# Lab 2
## David Herel
This is my notebook for lab2 - communication security class.👋 

## Exercise 1: why we do all of this

> This is the easiest exercise, but also the most important one.

> Write in your report the following sentence:

>       I, <your name here>, understand that cryptography is easy to mess up, and
>       that I will not carelessly combine pieces of cryptographic ciphers to
>       encrypt my users' data. I will not write crypto code myself, but defer to
>       high-level libaries written by experts who took the right decisions for me,
>       like NaCL.

> That's it. You will indeed get points for writing this sentence in your report.

> Some similar resources if the idea is not clear enough:

>    - [Foot-shooting prevention agreement](http://www.moserware.com/assets/stick-figure-guide-to-advanced/aes_act_3_scene_02_agreement_1100. png) from [A Stick Figure Guide to the AES](http://www.moserware.com/2009/09/stick-figure-guide-to-advanced.html)
>  - [Why is writing your own encryption discouraged?](https://crypto.stackexchange.com/questions/43272/why-is-writing-your-own-encryption-discouraged)
> - [One does not simply write their own cipher](https://security.stackexchange.com/questions/25585/is-my-developers-home-brew-password-security-right-or-wrong-and-why/25637#25637)
>  - [Don't roll your own crypto.](https://security.stackexchange.com/questions/2202/lessons-learned-and-misconceptions-regarding-encryption-and-cryptology/2210#2210)

> Here is a list of recommendations that you can read later if you want.

>  - [Cryptographic right answers, 2018](https://latacora.micro.blog/2018/04/03/cryptographic-right-answers.html)
>    Note how it just more or less says "do not code crypto yourself".
>  - [NaCL](https://en.wikipedia.org/wiki/NaCl_(software)) and
>  [libsodium](https://libsodium.gitbook.io/doc) what you should use if you use
>   crypto in production

> Finally, remember to stay up to date, crypto that was good yesterday can be
> broken today.

> ---
 
> That's it for the "soft" stuff. For the rest of the lab we will code that does
> _not_ follow these rules, precisely so you can break it and see what happens
> when one makes careless crypto decisions.



    I, David Herel, understand that cryptography is easy to mess up, and
    that I will not carelessly combine pieces of cryptographic ciphers to
    encrypt my users' data. I will not write crypto code myself, but defer to
    high-level libaries written by experts who took the right decisions for me,
    like NaCL.


## Exercise 2: encrypt single-block AES

> Write a function `encrypt_aes_block(x, key)` that takes an input `x` with a size
> of _exactly_ 16 bytes, and a `key` also 16 bytes long, and returns the result of
> encrypting this block with AES.

> _It should encrypt only one block_; make it fail
> (exception, assert...) if the input is not 16 byte long.

> Do not write the AES algo yourself (it is somewhat complex and not in the scope
> of this lab). Just defer to a library implementation that will encrypt the block
>for you. Maybe your library will force you to choose a block mode, in this case
>choose ECB and make sure you get only one block of output.

>What is the ciphertext of encrypting the plaintext `90 miles an hour` with the
>key `CROSSTOWNTRAFFIC`? Answer in hex.


In [None]:
!pip install Crypto==1.4.1

You should consider upgrading via the '/root/venv/bin/python -m pip install --upgrade pip' command.[0m


In [None]:
from Crypto.Cipher import AES

#encrypt single aes block - x and key has to be exactly 16 bytes long - otherwise error is popped
def encrypt_aes_block(x, key):
    if (len(x.encode("utf8"))) != 16:
        raise Exception('Message has to be exactly 16 bytes long.')
    if (len(key.encode("utf8"))) != 16:
        raise Exception('Key has to be exactly 16 bytes long')
    cipher = AES.new(key, AES.MODE_ECB)
    message = cipher.encrypt(x)
    return message


answer = encrypt_aes_block("90 miles an hour", "CROSSTOWNTRAFFIC")
print(answer.hex())
    

092fb4b0aa77beddb5e55df37b73faaa


The answer in hex is: `092fb4b0aa77beddb5e55df37b73faaa`.

## Exercise 3: decrypt single-block AES

> Write a function `decrypt_aes_block(y, key)` that takes an encrypted
> block `y` (exactly 16 bytes) and decrypts it with a 16 byte `key`. As above, this should only
> operate on 16 byte blocks, and should defer to a library implementation.

