a large file and some header data. Only a portion of the large file is encrypted within the 'packed' file. Specifically, the first 2,097,152 bytes or the first $200000 addresses in hex.

I have the program that encrypts the data and I can input any data I want. As much as I would just install a debugger and reverse engineer the program, my assembly is not that good and the proprietary software accesses numerous DLLs which confuse things even more.

What I would like to do is launch a CPA attack on the encryption algorithm.

I have encrypted various plaintexts. The method I used was to fill a file with 4,194,304 bytes of null chars (0x0) and then change various addresses to 0x1.

Initial analysis:

You can see that the encoding happens in 16 byte chunks. When comparing ciphers, if the first 16 bytes of the plaintext are equal, the first 16 bytes of the ciphertext are equal. If any byte of the plaintext is changed after a 16 byte block, the rest of the ciphertext is completely different from the original ciphertext.

I know that file length is not considered when encrypting the data, i.e. 1000 bytes of 0x0 will have the same first 1000 bytes of ciphertext as 2000 bytes of 0x0.

It looks like 31 or 32 bytes are added to the ciphertext somewhere, at the end? When the plaintext is 128 bytes, the ciphertext is 159 or 160 bytes.

Questions:
- Do you know of an encryption algorithm that produces ciphertexts in this "16 byte chunk" manner?
- Can any of these ciphertexts be decrypted to their corresponding plaintexts?
- Do you need any additional ciphertexts based on a particular plaintext?

The ciphertexts (only the first 96 bytes):
(Matching portions of ciphertext to first ciphertext (where the plaintext is all bytes are 0x0) are in bold.)

All bytes are 0x0:
11 DB 43 3C 22 37 82 0C 6D D9 8F 51 1D E5 77 31 17 CE 3C 92 C0 27 59 92
D6 DC F2 B5 B4 68 0D 0C EC 09 57 50 BA 98 E2 32 51 04 C3 31 20 34 57 77
03 6C C4 9A 28 0B 2D 59 19 0F EE D7 E0 1C A2 AC 17 8B AB F3 C3 B9 2E 0C
5D 9B FC 8D 3E 4D 3B 4E CC 4D 90 71 77 F8 47 36 F8 92 97 CF D0 A6 CD 7D
53 20 99 4D 81 FE 3C B8 94 0B 3C 80 33 8C 2D 0B FC E6 0B C3 B0 50 9B C6

All bytes are 0x1:
C6 DD 90 9B A9 BC 4B 4C 8B 82 18 77 B2 4A F3 82 E1 14 BF 58 4F AF EB 27
90 B0 E3 08 02 FF 54 87 A9 F7 13 70 AE A2 D1 03 AD A3 46 8C B0 9E D3 CE
2E 7B 01 A1 4A CD 2F EB 86 E5 28 D4 D2 87 D9 54 FB 11 71 F8 71 82 D8 F0
15 4F 87 89 FE 3E 16 29 27 DD 68 DB A7 DA 33 0C 6C ED 7E 56 F4 4D F4 08
DE 88 9B 68 1B 21 37 A9 20 A6 1E 80 03 B0 7F 0C 5F 0A 6A 37 17 01 90 06

Byte 14 is 0x1:
E8 28 EA 50 51 22 9E CF 82 93 C5 24 EE AC 1C B6 C8 56 B7 79 9B 0C E6 A2
20 B2 33 FB 89 77 39 55 98 36 68 92 2F F0 39 E1 D3 E0 31 91 10 BD 97 80
1F CB C6 9E A9 15 D3 72 AE 31 3E 99 D5 47 D8 A5 F7 D0 5D 17 04 47 DD 9E
84 36 7D CA 91 60 D8 5F 6A 95 16 58 F7 04 EC 5D 66 A2 B1 E2 E6 50 DE 90
6F 87 4B 5F 01 C8 15 9C 9F 47 EE 62 9F 1A 85 50 B4 21 E9 6E 35 1A BE 0B

