Class: CryptoToolchain::Tools::RSAPaddingOracleAttack
- Defined in:
- lib/crypto_toolchain/tools/rsa_padding_oracle_attack.rb,
lib/crypto_toolchain/tools/rsa_padding_oracle_attack.rb
Instance Attribute Summary collapse
-
#e ⇒ Object
readonly
Returns the value of attribute e.
-
#n ⇒ Object
readonly
Returns the value of attribute n.
-
#oracle ⇒ Object
readonly
Returns the value of attribute oracle.
Instance Method Summary collapse
- #add_interval(intervals, lower, upper) ⇒ Object
- #big_b ⇒ Object
- #calculate_intervals(intervals, s) ⇒ Object
- #check(int) ⇒ Object
- #execute(ciphertext) ⇒ Object
-
#initialize(oracle: BlackBoxes::RSAPaddingOracle.new, n:, e: 3) ⇒ RSAPaddingOracleAttack
constructor
A new instance of RSAPaddingOracleAttack.
- #search_with_single_interval(a, b, s) ⇒ Object
- #start_search ⇒ Object
- #str_for(int) ⇒ Object
Constructor Details
#initialize(oracle: BlackBoxes::RSAPaddingOracle.new, n:, e: 3) ⇒ RSAPaddingOracleAttack
Returns a new instance of RSAPaddingOracleAttack.
10 11 12 13 14 |
# File 'lib/crypto_toolchain/tools/rsa_padding_oracle_attack.rb', line 10 def initialize(oracle: BlackBoxes::RSAPaddingOracle.new, n: , e: 3) @oracle = oracle @n = n @e = e end |
Instance Attribute Details
#e ⇒ Object (readonly)
Returns the value of attribute e.
15 16 17 |
# File 'lib/crypto_toolchain/tools/rsa_padding_oracle_attack.rb', line 15 def e @e end |
#n ⇒ Object (readonly)
Returns the value of attribute n.
15 16 17 |
# File 'lib/crypto_toolchain/tools/rsa_padding_oracle_attack.rb', line 15 def n @n end |
#oracle ⇒ Object (readonly)
Returns the value of attribute oracle.
15 16 17 |
# File 'lib/crypto_toolchain/tools/rsa_padding_oracle_attack.rb', line 15 def oracle @oracle end |
Instance Method Details
#add_interval(intervals, lower, upper) ⇒ Object
72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 |
# File 'lib/crypto_toolchain/tools/rsa_padding_oracle_attack.rb', line 72 def add_interval(intervals, lower, upper) matched = false new_intervals = intervals.map do |a, b| if b < lower || a > upper # interval to be added does not overlap an existing interval - persist the existing interval # if we never overlap an interval, we'll add the [lower, upper] interval later [a, b] else # interval to be added overlaps - extend that interval according to [lower, upper] matched = true [ [lower, a].min, [upper, b].max ] end end if matched new_intervals else new_intervals.push([lower, upper]) end end |
#big_b ⇒ Object
120 121 122 123 |
# File 'lib/crypto_toolchain/tools/rsa_padding_oracle_attack.rb', line 120 def big_b k = oracle.keypair.bits / 8 2**(8 * (k - 2)) end |
#calculate_intervals(intervals, s) ⇒ Object
57 58 59 60 61 62 63 64 65 66 67 68 69 70 |
# File 'lib/crypto_toolchain/tools/rsa_padding_oracle_attack.rb', line 57 def calculate_intervals(intervals, s) new_intervals = [] intervals.each do |a, b| min_r = (a * s - 3 * big_b + 1).updiv(n) max_r = (b * s - 2 * big_b) / n (min_r..max_r).each do |r| aa = [a, (2 * big_b + r * n).updiv(s)].max bb = [b, ((3 * big_b - 1 + r * n) / s)].min new_intervals = add_interval(new_intervals, aa, bb) end end new_intervals end |
#check(int) ⇒ Object
17 18 19 |
# File 'lib/crypto_toolchain/tools/rsa_padding_oracle_attack.rb', line 17 def check(int) oracle.execute(str_for(int)) end |
#execute(ciphertext) ⇒ Object
27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 |
# File 'lib/crypto_toolchain/tools/rsa_padding_oracle_attack.rb', line 27 def execute(ciphertext) s = 1 @c0 = ciphertext.to_number intervals = [ [ (2*big_b), (3*big_b ) ] ] i = 1 loop do if i == 1 #2a s = start_search() elsif intervals.length > 1 #2b s += 1 s += 1 until check((@c0 * s.modpow(e, n)) % n) elsif intervals.length == 1 #2c a, b = intervals.first if a == b return str_for(a) end s = search_with_single_interval(a, b, s) end # 3 intervals = calculate_intervals(intervals, s) i += 1 end end |
#search_with_single_interval(a, b, s) ⇒ Object
106 107 108 109 110 111 112 113 114 115 116 117 118 |
# File 'lib/crypto_toolchain/tools/rsa_padding_oracle_attack.rb', line 106 def search_with_single_interval(a, b, s) r = (2 * (b * s - 2 * big_b)) / (n) s = (2 * big_b + r * n) / (b) until check((@c0 * s.modpow(e,n)) % n) s += 1 if s > (3 * big_b + r * n) / a r += 1 s = (2 * big_b + r * n) / b end end s end |
#start_search ⇒ Object
95 96 97 98 99 100 101 102 103 104 |
# File 'lib/crypto_toolchain/tools/rsa_padding_oracle_attack.rb', line 95 def start_search s1 = n.updiv(3 * big_b) loop do c = (@c0 * s1.modpow(e, n)) % n if check(c) return s1 end s1 += 1 end end |
#str_for(int) ⇒ Object
21 22 23 24 25 |
# File 'lib/crypto_toolchain/tools/rsa_padding_oracle_attack.rb', line 21 def str_for(int) str = int.to_bin_string pad = "\x00" * (n.bit_length.updiv(8) - str.bytesize) "#{pad}#{str}" end |