From 7a1bf3b06a34c5ccd3098b8fe74e793eddd45218 Mon Sep 17 00:00:00 2001
From: Sam Hadow <sam.hadow@inbox.lv>
Date: Mon, 22 Apr 2024 19:39:22 +0200
Subject: [PATCH] test attack

---
 main.py | 37 +++++++++++++++++++------------------
 1 file changed, 19 insertions(+), 18 deletions(-)

diff --git a/main.py b/main.py
index e8ee145..8fc87a8 100644
--- a/main.py
+++ b/main.py
@@ -93,25 +93,16 @@ def test_encrypt():
     print(f'decrypted: {hex(clear)}')
     print(f'original text and decrypted message are the same: {clear==0xffffffffff}')
 
-def gen_6_bytes():
-    key = [randint(0, 1) for _ in range(40)]
-    # key = [1, 1, 0, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 1, 0, 1, 0, 1, 0, 1, 0, 0, 1, 0, 1, 0, 0, 1, 0, 0, 0, 0, 0]
-    # key = [0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1, 1]
+def gen_6_bytes(key=[randint(0, 1) for _ in range(40)]):
     text = b'\x00\x00\x00\x00\x00\x00'
-    print(key)
     cipher = css_encrypt(text, key)
-    print(cipher)
-    print(css_encrypt(cipher, key))
     return cipher
 
-def attack():
-    Bytes = gen_6_bytes()
+def attack(Bytes=gen_6_bytes()):
     taps17 = [0, 14]
     taps25 = [0, 3, 4, 12]
-    # (2**16)-1
     for i in range((2**16)-1):
         lfsr17_init = [int(bit) for bit in bin(i)[2:].zfill(16)]+[1]
-        # print(lfsr17_init)
         lfsr17 = lfsr(lfsr17_init, taps17)
         x = []
         for _ in range(3):
@@ -125,11 +116,6 @@ def attack():
         c=1 if x[1]+y[1]>255 else 0
         y.append((Bytes[2]-(x[2]+c))%256)
         lfsr25_init = [int(bit) for bit in (bin(y[0])[2:].zfill(8)[::-1] + bin(y[1])[2:].zfill(8)[::-1] + bin(y[2])[2:].zfill(8)[::-1] ) ]+[1]
-        # print(f'x: {x},  y: {y}')
-        # for b in Bytes:
-            # print(b, end=' ')
-        # print('\n')
-        # print(lfsr25_init)
         lfsr25 = lfsr(lfsr25_init, taps25)
         for _ in range(24):
             lfsr25.shift()
@@ -148,15 +134,30 @@ def attack():
         c=1 if x[4]+y[4]>255 else 0
         z6 = (x[5]+y[5]+c)%256
         if z4 == Bytes[3] and z5 == Bytes[4] and z6 == Bytes[5]:
-            print("key found:")
+            print("key found: ", end='\t')
             key = bin(x[0])[2:].zfill(8)[::-1] + bin(x[1])[2:].zfill(8)[::-1] + bin(y[0])[2:].zfill(8)[::-1] + bin(y[1])[2:].zfill(8)[::-1] + bin(y[2])[2:].zfill(8)[::-1]
             print(key)
+            return [int(bit) for bit in key]
             break
 
+def test_attack(n=1):
+    success = 0
+    print(f'testing attack in 2^16 against CSS {n} times (keys randomly generated each time)\n')
+    for _ in range(n):
+        key = [randint(0, 1) for _ in range(40)]
+        key_string = ''.join(str(bit) for bit in key)
+        print(f'key generated: \t{key_string}')
+        Bytes = gen_6_bytes(key)
+        found_key = attack(Bytes)
+        if found_key == key:
+            success += 1
+        print()
+    print(f'{success}/{n} success')
+
 
 test_lfsr17()
 print()
 test_encrypt()
 print()
 #gen_6_bytes()
-attack()
+test_attack(100)