Byte 15 is 0x1:
5B 66 93 7C 53 A5 DA 2D 0F 19 E7 5B 83 35 76 61 6F 27 C7 83 26 37 9A 3E
68 77 07 35 5C CE 32 DB 47 D6 F6 6E D0 51 66 34 F1 8F E3 7D 84 F9 80 6E
59 37 0B 11 78 7A D0 FC 49 CF F0 D4 69 2B 4F 0C 57 76 AC 05 58 59 5A 32
C0 F0 39 40 35 FD DF CE 67 62 71 F4 6D 64 38 29 43 FC BE A5 C3 E3 73 A2
A0 71 43 2A D5 F1 18 1F B9 09 6F 85 6A 0E 9C 0E 18 C6 E1 3F 52 C1 21 EF

Byte 16 is 0x1:
B4 DD E0 9F D8 A6 8E EA 56 91 CE 10 08 0A 17 D8 09 87 BB 4B 16 D4 73 7C
10 E0 AE DC 06 18 54 3C 2C 4B 91 DB 12 E5 E0 83 B8 AA A1 1D 71 86 89 E4
06 05 25 35 66 02 D6 60 38 1F EC A9 2F 2F 5E B8 3A 20 12 FF AD 21 B6 AA
8D F7 71 49 51 E4 5B AE A8 4A 12 35 B5 BF 15 05 28 46 70 A5 69 48 C3 32
AC C3 19 DD 26 5B 96 A1 D2 7A BB EC DA 7C 45 E0 62 C6 EC 68 1D 5F FF CC

Byte 17 is 0x1:
11 DB 43 3C 22 37 82 0C 6D D9 8F 51 1D E5 77 31 DE 82 F8 C7 92 A7 66 65
81 DA FA 00 7D E0 15 EC FF D6 EF DF 1E 0E 26 93 53 7D A8 FB A4 C8 40 B2
78 77 FB 25 9C 51 28 9A 6F 91 93 0F 4D 27 8F 03 1A 23 E4 43 FC 6D C4 6A
31 44 AE EE DA C3 E2 81 30 2E 66 CB F0 01 BC 4F 0A 29 1D 9D 87 8B AE 34
3A 30 71 C3 5C AC 75 D5 86 58 CD 01 D0 5E 3A 53 91 D9 11 48 63 65 35 D1

Byte 32 is 0x1:
11 DB 43 3C 22 37 82 0C 6D D9 8F 51 1D E5 77 31 01 5A 68 71 39 B3 DE 49
6A AF AB 79 7E 2B C8 EB 34 3B 51 19 E3 2B 23 06 93 4A 37 10 DB 00 FD 17
21 65 FA DF 76 61 04 B5 9A C1 4B 99 2E E9 EF 97 59 B3 59 BF 42 63 18 DA
A5 8E 7D E0 BE 09 84 DA 58 4D 24 87 18 21 DB 51 96 20 7E 1B 01 74 AD B0
D5 8A 2F F4 C6 BD 3A B7 CE DF 95 AB 20 28 52 9B 1B 3A CD 67 AF 5C B2 92

Byte 33 is 0x1:
11 DB 43 3C 22 37 82 0C 6D D9 8F 51 1D E5 77 31 17 CE 3C 92 C0 27 59 92
D6 DC F2 B5 B4 68 0D 0C
4E 8E A8 D6 AC 1A 16 BA 6D FC C0 38 9F 2C 1F C2
08 0C 5E 87 78 8F 66 20 F7 C9 A3 5E CB 86 D3 2E 6E 3B D5 E4 33 CD C8 25
BC B7 41 43 48 A8 8D 77 C0 82 A1 3B D3 BC 35 E8 CD 3B C9 BC 01 1D 30 16
91 7F EA 5A D7 0A 62 D7 E3 70 07 0B 71 BB 8D 51 BC 62 32 01 E8 A0 8F B3

Byte 64 is 0x1:
11 DB 43 3C 22 37 82 0C 6D D9 8F 51 1D E5 77 31 17 CE 3C 92 C0 27 59 92
D6 DC F2 B5 B4 68 0D 0C EC 09 57 50 BA 98 E2 32 51 04 C3 31 20 34 57 77