> What is the decryption of the 16 byte block `fad2b9a02d4f9c850f3828751e8d1565`
> with the key `VALLEYSOFNEPTUNE`?

In [None]:
import binascii

#decrypt single aes block - x and key has to be exactly 16 bytes long - otherwise error is popped
def decrypt_aes_block(y, key):
    if (len(y)) != 16:
        raise Exception('Message has to be exactly 16 bytes long.')
    if (len(key.encode("utf8"))) != 16:
        raise Exception('Key has to be exactly 16 bytes long')
    cipher = AES.new(key, AES.MODE_ECB)
    message = cipher.decrypt(y)
    return message


def hex2bin(my_input):
    return binascii.unhexlify(my_input)

answer = decrypt_aes_block(hex2bin("fad2b9a02d4f9c850f3828751e8d1565"), "VALLEYSOFNEPTUNE")
print(answer)

b'I feel the ocean'


We got the answer: `I feel the ocean`

## Exercise 4: implement PKCS&#35;7 padding

> Write a function `pad(x)` that takes input data with arbitrary size and returns
> the same data (or a copy of it) with some bytes appended to it, in this manner:

>  - if the length (in bytes) is a multiple of 16 minus 1, append a single byte
>    of value 1 (hex `01`).
>  - if the length is a multiple of 16 minus 2, append two bytes of value 2
>    (hex `0202`).
>  - if the length is a multiple of 16 minus 3, append three bytes of value 3
>    (hex `030303`).
>  - ...
>  - if the length is a multiple of 16 minus 15, append fifteen bytes of
>    value 15 (hex `0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f`).
>  - if the length is exactly a multiple of 16, append sixteen bytes of value
>    16 (hex `10101010101010101010101010101010`).

>Your output should have, therefore, a length always a multiple of 16 bytes.

>What is the output of `pad("hello")`?

In [None]:
def pad(x):
    left_overs = len(x.encode("utf8")) % 16
    byte_to_copy = 16 - left_overs
    text_append = byte_to_copy.to_bytes(1, 'big')
    text = x.encode() + (text_append * byte_to_copy)
    return text

answer = pad("hello")
print(answer)

b'hello\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b'


Output of `pad("hello")` is `b'hello\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b'`.

## Exercise 5: implement PKCS#7 unpadding

> Write a function `unpad(y)` that takes an input data `y` padded with
> the scheme above, and returns the same data without the padding.

> What is the output of `unpad("hello\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b")`?

In [None]:
def unpad(y):
    left_overs = int.from_bytes(y[len(y)-1].encode(), 'big')
    if left_overs >= 17:
        return y
    return y[0:len(y)-left_overs]

print(unpad("hello\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"))

hello


We have got correct output: `hello`.

## Exercise 6: implement ECB encryption

> Write a function `encrypt_aes_ecb(x, key)` that:

>  - takes an arbitrary sized input `x`,
>  - pads it so the length is a multiple of 16 byte,
>  - cuts it to consecutive blocks of 16 bytes,
>  - encrypts every block independently with `encrypt_aes_block()` from Ex. 2
>  - concatenates the result

> Implement ECB mode yourself by following the steps above; you are not allowed to
> defer this task to your AES library of choice (but the library can still encrypt
> individual blocks through `encrypt_aes_ecb()`, of course).

> What is the encryption of the following plaintext? Use the key `vdchldslghtrturn`. Answer in hex.

>     Well, I stand up next to a mountain and I chop it down with the edge of my hand


In [None]:
def encrypt_aes_ecb(x, key):
    padded = pad(x)
    for i in range(0,len(padded),16):
        temp = encrypt_aes_block(padded[i:i+16].decode("utf8"), key)
        padded = padded[:i]+temp+padded[i+16:]
    return padded

answer = encrypt_aes_ecb("Well, I stand up next to a mountain and I chop it down with the edge of my hand", "vdchldslghtrturn")
print(answer.hex())

883319258b745592ef20db9dda39b076a84f4955a48ba9caecd1583641cf3acac86acd5e5795de7895fab54481e9d8c3afc179c39412282eb8445ea2450e763df7282998a74baf19887c843b658f8891


The answer is: `883319258b745592ef20db9dda39b076a84f4955a48ba9caecd1583641cf3acac86acd5e5795de7895fab54481e9d8c3afc179c39412282eb8445ea2450e763df7282998a74baf19887c843b658f8891`.

