This repository contains my naive solutions to the Cryptopals Challenges written in Node.js.
I used (and slightly modified) following implementations of SHA1 and MD4 for challenges 29 and 30:
Challenge | Status | Notes |
---|---|---|
1. Convert hex to base64 | ✅ | |
2. Fixed XOR | ✅ | |
3. Single-byte XOR cipher | ✅ | |
4. Detect single-character XOR | ✅ | |
5. Implement repeating-key XOR | ✅ | |
6. Break repeating-key XOR | ✅ | |
7. AES in ECB mode | ✅ | |
8. Detect AES in ECB mode | ✅ |
Challenge | Status | Notes |
---|---|---|
9. Implement PKCS#7 padding | ✅ | |
10. Implement CBC mode | ✅ | |
11. An ECB/CBC detection oracle | ✅ | |
12. Byte-at-a-time ECB decryption (Simple) | ✅ | |
13. ECB cut-and-paste | ✅ | |
14. Byte-at-a-time ECB decryption (Harder) | ✅ | |
15. PKCS#7 padding validation | ✅ | |
16. CBC bitflipping attacks | ✅ |
Challenge | Status | Notes |
---|---|---|
17. The CBC padding oracle | ✅ | |
18. Implement CTR, the stream cipher mode | ✅ | |
19. Break fixed-nonce CTR mode using substitutions | ✅ | |
20. Break fixed-nonce CTR statistically | ✅ | |
21. Implement the MT19937 Mersenne Twister RNG | ✅ | |
22. Crack an MT19937 seed | ✅ | |
23. Clone an MT19937 RNG from its output | ✅ | |
24. Create the MT19937 stream cipher and break it | ✅ |
Challenge | Status | Notes |
---|---|---|
25. Break 'random access read/write' AES CTR | ✅ | |
26. CTR bitflipping | ✅ | |
27. Recover the key from CBC with IV=Key | ✅ | |
28. Implement a SHA-1 keyed MAC | ✅ | |
29. Break a SHA-1 keyed MAC using length extension | ✅ | |
30. Break an MD4 keyed MAC using length extension | ✅ | |
31. Implement and break HMAC-SHA1 with an artificial timing leak | ✅ | |
32. Break HMAC-SHA1 with a slightly less artificial timing leak | ✅ | too slow? |
Challenge | Status | Notes |
---|---|---|
33. Implement Diffie-Hellman | ✅ | |
34. Implement a MITM key-fixing attack on Diffie-Hellman with parameter injection | ✅ | |
35. Implement DH with negotiated groups, and break with malicious 'g' parameters | ✅ | |
36. Implement Secure Remote Password (SRP) | ✅ | |
37. Break SRP with a zero key | ✅ | |
38. Offline dictionary attack on simplified SRP | ✅ | |
39. Implement RSA | ✅ | |
40. Implement an E=3 RSA Broadcast attack | ✅ |
Challenge | Status | Notes |
---|---|---|
41. Implement unpadded message recovery oracle | ✅ | |
42. Bleichenbacher's e=3 RSA Attack | ✅ | |
43. DSA key recovery from nonce | ✅ | |
44. DSA nonce recovery from repeated nonce | ✅ | |
45. DSA parameter tampering | ✅ | |
46. RSA parity oracle | ✅ | |
47. Bleichenbacher's PKCS 1.5 Padding Oracle (Simple Case) | ✅ | |
48. Bleichenbacher's PKCS 1.5 Padding Oracle (Complete Case) | ✅ |
Challenge | Status | Notes |
---|---|---|
49. CBC-MAC Message Forgery | ✅ | |
50. Hashing with CBC-MAC | ✅ | |
51. Compression Ratio Side-Channel Attacks | ✅ | |
52. Iterated Hash Function Multicollisions | ✅ | |
53. Kelsey and Schneier's Expandable Messages | ✅ | |
54. Kelsey and Kohno's Nostradamus Attack | ✅ | |
55. MD4 Collisions | ✅ | |
56. RC4 Single-Byte Biases | ✅ |