46 E5 06 82 AD 60 A5 BF 33 B1 48 54 E2 4F BB 29 1A 43 5C 90 F3 36 3B 3C
C8 08 2A CD 67 EC 28 1E 88 EC D5 D7 21 1B 0F 23 61 A1 07 7A 79 EC A9 BB
E1 30 B3 4C E8 B9 DB E7 2B 8E D1 7B F1 99 9E 82 96 AD 84 7B 08 7B F6 0B

Byte 65 is 0x1:
11 DB 43 3C 22 37 82 0C 6D D9 8F 51 1D E5 77 31 17 CE 3C 92 C0 27 59 92
D6 DC F2 B5 B4 68 0D 0C EC 09 57 50 BA 98 E2 32 51 04 C3 31 20 34 57 77
03 6C C4 9A 28 0B 2D 59 19 0F EE D7 E0 1C A2 AC
8A 89 56 C3 E5 C5 66 C4
DB 5E 62 3A 26 AE 2A 0E 2F B8 E0 CF 58 61 0B A1 9E F4 24 93 44 4D 5C 77
B1 5A DB 5E 4A 94 26 B5 D8 57 F1 64 47 13 BC 12 97 84 F3 02 9D 27 80 FD

Byte 66 is 0x1:
11 DB 43 3C 22 37 82 0C 6D D9 8F 51 1D E5 77 31 17 CE 3C 92 C0 27 59 92
D6 DC F2 B5 B4 68 0D 0C EC 09 57 50 BA 98 E2 32 51 04 C3 31 20 34 57 77
03 6C C4 9A 28 0B 2D 59 19 0F EE D7 E0 1C A2 AC
0E C2 D7 33 AF 7F 91 B2
1C 78 D6 AB 65 C1 70 1B EA 2D 2B F9 7A 81 2F D0 9C 35 2F 37 0F 96 7F 5B
06 B3 3D 84 28 61 46 C0 57 CE E8 09 27 B4 A5 8B D7 A2 06 17 91 EF B5 5A

Byte 80 is 0x1:
11 DB 43 3C 22 37 82 0C 6D D9 8F 51 1D E5 77 31 17 CE 3C 92 C0 27 59 92
D6 DC F2 B5 B4 68 0D 0C EC 09 57 50 BA 98 E2 32 51 04 C3 31 20 34 57 77
03 6C C4 9A 28 0B 2D 59 19 0F EE D7 E0 1C A2 AC
82 0D C2 AC E2 6C C6 BF
91 DD F2 BC 68 AC 9A A7 44 AF F5 68 A6 3F 01 5D 94 8F 52 BB 34 86 AA 18
20 36 FB 70 71 AD 53 57 7A 75 44 C3 D2 8A 02 2A BB CD C9 64 59 FB 22 34

Byte 81 is 0x1:
11 DB 43 3C 22 37 82 0C 6D D9 8F 51 1D E5 77 31 17 CE 3C 92 C0 27 59 92
D6 DC F2 B5 B4 68 0D 0C EC 09 57 50 BA 98 E2 32 51 04 C3 31 20 34 57 77
03 6C C4 9A 28 0B 2D 59 19 0F EE D7 E0 1C A2 AC 17 8B AB F3 C3 B9 2E 0C
5D 9B FC 8D 3E 4D 3B 4E
B8 15 42 50 7D 2C 29 FC 4C BF FB 73 02 EB C1 95
6B F5 85 D2 F1 DA 45 9A 45 F3 47 40 E7 BB 00 42 D9 42 CC 68 DA 75 EC E1

Byte 96 is 0x1:
11 DB 43 3C 22 37 82 0C 6D D9 8F 51 1D E5 77 31 17 CE 3C 92 C0 27 59 92
D6 DC F2 B5 B4 68 0D 0C EC 09 57 50 BA 98 E2 32 51 04 C3 31 20 34 57 77
03 6C C4 9A 28 0B 2D 59 19 0F EE D7 E0 1C A2 AC 17 8B AB F3 C3 B9 2E 0C
5D 9B FC 8D 3E 4D 3B 4E
C7 93 B2 2E A2 C9 29 DB E5 7B BA 43 0D 44 7E 49
12 A2 F4 2B 31 71 02 04 98 5D F7 C1 0D 0A E9 59 D0 16 38 53 DF 59 8D 60