## Exercise 7: implement ECB decryption

>Write a function `decrypt_aes_ecb(y, key)` that decrypts ECB by reversing the
>steps of the previous exercise: slice in 16 byte blocks, decrypt blocks
>independently, concatenate, unpad. Again, do not defer to your AES library for
>these steps, except for individual block decryption through
>`decrypt_aes_block()`.

>What is the decryption of the following ECB encoded ciphertext? Use the key `If the mountains`.

>     792c2e2ec4e18e9d3a82f6724cf53848
>     abb28d529a85790923c94b5c5abc34f5
>     0929a03550e678949542035cd669d4c6
>     6da25e59a5519689b3b4e11a870e7cea

In [None]:
def decrypt_aes_ecb(y, key):
    for i in range(0,len(y),16):
        temp = decrypt_aes_block(y[i:i+16], key)      
        y = y[:i]+temp+y[i+16:]
    return unpad(y.decode("utf8"))

answer = decrypt_aes_ecb(hex2bin("792c2e2ec4e18e9d3a82f6724cf53848abb28d529a85790923c94b5c5abc34f50929a03550e678949542035cd669d4c66da25e59a5519689b3b4e11a870e7cea"), "If the mountains")
print(answer)

If the mountains fell in the sea / Let it be, it ain't me


The answer is: `If the mountains fell in the sea / Let it be, it ain't me`.

## Exercise 8: ECB ciphertext manipulation (cut and paste 1)

>The file `text1.hex` contains lyrics of a song, where each line is exactly 32
>bytes long (31 letters + a newline character). In other words, the first line is
>in blocks 0-1; the second line is in block 2-3, etc.

>However, there is a small mistake! The first line and the third line have been
>unfortunately swapped, so the song is not correct anymore.

>1. Have a quick look at the hex file. Can you quickly spot some obvious
>   patterns? What fact can you deduce about the song lyrics?

>2. At the end of the file, you can see a 16 byte block "alone"; however, all
>   lines of the song lyrics are really 32 bytes long. Can you explain the
>   presence of this last 16 byte block? Can you guess the plaintext of this
>   block?

>3. Restore the correct order in the ciphertext. In other words, swap the first
>   line and the third line. You must do this operation by manipulating the
>   ciphertext only, without decrypting. (The point is to show you that you can
>   manipulate encrypted text without knowing the key!)

>4. Then, decrypt the text with key `TLKNGBTMYGNRTION`. The first line should
>   start with "People" -- what is the rest of this line?

