Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
19 changed files
with
672 additions
and
1,017 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,97 @@ | ||
E-Safenet | ||
========= | ||
|
||
Cryptanalytic attacks on E-Safenet encryption | ||
This GitHub repository contains files that assist in cryptanalytic attacks on E-Safenet encryption. | ||
Several attacks were developed that may partially or fully recover E-Safenet encryption keys. | ||
|
||
* Known-plaintext attack | ||
* Probable-plaintext attack | ||
* Against source code files | ||
* Against binary files | ||
* Ciphertext-only attack | ||
|
||
|
||
## Python scripts | ||
|
||
|
||
The python scripts provided can be used to encrypt and decrypt using the E-Safenet encryption, or to extract encryption keys. | ||
|
||
### Setup | ||
|
||
Prior to using these scripts, the simplelzo1x module has to be compiled first. | ||
This module provides an interface to the LZO v1.00 compression library. | ||
|
||
``` | ||
cd simplelzo1x && sudo python setup.py install | ||
``` | ||
|
||
More information about the library can be found in the README file in the simplelzo1x directory. | ||
|
||
### Python scripts | ||
|
||
Two main files are available: | ||
|
||
* **esafenet.py**: command-line interface to //known-plaintext// and //probable-plaintext// attacks | ||
* **esafenet_gui.py**: GUI interface for the //ciphertext-only// attack | ||
|
||
#### CLI: Known-plaintext & probable-plaintext | ||
|
||
|
||
```none | ||
usage: esafenet.py [-h] [--infile INFILE] [--key KEY] [--outfile OUTFILE] | ||
[--infolder INFOLDER] [--outfolder OUTFOLDER] | ||
[--comp_file COMP_FILE] [--type pattern_type] | ||
[--language text_pattern_language] | ||
action | ||
E-safenet encryption/decryption/key generation | ||
positional arguments: | ||
action Action to perform | ||
Should be one of ['encrypt', 'decrypt', 'encrypt_folder', | ||
'decrypt_folder', 'keygen', 'findkey', 'pattern_decrypt'] | ||
optional arguments: | ||
-h, --help show this help message and exit | ||
--infile INFILE Input file | ||
--key KEY Key file | ||
--outfile OUTFILE Output file | ||
--infolder INFOLDER Input folder | ||
--outfolder OUTFOLDER | ||
Output folder | ||
--comp_file COMP_FILE | ||
Plaintext comparison file used by findkey | ||
--type pattern_type Type for pattern decrypt (binary or text) | ||
--language text_pattern_language | ||
Language for text pattern decrypt (C or PHP) | ||
``` | ||
|
||
##### Examples | ||
|
||
Recovering the encryption key of a binary file: | ||
|
||
``` | ||
$ python esafenet.py pattern_decrypt --type binary --infile encrypted.xls --outfile key.dat | ||
Decryption: key written to key.dat (4 0-bytes) | ||
``` | ||
|
||
Decrypting an E-Safenet file using a provided key: | ||
``` | ||
$ python esafenet.py decrypt --infile encrypted.xls --key key.dat --outfile decrypted.xls | ||
``` | ||
|
||
#### GUI: ciphertext-only attack | ||
|
||
The GUI app esafenet_gui.py can be used for the ciphertext-only attack. | ||
More information about this attack can be found in the research paper. | ||
|
||
1) menu -> Open folder or file, select an E-Safenet file, or a folder containing only E-Safenet files ENCRYPTED WITH THE SAME KEY | ||
2) menu -> Analyze, analyzes the files, tries to maximize plaintext in the file(s), as described in the report. | ||
|
||
Note: The analyze step may take some time (15s for 200kB on my 5y/o laptop, displaying results in thhe grid takes even longer...) | ||
|
||
Results are displayed as-is, this program is not complete. Feel free to do with it as you see fit. | ||
|
||
## Credits | ||
|
||
The code was released under the GPLv2 license. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.