Byte 97 is 0x1:
11 DB 43 3C 22 37 82 0C 6D D9 8F 51 1D E5 77 31 17 CE 3C 92 C0 27 59 92
D6 DC F2 B5 B4 68 0D 0C EC 09 57 50 BA 98 E2 32 51 04 C3 31 20 34 57 77
03 6C C4 9A 28 0B 2D 59 19 0F EE D7 E0 1C A2 AC 17 8B AB F3 C3 B9 2E 0C
5D 9B FC 8D 3E 4D 3B 4E CC 4D 90 71 77 F8 47 36 F8 92 97 CF D0 A6 CD 7D

39 FD D2 91 77 C8 47 A4 80 AC B6 6B 2F 56 DA DE AA AF 66 80 9D 14 4F A4

Byte 98 is 0x1:
1 DB 43 3C 22 37 82 0C 6D D9 8F 51 1D E5 77 31 17 CE 3C 92 C0 27 59 92
D6 DC F2 B5 B4 68 0D 0C EC 09 57 50 BA 98 E2 32 51 04 C3 31 20 34 57 77
03 6C C4 9A 28 0B 2D 59 19 0F EE D7 E0 1C A2 AC 17 8B AB F3 C3 B9 2E 0C
5D 9B FC 8D 3E 4D 3B 4E CC 4D 90 71 77 F8 47 36 F8 92 97 CF D0 A6 CD 7D

DF EE 23 EC 18 D8 31 FD 96 EA 46 53 AD 2F BB 14 4D 99 2E 9E D6 2E 75 8F

Byte 127 is 0x1:
11 DB 43 3C 22 37 82 0C 6D D9 8F 51 1D E5 77 31 17 CE 3C 92 C0 27 59 92
D6 DC F2 B5 B4 68 0D 0C EC 09 57 50 BA 98 E2 32 51 04 C3 31 20 34 57 77
03 6C C4 9A 28 0B 2D 59 19 0F EE D7 E0 1C A2 AC 17 8B AB F3 C3 B9 2E 0C
5D 9B FC 8D 3E 4D 3B 4E CC 4D 90 71 77 F8 47 36 F8 92 97 CF D0 A6 CD 7D
53 20 99 4D 81 FE 3C B8 94 0B 3C 80 33 8C 2D 0B
1E CE 7B 53 61 89 96 34

Byte 128 is 0x1:
11 DB 43 3C 22 37 82 0C 6D D9 8F 51 1D E5 77 31 17 CE 3C 92 C0 27 59 92
D6 DC F2 B5 B4 68 0D 0C EC 09 57 50 BA 98 E2 32 51 04 C3 31 20 34 57 77
03 6C C4 9A 28 0B 2D 59 19 0F EE D7 E0 1C A2 AC 17 8B AB F3 C3 B9 2E 0C
5D 9B FC 8D 3E 4D 3B 4E CC 4D 90 71 77 F8 47 36 F8 92 97 CF D0 A6 CD 7D
53 20 99 4D 81 FE 3C B8 94 0B 3C 80 33 8C 2D 0B 5D
F3 30 D5 53 37 7E 7D

Byte 129 is 0x1:
11 DB 43 3C 22 37 82 0C 6D D9 8F 51 1D E5 77 31 17 CE 3C 92 C0 27 59 92
D6 DC F2 B5 B4 68 0D 0C EC 09 57 50 BA 98 E2 32 51 04 C3 31 20 34 57 77
03 6C C4 9A 28 0B 2D 59 19 0F EE D7 E0 1C A2 AC 17 8B AB F3 C3 B9 2E 0C
5D 9B FC 8D 3E 4D 3B 4E CC 4D 90 71 77 F8 47 36 F8 92 97 CF D0 A6 CD 7D
53 20 99 4D 81 FE 3C B8 94 0B 3C 80 33 8C 2D 0B FC E6 0B C3 B0 50 9B C6



Networking/Security Forums -> Cryptographic Theory and Cryptanalysis - Internal and Transmission Security


output generated using printer-friendly topic mod, All times are GMT + 2 Hours

Page 1 of 1

Powered by phpBB 2.0.x © 2001 phpBB Group