In [None]:
text1 = "f55dd7f3f8a6ab401f534e3bd14e17e5a9e6a812719593e07cd2ae73c9233ce43130c68457ca3d0783e5a5beec8965b1ce2b204963fd41209775362f9db531ef5dd0fb1c4956cf54cd2d3189072347e63bc53a7b56501a157f44894c27bfc0f93130c68457ca3d0783e5a5beec8965b1ce2b204963fd41209775362f9db531ef79001765e66a2d8564f676ae4f3fe0b81ebdddea88f2a8ae3ceb8993781816503130c68457ca3d0783e5a5beec8965b1ce2b204963fd41209775362f9db531ef1e7deb7da2086f0a9eff7eab6138f6242e7c4641a490912c0c26510454ee2a693130c68457ca3d0783e5a5beec8965b1ce2b204963fd41209775362f9db531ef57fc10777bb9d1adc7b63fb5d483521f0a5f54b2886d308f7ffd76cd41c3e1a9060e0e99b7bc2678594c65714361e33dcb7af3667b23cebbe6ffaa2ae13d4f442be86dd9d1a590e0b5b445f161b7b7aea5a770c3767c6233ea2dd4f380f8d6013130c68457ca3d0783e5a5beec8965b1ce2b204963fd41209775362f9db531efa8a6e8fd73a35abbd8558e2e75472f9d3a29cbb1834f3290bb9a014d3342d9f63130c68457ca3d0783e5a5beec8965b1ce2b204963fd41209775362f9db531ef476f3808de56bdbfcea382fde05e1e0dfeff7b140494b0fba7b002c478f00433c90dbfa04bdc91a6c5c1cf7b628a67be0a5f54b2886d308f7ffd76cd41c3e1a93130c68457ca3d0783e5a5beec8965b1ce2b204963fd41209775362f9db531ef4782f3bb9dbb6acdb547cc8b649d26f2e86871c45dd34b1875dfc82ca2e0604067b6d6561f1cafd6d907a0d44ea2f69b0a5f54b2886d308f7ffd76cd41c3e1a93130c68457ca3d0783e5a5beec8965b1ce2b204963fd41209775362f9db531ef57fc10777bb9d1adc7b63fb5d483521f0a5f54b2886d308f7ffd76cd41c3e1a9060e0e99b7bc2678594c65714361e33dcb7af3667b23cebbe6ffaa2ae13d4f442be86dd9d1a590e0b5b445f161b7b7aea5a770c3767c6233ea2dd4f380f8d6013130c68457ca3d0783e5a5beec8965b1ce2b204963fd41209775362f9db531ef4fee4885e4890c6818862fea7b1cfd82768a950a726dec48811816df3234e22d37166564b24813334eb51e3975d558a50a5f54b2886d308f7ffd76cd41c3e1a93130c68457ca3d0783e5a5beec8965b1ce2b204963fd41209775362f9db531ef476f3808de56bdbfcea382fde05e1e0d49ae61f725b62040d098e366fa666e91c90dbfa04bdc91a6c5c1cf7b628a67be0a5f54b2886d308f7ffd76cd41c3e1a93130c68457ca3d0783e5a5beec8965b1ce2b204963fd41209775362f9db531ef4782f3bb9dbb6acdb547cc8b649d26f2e86871c45dd34b1875dfc82ca2e0604067b6d6561f1cafd6d907a0d44ea2f69b0a5f54b2886d308f7ffd76cd41c3e1a93130c68457ca3d0783e5a5beec8965b1ce2b204963fd41209775362f9db531ef57fc10777bb9d1adc7b63fb5d483521f0a5f54b2886d308f7ffd76cd41c3e1a9060e0e99b7bc2678594c65714361e33dcb7af3667b23cebbe6ffaa2ae13d4f440c394fd1e39783532810f5f648f0a8f31e98f0095c49d521193485ac0ac9739c0c394fd1e39783532810f5f648f0a8f31e98f0095c49d521193485ac0ac9739c5dd0fb1c4956cf54cd2d3189072347e63bc53a7b56501a157f44894c27bfc0f93130c68457ca3d0783e5a5beec8965b1ce2b204963fd41209775362f9db531eff55dd7f3f8a6ab401f534e3bd14e17e50b1385621516503940a06e09665946b03130c68457ca3d0783e5a5beec8965b1ce2b204963fd41209775362f9db531ef79001765e66a2d8564f676ae4f3fe0b81ebdddea88f2a8ae3ceb8993781816503130c68457ca3d0783e5a5beec8965b1ce2b204963fd41209775362f9db531ef1e7deb7da2086f0a9eff7eab6138f6242e7c4641a490