• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Help with CPA attack

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Cryptographic Theory and Cryptanalysis - Internal and Transmission Security

View previous topic :: View next topic  
Author Message
siddhartha
Just Arrived
Just Arrived


Joined: 15 Oct 2009
Posts: 0


Offline

PostPosted: Thu Oct 15, 2009 4:28 am    Post subject: Help with CPA attack Reply with quote

Please help, I'm stuck!

I'm dealing with a proprietary file format that contains a large file and some header data. Only a portion of the large file is encrypted within the 'packed' file. Specifically, the first 2,097,152 bytes or the first $200000 addresses in hex.

I have the program that encrypts the data and I can input any data I want. As much as I would just install a debugger and reverse engineer the program, my assembly is not that good and the proprietary software accesses numerous DLLs which confuse things even more.

What I would like to do is launch a CPA attack on the encryption algorithm.

I have encrypted various plaintexts. The method I used was to fill a file with 4,194,304 bytes of null chars (0x0) and then change various addresses to 0x1.

Initial analysis:

You can see that the encoding happens in 16 byte chunks. When comparing ciphers, if the first 16 bytes of the plaintext are equal, the first 16 bytes of the ciphertext are equal. If any byte of the plaintext is changed after a 16 byte block, the rest of the ciphertext is completely different from the original ciphertext.

I know that file length is not considered when encrypting the data, i.e. 1000 bytes of 0x0 will have the same first 1000 bytes of ciphertext as 2000 bytes of 0x0.

It looks like 31 or 32 bytes are added to the ciphertext somewhere, at the end? When the plaintext is 128 bytes, the ciphertext is 159 or 160 bytes.

Questions:
- Do you know of an encryption algorithm that produces ciphertexts in this "16 byte chunk" manner?
- Can any of these ciphertexts be decrypted to their corresponding plaintexts?
- Do you need any additional ciphertexts based on a particular plaintext?

The ciphertexts (only the first 96 bytes):
(Matching portions of ciphertext to first ciphertext (where the plaintext is all bytes are 0x0) are in bold.)

All bytes are 0x0:
11 DB 43 3C 22 37 82 0C 6D D9 8F 51 1D E5 77 31 17 CE 3C 92 C0 27 59 92
D6 DC F2 B5 B4 68 0D 0C EC 09 57 50 BA 98 E2 32 51 04 C3 31 20 34 57 77
03 6C C4 9A 28 0B 2D 59 19 0F EE D7 E0 1C A2 AC 17 8B AB F3 C3 B9 2E 0C
5D 9B FC 8D 3E 4D 3B 4E CC 4D 90 71 77 F8 47 36 F8 92 97 CF D0 A6 CD 7D
53 20 99 4D 81 FE 3C B8 94 0B 3C 80 33 8C 2D 0B FC E6 0B C3 B0 50 9B C6

All bytes are 0x1:
C6 DD 90 9B A9 BC 4B 4C 8B 82 18 77 B2 4A F3 82 E1 14 BF 58 4F AF EB 27
90 B0 E3 08 02 FF 54 87 A9 F7 13 70 AE A2 D1 03 AD A3 46 8C B0 9E D3 CE
2E 7B 01 A1 4A CD 2F EB 86 E5 28 D4 D2 87 D9 54 FB 11 71 F8 71 82 D8 F0
15 4F 87 89 FE 3E 16 29 27 DD 68 DB A7 DA 33 0C 6C ED 7E 56 F4 4D F4 08
DE 88 9B 68 1B 21 37 A9 20 A6 1E 80 03 B0 7F 0C 5F 0A 6A 37 17 01 90 06

Byte 14 is 0x1:
E8 28 EA 50 51 22 9E CF 82 93 C5 24 EE AC 1C B6 C8 56 B7 79 9B 0C E6 A2
20 B2 33 FB 89 77 39 55 98 36 68 92 2F F0 39 E1 D3 E0 31 91 10 BD 97 80
1F CB C6 9E A9 15 D3 72 AE 31 3E 99 D5 47 D8 A5 F7 D0 5D 17 04 47 DD 9E
84 36 7D CA 91 60 D8 5F 6A 95 16 58 F7 04 EC 5D 66 A2 B1 E2 E6 50 DE 90
6F 87 4B 5F 01 C8 15 9C 9F 47 EE 62 9F 1A 85 50 B4 21 E9 6E 35 1A BE 0B

