From 0c0ff62e1fdf4ea78fe75a5f3a18a182eed810de Mon Sep 17 00:00:00 2001
From: Sam Hadow <sam.hadow@inbox.lv>
Date: Mon, 22 Apr 2024 19:08:27 +0200
Subject: [PATCH] attack in 2^16

---
 main.py | 57 ++++++++++++++++++++++++++++++++++++++++++++++++++++++---
 1 file changed, 54 insertions(+), 3 deletions(-)

diff --git a/main.py b/main.py
index 760f5b4..e8ee145 100644
--- a/main.py
+++ b/main.py
@@ -94,9 +94,9 @@ def test_encrypt():
     print(f'original text and decrypted message are the same: {clear==0xffffffffff}')
 
 def gen_6_bytes():
-    # key = [randint(0, 1) for _ in range(40)]
+    key = [randint(0, 1) for _ in range(40)]
     # key = [1, 1, 0, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 1, 0, 1, 0, 1, 0, 1, 0, 0, 1, 0, 1, 0, 0, 1, 0, 0, 0, 0, 0]
-    key = [0]*40
+    # key = [0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1, 1]
     text = b'\x00\x00\x00\x00\x00\x00'
     print(key)
     cipher = css_encrypt(text, key)
@@ -104,8 +104,59 @@ def gen_6_bytes():
     print(css_encrypt(cipher, key))
     return cipher
 
+def attack():
+    Bytes = gen_6_bytes()
+    taps17 = [0, 14]
+    taps25 = [0, 3, 4, 12]
+    # (2**16)-1
+    for i in range((2**16)-1):
+        lfsr17_init = [int(bit) for bit in bin(i)[2:].zfill(16)]+[1]
+        # print(lfsr17_init)
+        lfsr17 = lfsr(lfsr17_init, taps17)
+        x = []
+        for _ in range(3):
+            x_bin = ""
+            for _ in range(8):
+                x_bin += str(lfsr17.shift())
+            x.append(int(x_bin[::-1], 2))
+        y = [(Bytes[0]-x[0])%256]
+        c=1 if x[0]+y[0]>255 else 0
+        y.append((Bytes[1]-(x[1]+c))%256)
+        c=1 if x[1]+y[1]>255 else 0
+        y.append((Bytes[2]-(x[2]+c))%256)
+        lfsr25_init = [int(bit) for bit in (bin(y[0])[2:].zfill(8)[::-1] + bin(y[1])[2:].zfill(8)[::-1] + bin(y[2])[2:].zfill(8)[::-1] ) ]+[1]
+        # print(f'x: {x},  y: {y}')
+        # for b in Bytes:
+            # print(b, end=' ')
+        # print('\n')
+        # print(lfsr25_init)
+        lfsr25 = lfsr(lfsr25_init, taps25)
+        for _ in range(24):
+            lfsr25.shift()
+        for _ in range(3):
+            x_bin = ""
+            y_bin = ""
+            for _ in range(8):
+                x_bin += str(lfsr17.shift())
+                y_bin += str(lfsr25.shift())
+            x.append(int(x_bin[::-1], 2))
+            y.append(int(y_bin[::-1], 2))
+        c=1 if x[2]+y[2]>255 else 0
+        z4 = (x[3]+y[3]+c)%256
+        c=1 if x[3]+y[3]>255 else 0
+        z5 = (x[4]+y[4]+c)%256
+        c=1 if x[4]+y[4]>255 else 0
+        z6 = (x[5]+y[5]+c)%256
+        if z4 == Bytes[3] and z5 == Bytes[4] and z6 == Bytes[5]:
+            print("key found:")
+            key = bin(x[0])[2:].zfill(8)[::-1] + bin(x[1])[2:].zfill(8)[::-1] + bin(y[0])[2:].zfill(8)[::-1] + bin(y[1])[2:].zfill(8)[::-1] + bin(y[2])[2:].zfill(8)[::-1]
+            print(key)
+            break
+
+
 test_lfsr17()
 print()
 test_encrypt()
 print()
-gen_6_bytes()
+#gen_6_bytes()
+attack()