912c0c26510454ee2a693130c68457ca3d0783e5a5beec8965b1ce2b204963fd41209775362f9db531ef57fc10777bb9d1adc7b63fb5d483521f0a5f54b2886d308f7ffd76cd41c3e1a9060e0e99b7bc2678594c65714361e33dcb7af3667b23cebbe6ffaa2ae13d4f440c394fd1e39783532810f5f648f0a8f31e98f0095c49d521193485ac0ac9739c0c394fd1e39783532810f5f648f0a8f31e98f0095c49d521193485ac0ac9739c5dc56751f3546fb2e7498a1a03a4994d4a6c573d6f15e5e7f904faf8e1403c768fecbc5ef5681fa973925a4de95ef4e30a5f54b2886d308f7ffd76cd41c3e1a95dc56751f3546fb2e7498a1a03a4994d4a6c573d6f15e5e7f904faf8e1403c768fecbc5ef5681fa973925a4de95ef4e30a5f54b2886d308f7ffd76cd41c3e1a95dc56751f3546fb2e7498a1a03a4994d4a6c573d6f15e5e7f904faf8e1403c767864d0944aeebf971853d6f3f697e1e28d8d31700b760c8b70e460085c60ffc85dc56751f3546fb2e7498a1a03a4994d4a6c573d6f15e5e7f904faf8e1403c7636e7e7d0e14ac37b6c306d853e29b28d2ee863909ec0da55a9e6e2b8cf4d4ed35dc56751f3546fb2e7498a1a03a4994d4a6c573d6f15e5e7f904faf8e1403c7636e7e7d0e14ac37b6c306d853e29b28d2ee863909ec0da55a9e6e2b8cf4d4ed35dc56751f3546fb2e7498a1a03a4994d4a6c573d6f15e5e7f904faf8e1403c7636e7e7d0e14ac37b6c306d853e29b28d2ee863909ec0da55a9e6e2b8cf4d4ed35dc56751f3546fb2e7498a1a03a4994d4a6c573d6f15e5e7f904faf8e1403c7636e7e7d0e14ac37b6c306d853e29b28d2ee863909ec0da55a9e6e2b8cf4d4ed35dc56751f3546fb2e7498a1a03a4994d4a6c573d6f15e5e7f904faf8e1403c7636e7e7d0e14ac37b6c306d853e29b28d2ee863909ec0da55a9e6e2b8cf4d4ed3424b034587e46f76e52bad09705406cb"
#swapped first and third line
text1 = "5dd0fb1c4956cf54cd2d3189072347e63bc53a7b56501a157f44894c27bfc0f93130c68457ca3d0783e5a5beec8965b1ce2b204963fd41209775362f9db531eff55dd7f3f8a6ab401f534e3bd14e17e5a9e6a812719593e07cd2ae73c9233ce43130c68457ca3d0783e5a5beec8965b1ce2b204963fd41209775362f9db531ef79001765e66a2d8564f676ae4f3fe0b81ebdddea88f2a8ae3ceb8993781816503130c68457ca3d0783e5a5beec8965b1ce2b204963fd41209775362f9db531ef1e7deb7da2086f0a9eff7eab6138f6242e7c4641a490912c0c26510454ee2a693130c68457ca3d0783e5a5beec8965b1ce2b204963fd41209775362f9db531ef57fc10777bb9d1adc7b63fb5d483521f0a5f54b2886d308f7ffd76cd41c3e1a9060e0e99b7bc2678594c65714361e33dcb7af3667b23cebbe6ffaa2ae13d4f442be86dd9d1a590e0b5b445f161b7b7aea5a770c3767c6233ea2dd4f380f8d6013130c68457ca3d0783e5a5beec8965b1ce2b204963fd41209775362f9db531efa8a6e8fd73a35abbd8558e2e75472f9d3a29cbb1834f3290bb9a014d3342d9f63130c68457ca3d0783e5a5beec8965b1ce2b204963fd41209775362f9db531ef476f3808de56bdbfcea382fde05e1e0dfeff7b140494b0fba7b002c478f00433c90dbfa04bdc91a6c5c1cf7b628a67be0a5f54b2886d308f7ffd76cd41c3e1a93130c68457ca3d0783e5a5beec8965b1ce2b204963fd41209775362f9db531ef4782f3bb9dbb6acdb547cc8b649d26f2e86871c45dd34b1875dfc82ca2e0604067b6d6561f1cafd6d907a0d44ea2f69b0a5f54b2886d308f7ffd76cd41c3e1a93130c68457ca3d0783e5a5beec8965b1ce2b204963fd41209775362f9db531ef57fc10777bb9d1adc7b63fb5d483521f0a5f54b2886d308f7ffd76cd41c3e1a9060e0e99b7bc2678594c65714361e33dcb7