E-Safenet
=========
This GitHub repository contains files that assist in cryptanalytic attacks on E-Safenet encryption.
Several attacks were developed that may partially or fully recover E-Safenet encryption keys.
* Known-plaintext attack
* Probable-plaintext attack
* Against source code files
* Against binary files
* Ciphertext-only attack
All specifics and attacks are document in the [research paper](report.pdf?raw=true) on E-Safenet encryption.
## Python scripts
The python scripts provided can be used to encrypt and decrypt using the E-Safenet encryption, or to extract encryption keys.
Two main files are available:
* [**esafenet.py**](esafenet.py): command-line interface to _known-plaintext_ and _probable-plaintext_ attacks
* [**esafenet_gui.py**](esafenet_gui.py): GUI interface for the _ciphertext-only_ attack
##### Setup
Prior to using these scripts, the simplelzo1x module has to be compiled first.
This module provides an interface to the LZO v1.00 compression library.
```
cd simplelzo1x && sudo python setup.py install
```
More information about the library can be found in the [README](simplelzo1x/README) file in the simplelzo1x directory.
### esafenet.py
```none
usage: esafenet.py [-h] [--infile INFILE] [--key KEY] [--outfile OUTFILE]
[--infolder INFOLDER] [--outfolder OUTFOLDER]
[--comp_file COMP_FILE] [--type pattern_type]
[--language text_pattern_language]
action
E-safenet encryption/decryption/key generation
positional arguments:
action Action to perform
Should be one of ['encrypt', 'decrypt', 'encrypt_folder',
'decrypt_folder', 'keygen', 'findkey', 'pattern_decrypt']
optional arguments:
-h, --help show this help message and exit
--infile INFILE Input file
--key KEY Key file
--outfile OUTFILE Output file
--infolder INFOLDER Input folder
--outfolder OUTFOLDER
Output folder
--comp_file COMP_FILE
Plaintext comparison file used by findkey
--type pattern_type Type for pattern decrypt (binary or text)
--language text_pattern_language
Language for text pattern decrypt (C, PHP or CS)
```
##### Examples
* Recovering the encryption key of a binary file (probable-plaintext attack):
```
$ python esafenet.py pattern_decrypt --type binary --infile encrypted.xls --outfile key.dat
Decryption: key written to key.dat (4 0-bytes)
```
* Decrypting an E-Safenet file using a provided key:
```
$ python esafenet.py decrypt --infile encrypted.xls --key key.dat --outfile decrypted.xls
Decryption: 153400 bytes written to decrypted.xls
```
* Recovering the key using the known-plaintext attack:
```
$ python esafenet.py findkey --infile encrypted.xls --comp_file decrypted.xls --outfile key.dat
Succes: key written to key.dat
```
* Recovering the encryption key of source code files (probable-plaintext attack, C#):
```
$ python esafenet.py pattern_decrypt --type text --infolder srcfiles --outfolder /tmp --language CS --outfile key.dat
Match found!! ...
```
##### Troubleshooting
If you get errors/crashes, they are probably caused by the LZO compression library. The first 512 bytes of an E-Safenet encrypted file are compressed. When using a wrong key, decompression may fail and lead to a crash.
You can temporarily disable decompression of the first block by changing the *plain_header* variable in esafenet.py to an empty string:
```
plain_header = ""
# plain_header = simplelzo1x.decompress(decr_header)
```
### esafenet_gui.py
The GUI app **esafenet_gui.py** can be used for the ciphertext-only attack.
More information about this attack can be found in the research paper.
1. menu -> Open folder or file, select an E-Safenet file, or a folder containing only E-Safenet files **encrypted with the same key**.
2. menu -> Analyze, analyzes the files, tries to maximize plaintext in the file(s), as described in the report.
Note: The analyze step may take some time (15s for 200kB on my 5y/o laptop, displaying results in thhe grid takes even longer...)
Results are displayed as-is, this program is not complete. Feel free to do with it as you see fit.
![COA tool](../resources/coatool.png?raw=true)
## CPLEX model
For the mathematical implementation of the ciphertext-only attack, [cplex_coa.mod](cplex_coa.mod) provides a CPLEX model for the Binary Integer Programming problem that represents the maximization of printable characters in an E-Safenet encrypted document.
## Credits
The code was released under the GPLv2 license.
没有合适的资源?快使用搜索试试~ 我知道了~
对E-Safenet加密的密码分析攻击.zip
共23个文件
py:8个
readme:3个
h:3个
需积分: 10 5 下载量 143 浏览量
2023-03-23
22:15:59
上传
评论
收藏 630KB ZIP 举报
温馨提示
对E-Safenet加密的密码分析攻击
资源推荐
资源详情
资源评论
收起资源包目录
对E-Safenet加密的密码分析攻击.zip (23个子文件)
E-Safenet-master
esafenet.py 12KB
simplelzo1x
README 313B
setup.py 564B
simplelzo1xmodule.c 5KB
liblzo
README 392B
64bit
README 102B
liblzo.a 183KB
lzo
lzo1x.h 4KB
lzo1.h 3KB
32bit
liblzo.a 172KB
lzoconf.h 9KB
COPYING 18KB
esafenet_gui.py 6KB
report.pdf 533KB
partial_binary.py 2KB
LICENSE 18KB
analysis
corr.py 1KB
LICENSE 18KB
rela.py 1KB
compare_keys.py 2KB
README.md 5KB
partial_c.py 5KB
cplex_coa.mod 2KB
共 23 条
- 1
资源评论
快撑死的鱼
- 粉丝: 1w+
- 资源: 9156
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功