Byte 15 is 0x1:
5B 66 93 7C 53 A5 DA 2D 0F 19 E7 5B 83 35 76 61 6F 27 C7 83 26 37 9A 3E
68 77 07 35 5C CE 32 DB 47 D6 F6 6E D0 51 66 34 F1 8F E3 7D 84 F9 80 6E
59 37 0B 11 78 7A D0 FC 49 CF F0 D4 69 2B 4F 0C 57 76 AC 05 58 59 5A 32
C0 F0 39 40 35 FD DF CE 67 62 71 F4 6D 64 38 29 43 FC BE A5 C3 E3 73 A2
A0 71 43 2A D5 F1 18 1F B9 09 6F 85 6A 0E 9C 0E 18 C6 E1 3F 52 C1 21 EF

Byte 16 is 0x1:
B4 DD E0 9F D8 A6 8E EA 56 91 CE 10 08 0A 17 D8 09 87 BB 4B 16 D4 73 7C
10 E0 AE DC 06 18 54 3C 2C 4B 91 DB 12 E5 E0 83 B8 AA A1 1D 71 86 89 E4
06 05 25 35 66 02 D6 60 38 1F EC A9 2F 2F 5E B8 3A 20 12 FF AD 21 B6 AA
8D F7 71 49 51 E4 5B AE A8 4A 12 35 B5 BF 15 05 28 46 70 A5 69 48 C3 32
AC C3 19 DD 26 5B 96 A1 D2 7A BB EC DA 7C 45 E0 62 C6 EC 68 1D 5F FF CC

Byte 17 is 0x1:
11 DB 43 3C 22 37 82 0C 6D D9 8F 51 1D E5 77 31 DE 82 F8 C7 92 A7 66 65
81 DA FA 00 7D E0 15 EC FF D6 EF DF 1E 0E 26 93 53 7D A8 FB A4 C8 40 B2
78 77 FB 25 9C 51 28 9A 6F 91 93 0F 4D 27 8F 03 1A 23 E4 43 FC 6D C4 6A
31 44 AE EE DA C3 E2 81 30 2E 66 CB F0 01 BC 4F 0A 29 1D 9D 87 8B AE 34
3A 30 71 C3 5C AC 75 D5 86 58 CD 01 D0 5E 3A 53 91 D9 11 48 63 65 35 D1

Byte 32 is 0x1:
11 DB 43 3C 22 37 82 0C 6D D9 8F 51 1D E5 77 31 01 5A 68 71 39 B3 DE 49
6A AF AB 79 7E 2B C8 EB 34 3B 51 19 E3 2B 23 06 93 4A 37 10 DB 00 FD 17
21 65 FA DF 76 61 04 B5 9A C1 4B 99 2E E9 EF 97 59 B3 59 BF 42 63 18 DA
A5 8E 7D E0 BE 09 84 DA 58 4D 24 87 18 21 DB 51 96 20 7E 1B 01 74 AD B0
D5 8A 2F F4 C6 BD 3A B7 CE DF 95 AB 20 28 52 9B 1B 3A CD 67 AF 5C B2 92

Byte 33 is 0x1:
11 DB 43 3C 22 37 82 0C 6D D9 8F 51 1D E5 77 31 17 CE 3C 92 C0 27 59 92
D6 DC F2 B5 B4 68 0D 0C
4E 8E A8 D6 AC 1A 16 BA 6D FC C0 38 9F 2C 1F C2
08 0C 5E 87 78 8F 66 20 F7 C9 A3 5E CB 86 D3 2E 6E 3B D5 E4 33 CD C8 25
BC B7 41 43 48 A8 8D 77 C0 82 A1 3B D3 BC 35 E8 CD 3B C9 BC 01 1D 30 16
91 7F EA 5A D7 0A 62 D7 E3 70 07 0B 71 BB 8D 51 BC 62 32 01 E8 A0 8F B3

Byte 64 is 0x1:
11 DB 43 3C 22 37 82 0C 6D D9 8F 51 1D E5 77 31 17 CE 3C 92 C0 27 59 92
D6 DC F2 B5 B4 68 0D 0C EC 09 57 50 BA 98 E2 32 51 04 C3 31 20 34 57 77