af3667b23cebbe6ffaa2ae13d4f442be86dd9d1a590e0b5b445f161b7b7aea5a770c3767c6233ea2dd4f380f8d6013130c68457ca3d0783e5a5beec8965b1ce2b204963fd41209775362f9db531ef4fee4885e4890c6818862fea7b1cfd82768a950a726dec48811816df3234e22d37166564b24813334eb51e3975d558a50a5f54b2886d308f7ffd76cd41c3e1a93130c68457ca3d0783e5a5beec8965b1ce2b204963fd41209775362f9db531ef476f3808de56bdbfcea382fde05e1e0d49ae61f725b62040d098e366fa666e91c90dbfa04bdc91a6c5c1cf7b628a67be0a5f54b2886d308f7ffd76cd41c3e1a93130c68457ca3d0783e5a5beec8965b1ce2b204963fd41209775362f9db531ef4782f3bb9dbb6acdb547cc8b649d26f2e86871c45dd34b1875dfc82ca2e0604067b6d6561f1cafd6d907a0d44ea2f69b0a5f54b2886d308f7ffd76cd41c3e1a93130c68457ca3d0783e5a5beec8965b1ce2b204963fd41209775362f9db531ef57fc10777bb9d1adc7b63fb5d483521f0a5f54b2886d308f7ffd76cd41c3e1a9060e0e99b7bc2678594c65714361e33dcb7af3667b23cebbe6ffaa2ae13d4f440c394fd1e39783532810f5f648f0a8f31e98f0095c49d521193485ac0ac9739c0c394fd1e39783532810f5f648f0a8f31e98f0095c49d521193485ac0ac9739c5dd0fb1c4956cf54cd2d3189072347e63bc53a7b56501a157f44894c27bfc0f93130c68457ca3d0783e5a5beec8965b1ce2b204963fd41209775362f9db531eff55dd7f3f8a6ab401f534e3bd14e17e50b1385621516503940a06e09665946b03130c68457ca3d0783e5a5beec8965b1ce2b204963fd41209775362f9db531ef79001765e66a2d8564f676ae4f3fe0b81ebdddea88f2a8ae3ceb8993781816503130c68457ca3d0783e5a5beec8965b1ce2b204963fd41209775362f9db531ef1e7deb7da2086f0a9eff7eab6138f6242e7c4641a490912c0c26510454ee2a693130c68457ca3d0783e5a5beec8965b1ce2b204963fd41209775362f9db531ef57fc10777bb9d1adc7b63fb5d483521f0a5f54b2886d308f7ffd76cd41c3e1a9060e0e99b7bc2678594c65714361e33dcb7af3667b23cebbe6ffaa2ae13d4f440c394fd1e39783532810f5f648f0a8f31e98f0095c49d521193485ac0ac9739c0c394fd1e39783532810f5f648f0a8f31e98f0095c49d521193485ac0ac9739c5dc56751f3546fb2e7498a1a03a4994d4a6c573d6f15e5e7f904faf8e1403c768fecbc5ef5681fa973925a4de95ef4e30a5f54b2886d308f7ffd76cd41c3e1a95dc56751f3546fb2e7498a1a03a4994d4a6c573d6f15e5e7f904faf8e1403c768fecbc5ef5681fa973925a4de95ef4e30a5f54b2886d308f7ffd76cd41c3e1a95dc56751f3546fb2e7498a1a03a4994d4a6c573d6f15e5e7f904faf8e1403c767864d0944aeebf971853d6f3f697e1e28d8d31700b760c8b70e460085c60ffc85dc56751f3546fb2e7498a1a03a4994d4a6c573d6f15e5e7f904faf8e1403c7636e7e7d0e14ac37b6c306d853e29b28d2ee863909ec0da55a9e6e2b8cf4d4ed35dc56751f3546fb2e7498a1a03a4994d4a6c573d6f15e5e7f904faf8e1403c7636e7e7d0e14ac37b6c306d853e29b28d2ee863909ec0da55a9e6e2b8cf4d4ed35dc56751f3546fb2e7498a1a03a4994d4a6c573d6f15e5e7f904faf8e1403c7636e7e7d0e14ac37b6c306d853e29b28d2ee863909ec0da55a9e6e2b8cf4d4ed35dc56751f3546fb2e7498a1a03a4994d4a6c573d6f15e5e7f904faf8e1403c7636e7e7d0e14ac37b6c306d853e29b28d2ee863909ec0da55a9e6e2b8cf4d4ed35dc56751f3546fb2e7498a1a03a4994d4a6c573d6f15e5e7f904faf8e1403c7636e7e7d0e14ac37b6c306d853e29b28d2ee863909ec0da55a9e6e2b8cf4d4ed3424b034587e46f76e52bad09705406cb"

