Skip to content

jo-makar/matasano

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

103 Commits

set1

set1

 
 

set2

set2

 
 

set3

set3

 
 

set4

set4

 
 

set5

set5

 
 

set6

set6

 
 

.gitignore

.gitignore

 
 

README.md

README.md

 
 

Repository files navigation

matasano

Matasano (now NCC Group) crypto challenges' (https://cryptopals.com) solutions

Briefly, these are a collection of exercises that demonstrate attacks on real-world cryptography. The exercises are derived from weaknesses in real-world systems and modern cryptographic constructions covering topics from symmetric ciphers such as AES (in a variety of modes), padding schemes such as PKCS#7, random number generators, hashing algorithmns, asymmetric ciphers such as DSA and RSA, a variety of famous attacks, and so on.

  • Problem set 1
    • Convert hex to base64 and back
    • Fixed XOR
    • Single-character XOR Cipher
    • Detect single-character XOR
    • Repeating-key XOR Cipher
    • Break repeating-key XOR
    • AES in ECB Mode
    • Detecting ECB
  • Problem set 2
    • Implement PKCS#7 padding
    • Implement CBC Mode
    • Write an oracle function and use it to detect ECB
    • Byte-at-a-time ECB decryption, Full control version
    • ECB cut-and-paste
    • Byte-at-a-time ECB decryption, Partial control version
    • PKCS#7 padding validation
    • CBC bit flipping
  • Problem set 3
    • The CBC padding oracle
    • Implement CTR mode
    • Break fixed-nonce CTR mode using substitions
    • Break fixed-nonce CTR mode using stream cipher analysis
    • Implement the MT19937 Mersenne Twister RNG
    • "Crack" an MT19937 seed
    • Clone an MT19937 RNG from its output
    • Create the MT19937 stream cipher and break it
  • Problem set 4
    • Break "random access read/write" AES CTR
    • CTR bit flipping
    • Recover the key from CBC with IV=Key
    • Implement a SHA-1 keyed MAC
    • Break a SHA-1 keyed MAC using length extension
    • Break an MD4 keyed MAC using length extension
    • Implement HMAC-SHA1 and break it with an artificial timing leak
    • Break HMAC-SHA1 with a slightly less artificial timing leak
  • Problem set 5
    • Implement Diffie-Hellman
    • Implement a MITM key-fixing attack on Diffie-Hellman with parameter injection
    • Implement DH with negotiated groups, and break with malicious "g" parameters
    • Implement Secure Remote Password
    • Break SRP with a zero key
    • Offline dictionary attack on simplified SRP
    • Implement RSA
    • Implement an E=3 RSA Broadcast attack
  • Problem set 6
    • Implement Unpadded Message Recovery Oracle
    • Bleichenbacher's e=3 RSA Attack
    • DSA Key Recovery From Nonce
    • DSA Nonce Recovery From Repeated Nonce
    • DSA Parameter Tampering
    • Decrypt RSA From One-Bit Oracle
    • Bleichenbacher's PKCS 1.5 Padding Oracle (Simple Case)
    • Bleichenbacher's PKCS 1.5 Padding Oracle (Complete)

License

This work is released to the public domain.

About

Matasano (now NCC Group) crypto challenges' solutions

Topics

cryptopals crypto-challenges matasano

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Packages

No packages published

Languages