46 E5 06 82 AD 60 A5 BF 33 B1 48 54 E2 4F BB 29 1A 43 5C 90 F3 36 3B 3C
C8 08 2A CD 67 EC 28 1E 88 EC D5 D7 21 1B 0F 23 61 A1 07 7A 79 EC A9 BB
E1 30 B3 4C E8 B9 DB E7 2B 8E D1 7B F1 99 9E 82 96 AD 84 7B 08 7B F6 0B

Byte 65 is 0x1:
11 DB 43 3C 22 37 82 0C 6D D9 8F 51 1D E5 77 31 17 CE 3C 92 C0 27 59 92
D6 DC F2 B5 B4 68 0D 0C EC 09 57 50 BA 98 E2 32 51 04 C3 31 20 34 57 77
03 6C C4 9A 28 0B 2D 59 19 0F EE D7 E0 1C A2 AC
8A 89 56 C3 E5 C5 66 C4
DB 5E 62 3A 26 AE 2A 0E 2F B8 E0 CF 58 61 0B A1 9E F4 24 93 44 4D 5C 77
B1 5A DB 5E 4A 94 26 B5 D8 57 F1 64 47 13 BC 12 97 84 F3 02 9D 27 80 FD

Byte 66 is 0x1:
11 DB 43 3C 22 37 82 0C 6D D9 8F 51 1D E5 77 31 17 CE 3C 92 C0 27 59 92
D6 DC F2 B5 B4 68 0D 0C EC 09 57 50 BA 98 E2 32 51 04 C3 31 20 34 57 77
03 6C C4 9A 28 0B 2D 59 19 0F EE D7 E0 1C A2 AC
0E C2 D7 33 AF 7F 91 B2
1C 78 D6 AB 65 C1 70 1B EA 2D 2B F9 7A 81 2F D0 9C 35 2F 37 0F 96 7F 5B
06 B3 3D 84 28 61 46 C0 57 CE E8 09 27 B4 A5 8B D7 A2 06 17 91 EF B5 5A

Byte 80 is 0x1:
11 DB 43 3C 22 37 82 0C 6D D9 8F 51 1D E5 77 31 17 CE 3C 92 C0 27 59 92
D6 DC F2 B5 B4 68 0D 0C EC 09 57 50 BA 98 E2 32 51 04 C3 31 20 34 57 77
03 6C C4 9A 28 0B 2D 59 19 0F EE D7 E0 1C A2 AC
82 0D C2 AC E2 6C C6 BF
91 DD F2 BC 68 AC 9A A7 44 AF F5 68 A6 3F 01 5D 94 8F 52 BB 34 86 AA 18
20 36 FB 70 71 AD 53 57 7A 75 44 C3 D2 8A 02 2A BB CD C9 64 59 FB 22 34

Byte 81 is 0x1:
11 DB 43 3C 22 37 82 0C 6D D9 8F 51 1D E5 77 31 17 CE 3C 92 C0 27 59 92
D6 DC F2 B5 B4 68 0D 0C EC 09 57 50 BA 98 E2 32 51 04 C3 31 20 34 57 77
03 6C C4 9A 28 0B 2D 59 19 0F EE D7 E0 1C A2 AC 17 8B AB F3 C3 B9 2E 0C
5D 9B FC 8D 3E 4D 3B 4E
B8 15 42 50 7D 2C 29 FC 4C BF FB 73 02 EB C1 95
6B F5 85 D2 F1 DA 45 9A 45 F3 47 40 E7 BB 00 42 D9 42 CC 68 DA 75 EC E1

Byte 96 is 0x1:
11 DB 43 3C 22 37 82 0C 6D D9 8F 51 1D E5 77 31 17 CE 3C 92 C0 27 59 92
D6 DC F2 B5 B4 68 0D 0C EC 09 57 50 BA 98 E2 32 51 04 C3 31 20 34 57 77
03 6C C4 9A 28 0B 2D 59 19 0F EE D7 E0 1C A2 AC 17 8B AB F3 C3 B9 2E 0C
5D 9B FC 8D 3E 4D 3B 4E
C7 93 B2 2E A2 C9 29 DB E5 7B BA 43 0D 44 7E 49
12 A2 F4 2B 31 71 02 04 98 5D F7 C1 0D 0A E9 59 D0 16 38 53 DF 59 8D 60