answer = decrypt_aes_ecb(hex2bin(text1),"TLKNGBTMYGNRTION")
print(answer)

People try to put us d-down    
(Talkin' 'bout my generation)  
Just because we get around     
(Talkin' 'bout my generation)  
Things they do look awful cold 
(Talkin' 'bout my generation)  
I hope I die before I get old  
(Talkin' 'bout my generation)  
My generation                  
This is my generation, baby    
Why don't you all f-fade away  
(Talkin' 'bout my generation)  
Don't try to dig what w'all say
(Talkin' 'bout my generation)  
I'm not trying to cause a big  
s-s-sensation                  
(Talkin' 'bout my generation)  
I'm just talkin' 'bout my      
g-g-generation                 
(Talkin' 'bout my generation)  
My generation                  
This is my generation, baby    
Why don't you all f-fade away  
(Talkin' 'bout my generation)  
And don't try to d-dig what we 
all s-s-say                    
(Talkin' 'bout my generation)  
I'm not trying to cause a b-big
s-s-sensation                  
(Talkin' 'bout my generation)  
I'm just talkin' 'bout my      
g-g-gene

Answer to the 1 question:

Yeah there are lines like this `3130c68457ca3d0783e5a5beec8965b1ce2b204963fd41209775362f9db531ef`, which are repeating periodically, so this has to be pop song with some catchy phrase.

2. question
It was probably padded

3. and 4. done via code above.
` try to put us d-down`



## Exercise 9: ECB message crafting (cut and paste 2)

>1. Write a function `welcome(name)` that 
>    - first, concatenates three strings:
>        - `"Your name is "` (13 bytes)
>        - `name` (the input)
>        - `" and you are a user"` (19 bytes)
>    - then, encrypts the resulting string with the key `RIDERSONTHESTORM`
>    - finally, returns the ciphertext

>For questions 2-5, only operate through the function `welcome()`; do
>not use the key directly. (Pretend you're an outside attacker, and
>therefore, you don't know the key.)

>2. What is the ciphertext of `welcome("Jim")`? Answer in hex.

>3. Obtain the ciphertext of a block whose plaintext is 16 times the byte 16:
>   `1010...10`.

>4. Obtain the ciphertext of a block whose plaintext is "you are an admin".

>5. Use these blocks (and perhaps other calls to `welcome`) to craft an encrypted
>   message whose plaintext starts by `"Your name is "` and finishes with `" and you
>   are an admin"`. In your report, write down your crafted ciphertext.

>For question 6, you may use the key directly:

>6. Decrypt your encrypted message to make sure it is correct. In your report,
>   write the decrypted message.

>7. Could you quickly describe a real-world scenario where this could be a
>   security issue?

In [None]:
def welcome(name):
    #13 before and 19 after
    text = "Your name is " + name + " and you are a user"
    ret = encrypt_aes_ecb(text, "RIDERSONTHESTORM")
    return ret

answer = welcome ("Jim")
print(answer.hex())

#because of pad func. 10..10 is added so just take last 16 bytes
point3 = welcome("")
point3 = point3[len(point3)-16:]
print(point3.hex())

point4 = welcome("   you are an admin")
point4 = point4[16:32]
print(point4.hex())

point5 = welcome("David Herel   ")
point5 = point5[:32]+point4+point3
print(point5.hex())
print(decrypt_aes_ecb(point5, "RIDERSONTHESTORM"))

d4d7730a2d4255c88dead80a2ad924f2b114fddb898d7ef8abdfefef30d552863f62b0605102e0186402df7666edcec7
4e9eb1df207c25bebdcfc57385251689
7edb62ceff6a92e3a59029a06e5e622b
de24280e189ec5c1e880ca3ef5668ea54b9c6694fdc82189315fe5009c55ec047edb62ceff6a92e3a59029a06e5e622b4e9eb1df207c25bebdcfc57385251689
Your name is David Herel    and you are an admin


1. and 2. done
Cipther text of welcome("Jim") is `d4d7730a2d4255c88dead80a2ad924f2b114fddb898d7ef8abdfefef30d552863f62b0605102e0186402df7666edcec7`.

3. `4e9eb1df207c25bebdcfc57385251689`

4. `7edb62ceff6a92e3a59029a06e5e622b`

5. `de24280e189ec5c1e880ca3ef5668ea54b9c6694fdc82189315fe5009c55ec047edb62ceff6a92e3a59029a06e5e622b4e9eb1df207c25bebdcfc57385251689`

6. Decrypted message is `Your name is David Herel    and you are an admin
` and it is correct

7. We can modify any information which was encrypted this way - we could insert ours. 




## Exercise 10: ECB decryption (cracking) byte-at-a-time

>In this exercise, you will decrypt the >content of a ciphertext without knowing
>the key!

>Let `SECRET` be the following >constant: "this should stay secret".

