# Question 1
# An attacker intercepts the following ciphertext (hex encoded):
# 20814804c1767293b99f1d9cab3bc3e7 ac1e37bfb15599e5f40eef805488281d
# He knows that the plaintext is the ASCII encoding of the message "Pay Bob 100$" (excluding the quotes).
# He also knows that the cipher used is CBC encryption with a random IV using AES as the underlying block cipher.
# Show that the attacker can change the ciphertext so that it will decrypt to "Pay Bob 500$". What is the resulting ciphertext (hex encoded)?
# This shows that CBC provides no integrity.
import sys
def main():
# input
cypherText = "20814804c1767293b99f1d9cab3bc3e7 ac1e37bfb15599e5f40eef805488281d".split(' ')
# set the CBC parts. The first part is the IV
cypherTextIV = cypherText[0].decode('hex')
cypherTextC0 = cypherText[1].decode('hex')
# define plaintexts
plainText = "Pay Bob 100$"
plainTextTarget = "Pay Bob 500$"
# define paddings
paddingNum1 = str(len(cypherTextC0) - len(plainText))
padding1 = "".join([paddingNum1] * int(paddingNum1))
paddingNum2 = str(len(cypherTextC0) - len(plainTextTarget))
padding2 = "".join([paddingNum2] * int(paddingNum2))
# append to plaintext the paddings
plainText += padding1
plainTextTarget += padding2
# XOR the plaintext to determine the value to XOR with
xorredPlainText = strxor(plainText, plainTextTarget)
# Since the decription of c[0] is XORed with IV to retrieve the plaintext xor the IV with the desired mutation
newIV = strxor(xorredPlainText, cypherTextIV)
# new CBC
print "New CBC\n",newIV.encode('hex'), cypherText[1]
# Output:
# New CBC
# 20814804c1767293bd9f1d9cab3bc3e7 ac1e37bfb15599e5f40eef805488281d
# xor two strings of different lengths
def strxor(a, b):
if len(a) > len(b):
return "".join([chr(ord(x) ^ ord(y)) for (x, y) in zip(a[:len(b)], b)])
else:
return "".join([chr(ord(x) ^ ord(y)) for (x, y) in zip(a, b[:len(a)])])
main() Write, Run & Share Python code online using OneCompiler's Python online compiler for free. It's one of the robust, feature-rich online compilers for python language, supporting both the versions which are Python 3 and Python 2.7. Getting started with the OneCompiler's Python editor is easy and fast. The editor shows sample boilerplate code when you choose language as Python or Python2 and start coding.
OneCompiler's python online editor supports stdin and users can give inputs to programs using the STDIN textbox under the I/O tab. Following is a sample python program which takes name as input and print your name with hello.
import sys
name = sys.stdin.readline()
print("Hello "+ name)
Python is a very popular general-purpose programming language which was created by Guido van Rossum, and released in 1991. It is very popular for web development and you can build almost anything like mobile apps, web apps, tools, data analytics, machine learning etc. It is designed to be simple and easy like english language. It's is highly productive and efficient making it a very popular language.
When ever you want to perform a set of operations based on a condition IF-ELSE is used.
if conditional-expression
#code
elif conditional-expression
#code
else:
#code
Indentation is very important in Python, make sure the indentation is followed correctly
For loop is used to iterate over arrays(list, tuple, set, dictionary) or strings.
mylist=("Iphone","Pixel","Samsung")
for i in mylist:
print(i)
While is also used to iterate a set of statements based on a condition. Usually while is preferred when number of iterations are not known in advance.
while condition
#code
There are four types of collections in Python.
List is a collection which is ordered and can be changed. Lists are specified in square brackets.
mylist=["iPhone","Pixel","Samsung"]
print(mylist)
Tuple is a collection which is ordered and can not be changed. Tuples are specified in round brackets.
myTuple=("iPhone","Pixel","Samsung")
print(myTuple)
Below throws an error if you assign another value to tuple again.
myTuple=("iPhone","Pixel","Samsung")
print(myTuple)
myTuple[1]="onePlus"
print(myTuple)
Set is a collection which is unordered and unindexed. Sets are specified in curly brackets.
myset = {"iPhone","Pixel","Samsung"}
print(myset)
Dictionary is a collection of key value pairs which is unordered, can be changed, and indexed. They are written in curly brackets with key - value pairs.
mydict = {
"brand" :"iPhone",
"model": "iPhone 11"
}
print(mydict)
Following are the libraries supported by OneCompiler's Python compiler
| Name | Description |
|---|---|
| NumPy | NumPy python library helps users to work on arrays with ease |
| SciPy | SciPy is a scientific computation library which depends on NumPy for convenient and fast N-dimensional array manipulation |
| SKLearn/Scikit-learn | Scikit-learn or Scikit-learn is the most useful library for machine learning in Python |
| Pandas | Pandas is the most efficient Python library for data manipulation and analysis |
| DOcplex | DOcplex is IBM Decision Optimization CPLEX Modeling for Python, is a library composed of Mathematical Programming Modeling and Constraint Programming Modeling |