Byte 97 is 0x1:
11 DB 43 3C 22 37 82 0C 6D D9 8F 51 1D E5 77 31 17 CE 3C 92 C0 27 59 92
D6 DC F2 B5 B4 68 0D 0C EC 09 57 50 BA 98 E2 32 51 04 C3 31 20 34 57 77
03 6C C4 9A 28 0B 2D 59 19 0F EE D7 E0 1C A2 AC 17 8B AB F3 C3 B9 2E 0C
5D 9B FC 8D 3E 4D 3B 4E CC 4D 90 71 77 F8 47 36 F8 92 97 CF D0 A6 CD 7D

39 FD D2 91 77 C8 47 A4 80 AC B6 6B 2F 56 DA DE AA AF 66 80 9D 14 4F A4

Byte 98 is 0x1:
1 DB 43 3C 22 37 82 0C 6D D9 8F 51 1D E5 77 31 17 CE 3C 92 C0 27 59 92
D6 DC F2 B5 B4 68 0D 0C EC 09 57 50 BA 98 E2 32 51 04 C3 31 20 34 57 77
03 6C C4 9A 28 0B 2D 59 19 0F EE D7 E0 1C A2 AC 17 8B AB F3 C3 B9 2E 0C
5D 9B FC 8D 3E 4D 3B 4E CC 4D 90 71 77 F8 47 36 F8 92 97 CF D0 A6 CD 7D

DF EE 23 EC 18 D8 31 FD 96 EA 46 53 AD 2F BB 14 4D 99 2E 9E D6 2E 75 8F

Byte 127 is 0x1:
11 DB 43 3C 22 37 82 0C 6D D9 8F 51 1D E5 77 31 17 CE 3C 92 C0 27 59 92
D6 DC F2 B5 B4 68 0D 0C EC 09 57 50 BA 98 E2 32 51 04 C3 31 20 34 57 77
03 6C C4 9A 28 0B 2D 59 19 0F EE D7 E0 1C A2 AC 17 8B AB F3 C3 B9 2E 0C
5D 9B FC 8D 3E 4D 3B 4E CC 4D 90 71 77 F8 47 36 F8 92 97 CF D0 A6 CD 7D
53 20 99 4D 81 FE 3C B8 94 0B 3C 80 33 8C 2D 0B
1E CE 7B 53 61 89 96 34

Byte 128 is 0x1:
11 DB 43 3C 22 37 82 0C 6D D9 8F 51 1D E5 77 31 17 CE 3C 92 C0 27 59 92
D6 DC F2 B5 B4 68 0D 0C EC 09 57 50 BA 98 E2 32 51 04 C3 31 20 34 57 77
03 6C C4 9A 28 0B 2D 59 19 0F EE D7 E0 1C A2 AC 17 8B AB F3 C3 B9 2E 0C
5D 9B FC 8D 3E 4D 3B 4E CC 4D 90 71 77 F8 47 36 F8 92 97 CF D0 A6 CD 7D
53 20 99 4D 81 FE 3C B8 94 0B 3C 80 33 8C 2D 0B 5D
F3 30 D5 53 37 7E 7D

Byte 129 is 0x1:
11 DB 43 3C 22 37 82 0C 6D D9 8F 51 1D E5 77 31 17 CE 3C 92 C0 27 59 92
D6 DC F2 B5 B4 68 0D 0C EC 09 57 50 BA 98 E2 32 51 04 C3 31 20 34 57 77
03 6C C4 9A 28 0B 2D 59 19 0F EE D7 E0 1C A2 AC 17 8B AB F3 C3 B9 2E 0C
5D 9B FC 8D 3E 4D 3B 4E CC 4D 90 71 77 F8 47 36 F8 92 97 CF D0 A6 CD 7D
53 20 99 4D 81 FE 3C B8 94 0B 3C 80 33 8C 2D 0B FC E6 0B C3 B0 50 9B C6
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Cryptographic Theory and Cryptanalysis - Internal and Transmission Security All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register