>Write a function `hide_secret(x)` that 

>  - concatenates two pieces of data:
>    - `x` (the input, which can >contain non-ASCII characters)
>    - `SECRET`
>  - encrypts the result with the key >`COOL T MAGIC KEY`
>  - returns the ciphertext

>To test your function, make sure >`hide_secret("just listen find the >magic key")`
>returns the following ciphertext:

>    45a306391112e09639cc44fa4d53c79e
>    c90162749b6055bbc3d0811c0da6bd9b
>    df3dccce5ff98e742ffdc33a1c8e84b9
>    d47e0182d8fa07c9291b25d8dab01199

>Now, perform the next questions by >pretending you don't know the key: only
>operate through `hide_secret()`.

>Write a function that discovers the >first character of the secret. Here is >how
>you can proceed:

>1. Call `hide_secret()` with an input >containing fifteen times (16-1) the
>   character `A`: "AAAAAAAAAAAAAAA". >In the first block to be encrypted, >what
>   will be the last plaintext byte?

>2. Call `hide_secret()` with the >following 16-byte inputs: "AAA...>AA\\x00",
>   "AAA...AA\\x01"...  In other words, >iterate through all possibilities for >the
>   last byte of the plaintext, and >check the resulting ciphertext against >the
>   first ciphertext block of question >1 above. If it matches, it means you >have
>   discovered the first character!

>Now generalize this technique to >obtain all subsequent characters:

>3. Say you know some bytes at the >beginning of the secret. To obtain the >next
>   byte, decrement the number of A's. >When calling `hide_secret("AAA..AA")` >the
>   plaintext of the first block will >look like:

><!-- -->
>
>    AAA..AAxxxxy
>           ^^^^----- you know this >already
>               ^---- crack this byte, >you know how to do it!

>Automate this in a loop. When you run out of A's, realize you can start back at
>15 and attack the second block (and later, the third, and so on)

>How to find out when you have the complete secret (i.e. the termination
>condition for your loop):

>  - You could continue cracking new bytes, but they will always have the value 1. Why?
>  - The length of the response to your initial call `hide_secret("AAA..AA")`
>    will be exactly `a + s + 1` where `a` is the number of A's (between 0 and 15) and `s` is how many secret bytes >you know so far. Why is this true only
>    when the secret is complete?


In [None]:
def hide_secret(x):
    text = x + "this should stay secret"
    ret = encrypt_aes_ecb(text, "COOL T MAGIC KEY")
    return ret
answer = hide_secret("just listen find the >magic key")
print(answer.hex())

import string

def find_secret():
    printable = string.printable    
    found = False
    secret = b''
    part = 1
    aaa = "AAAAAAAAAAAAAAA"
    while not found:
        found_counter = 0
        temp_cip = hide_secret(aaa)
        temp_cip = temp_cip[:16*part]
        for i in printable + str(1):
            b_i = str.encode(i)
            temp_guess = str.encode(aaa) + secret + b_i
            #print("temp guess")
            #print(temp_guess)
            guess_ret = hide_secret(temp_guess.decode("utf-8"))
            guess_ret = guess_ret[:16*part]
            #print("guess_ret")
            #print(guess_ret)
            #print("temp_cip")
            #print(temp_cip)
            if temp_cip == guess_ret:
                found_counter +=1
                if (not found):
                    secret = secret + b_i
                    if (len(secret)%16 == 0 and len(secret)!=0):
                        aaa ="AAAAAAAAAAAAAAA" 
                        part +=1
                        #print("secret: " + str(secret))
                    else:
                        aaa = aaa[:len(aaa)-1]
                        #print(aaa)
                        #print("secret: " + str(secret))
        if (found_counter <= 0):
            found = True
    return secret

print(find_secret())


45a306391112e09639cc44fa4d53c79ef86f5d44f45cc3f3f0f06e0bc4880847d38e3ebfa8b489d3e2fb3819bcb4786e04d50c322b3bf872c7d37d6f127f3a06
b'this should stay secret'


That's it I have succesfully decrypted ciphertext without knowing the key.

<a style='text-decoration:none;line-height:16px;display:flex;color:#5B5B62;padding:10px;justify-content:end;' href='https://deepnote.com?utm_source=created-in-deepnote-cell&projectId=77d343fe-b669-4e82-8dce-f2d4848ca6cb' target="_blank">
 </img>
Created in <span style='font-weight:600;margin-left:4px;'>Deepnote</span></a>