import Crypto.Cipher.DES
import struct
def rol32(x, y):
ret = ((x<<y)&0xFFFFFFFF)|((x>>(32-y))&0xFFFFFFFF)
#print 'rol32', hex(x), hex(y), hex(ret)
return ret
def sub32(x, y):
ret = (x & 0xFFFFFFFF) - (y & 0xFFFFFFFF)
if ret < 0: ret += 0x100000000
#print 'sub32', hex(x), hex(y), hex(ret)
return ret
def mul32(x, y):
ret = (x * y) & 0xFFFFFFFF
#print 'mul32', x, y
return ret
d = Crypto.Cipher.DES.new('\xcd\x67\x98\xf2\xa4\xb6\x70\x76', Crypto.Cipher.DES.MODE_ECB)
def decrypt(offset, f):
out_buf = []
b = f.read(16)
buf = d.decrypt(b)
buf = buf[8:] + buf[:8]
for i in range(0,4):
val = struct.unpack('<I', buf[i*4:i*4+4])[0]
val = sub32((sub32(0x8927462, mul32(offset, 0x3210789B)) ^ rol32(val, offset % 32)), 0x12345678)
tmp = struct.pack('<I', val)
out_buf.append(ord(tmp[0]))
out_buf.append(ord(tmp[1]))
out_buf.append(ord(tmp[2]))
out_buf.append(ord(tmp[3]))
for i in range(len(out_buf)-1,len(out_buf)-16,-1):
out_buf[i] ^= out_buf[i-1]
out_buf[len(out_buf)-16] ^= (offset & 0xFF) ^ ((offset >> 14) & 0xFF)
return out_buf
views:
78answers:
2Could you please tell me how the counter function would look like?
meeuw
2010-08-24 15:06:00
Oh, you appear to have changed the question. Have a look at pyDes: http://sourceforge.net/projects/pydes/
fredley
2010-08-24 15:10:11
pyDes doesn't include a DES-CTR cipher.
meeuw
2010-08-24 15:59:44
Well what is your problem? Do you want me to write code for you? A little background on your problem would help.
fredley
2010-08-25 10:07:23
I would like to know if this algorithm is a standard cipher which I can use from a standard library. As you can read a lot of magic is happening (sub32, mul32, rol32), maybe this is part of a DES-CTR algorithm but I don't understand how this counter function would look like. See http://www.python.org/dev/peps/pep-0272/ (Keyword: counter Meaning: Callable object that returns counter blocks (see below; CTR mode only))Could you please tell me how these counter blocks would look like using the above cipher?
meeuw
2010-08-26 14:08:06
A:
No. It is certainly not CTR-mode. It looks like a disc encryption mode. In particular the encryption mode has some slight resemblance with LRW. The main idea is to tweak the input depending on the block number, so that encrypting the same block multiple times does not result in the same ciphertext. It allows to re-encrypt a message partially, but an attacker will notice, which parts of the plaintext changes.
Hence there is some small information leakage. Since I also don't see any authentication, I don't think I like this encryption mode.
abc
2010-08-26 14:47:52