【问题标题】:hmac length attack extension pythonhmac长度攻击扩展python
【发布时间】:2016-04-11 17:08:24
【问题描述】:

我是一名学生,我正在努力对下面实现不佳的 python HMAC 代码执行长度扩展攻击

我收到了以下虚假的录音信息

581b464951404558504f071e7359100d00|Delete all files on c: and d: and e:

并想在代码末尾附加“并安装 linux”之类的内容。

megaBlockSize=128
def strToNum(inp):
    """Takes a sequence of bytes and makes a number"""
    out=0
    for i in inp:
        out=out<<8
        out^=ord(i)
    return out

def numToStr(inp):
    """Take a number and make a sequence of bytes in a string"""
    out=""
    while inp!=0:
        out=chr(inp & 255)+out
        inp=inp>>8
    return out

def cueh_hash_2(inp, blockSize):
    """ CUEH Hash Function v 2.0 
    Returns given-length hash of any string input or stringable input
    Uses given number of bits, must be multiple of 8
    """
    if blockSize%8!=0 or blockSize<=0:
        raise Exception("Block size must be a multiple of 8")
    inp=str(inp) #Make sure we have a string
    while (len(inp)%(blockSize/8)!=0):
        inp=" "+inp #Pad it if we need to
    val=0<<blockSize #Our accumulator
    for pos in range(0,len(inp),blockSize/8): #Now in blocks of the rigth size...
        for pos2 in range(blockSize/8):
            tval=ord(inp[pos2+pos])
            tval=tval<<(blockSize-pos2*8)
            val=val^tval
    return val

def cueh_hmac_2(key, message, blockSize):
    """Outputs a hash-based digest of the message and secret key combo"""
    key=str(key)
    message=str(message)
    if len(key)>blockSize/8:
        key=numToStr(cueh_hash_2(key,blockSize)) #Keys are shortened to blocksize
    while len(key)<blockSize/8:
        key+="#" #Keys are padded with spaces if they're too short
    return cueh_hash_2(key+message,blockSize)


def main():
    print "Testing hash: %06x"%cueh_hash_2("ABC\0\0\0",megaBlockSize)

    #Examples of flipping between numbers and strings of bytes
    #Just makes it easier to have "password" style keys
    print "%x"%strToNum("ABC")
    print numToStr((65<<16) + (66<<8) + 67)

    #Now to see it in practice
    secretKey="sswrodfishez"  #This is known by both parties
    authedMessage="ssdsdsdsdsd"


    out=cueh_hmac_2(secretKey,authedMessage, megaBlockSize)
    #Now we have the special verification code that can be used to
    #prove we were the aithor of the message. Anyone else who knows
    #the secret can do the same and compare the values
    dispString="0x%%0%dx|%%s"%(megaBlockSize/16)
    print dispString%(out, authedMessage)

if __name__ == '__main__':
    main()''

我为此浪费了很多时间。

感谢任何帮助

参考md5 implementation of length extension attack

【问题讨论】:

  • “我在这件事上浪费了很多时间。” - 但您似乎没有得到任何结果。我们不是来做你的功课的。 cueh_hash_2 函数是一个非常糟糕的哈希函数,cueh_hmac_2 不是真正的 HMAC。攻击应该不会太难,因为它是一个简单的字符异或。

标签: python security cryptography hmac


【解决方案1】:

很抱歉,您的问题目前还不清楚。 您似乎遇到了密码学问题,但您询问是否将一个字符串附加到另一个字符串的末尾。

存在过度简化您的需求的风险,如果是这种情况,那么为什么以下代码对您来说还不够:

str1 = "581b464951404558504f071e7359100d00|Delete all files on c: and d: and e: "
str2 = "and install linux"
str3 = str1 + str 2

【讨论】:

  • 我正在尝试执行长度扩展攻击,我在其中附加 str2 并生成与 str1 中提到的相同的哈希
  • 哦,那是算法问题,与 python 无关。您的问题似乎是调试请求。没有多少人,如果有的话,得到回答。祝你好运。
猜你喜欢
  • 2021-05-27
  • 2021-04-27
  • 2018-09-15
  • 1970-01-01
  • 1970-01-01
  • 2011-08-22
  • 1970-01-01
  • 2016-01-24
  • 1970-01-01
相关资源
最近更新 更多