02-08-2017, 01:46 PM
(02-08-2017, 11:54 AM)atom Wrote:
Can you please post example data trace (all 8 iterations). Like, whats the ct/pt with each iteration
Thanks for replying,
No Problem, so showing with a quickly generated example:
In this example I will post the Encryption key in case it helps with reverse engineering the results but in reality the Ek is what i am trying to obtain:
so a straight DES-OFB encryption using the following data (in HEX)
Plain Text (PT) : 69 77 69 6e 68 61 68 61
Initialization Vector (IV): a9 cc 34 d3 f9 c2 ba fe
Encryption Key (Ek): 69 61 6d 61 6b 65 79 7a (Should be unknown)
gives a Cipher text (CT) of: c4 cc b0 ed 6d fe ab 86
Using the DES encryption 8 times simulating OFB mode to create to same cipher text gives the following iterations:
Output 1:
Input(IV): a9 cc 34 d3 f9 c2 ba fe
Ek(Should Be Unknown):69616d616b65797a
output: ad d7 69 43 e9 09 51 b5
Cipher Text 1= XOR of ad and 69 (output 1 and plain text 1) = c4 == original Cipher text1
Cipher text now = c4
Output 2:
Input(IV): cc 34 d3 f9 c2 ba fe ad <-- first 16 bytes from previous output before XOR
Ek(Should Be Unknown):69616d616b65797a
output:bb 58 f3 09 52 51 6f 1e
Cipher Text 2= XOR of bb and 77 (output 1 and plain text 2) = cc == original Cipher text2
Cipher text now = c4 cc
Output 3:
Input(IV): 34 d3 f9 c2 ba fe ad bb<-- first 16 bytes from previous output before XOR
Ek(Should Be Unknown):69616d616b65797a
output:d9 e3 d2 49 83 f9 c0 60
Cypher Text 3= XOR of d9 and 69 (output 1 and plain text 3) = b0 == original Cipher text3
Cipher text now = c4 cc b0
Output 4:
Input(IV): d3 f9 c2 ba fe ad bb d9<-- first 16 bytes from previous output before XOR
Ek(Should Be Unknown):69616d616b65797a
output:83 22 1c 8f 58 eb 02 35
Cypher Text 4= XOR of 83 and 6e (output 1 and plain text 4) = ed == original Cipher text4
Cipher text now = c4 cc b0 ed
Output 5:
Input(IV): f9c2bafeadbbd983 <-- first 16 bytes from previous output before XOR
Ek(Should Be Unknown):69616d616b65797a
output:05 0a 00 d4 a4 ab a5 94
Cypher Text 5= XOR of 05 and 68 (output 1 and plain text 5) = 6d == original Cipher text5
Cipher text now = c4 cc b0 ed 6d
Output 6:
Input(IV): c2 ba fe ad bb d9 83 05<-- first 16 bytes from previous output before XOR
Ek(Should Be Unknown):69616d616b65797a
output:9f de f0 ca 60 6a 60 a9
Cypher Text 6= XOR of 9f and 61 (output 1 and plain text 6) = fe == original Cipher text6
Cipher text now = c4 cc b0 ed 6d fe
Output 7:
Input(IV): ba fe ad bb d9 83 05 9f<-- first 16 bytes from previous output before XOR
Ek(Should Be Unknown):69616d616b65797a
output:c3 1e 86 3d a31 85 34 ff
Cypher Text 7= XOR of c3 and 68 (output 1 and plain text 7) = ab == original Cipher text7
Cipher text now = c4 cc b0 ed 6d fe ab
Output 8:
Input(IV): fe ad bb d9 83 05 9f c3<-- first 16 bytes from previous output before XOR
Ek(Should Be Unknown):69616d616b65797a
output:e7 46 a0 52 22 1c 86 66
Cypher Text 8= XOR of e7 and 61 (output 1 and plain text 8) = 86 == original Cipher text8
Cipher text now = c4 cc b0 ed 6d fe ab 86
After 8 cycles of DES encryption, cipher text == DES-OFB encryption in one pass
It can be seen that the IV or input text can be seen discovered at all stages but when you attempt to reverse the process by XORing the output bits you can only recover the 2 bits (16 bytes) that are at the start of the encoded text at each step, the remaining data is discarded.
so from a Hashcat DES decryption point of view I keep ending up with
CipherText 1: ad XX XX XX XX XX XX XX with a plaint text input of: a9 cc 34 d3 f9 c2 ba fe
CipherText 2: bb XX XX XX XX XX XX XX with a plaint text input of: cc 34 d3 f9 c2 ba fe ad
CipherText 3: d9 XX XX XX XX XX XX XX with a plaint text input of: 34 d3 f9 c2 ba fe ad bb
CipherText 4: 83 XX XX XX XX XX XX XX with a plaint text input of: d3 f9 c2 ba fe ad bb d9
CipherText 5: 05 XX XX XX XX XX XX XX with a plaint text input of f9 c2 ba fe ad bb d9 83
CipherText 6: 9f XX XX XX XX XX XX XX with a plaint text input of c2 ba fe ad bb d9 83 05
CipherText 7: c3 XX XX XX XX XX XX XX with a plaint text input of ba fe ad bb d9 83 05 9f
CipherText 8: e7 XX XX XX XX XX XX XX with a plaint text input of fe ad bb d9 83 05 9f c3
In order to be able to use Hashcat to recover the Encryption Key, I need to be able to work out the complete decrypted HEX at any point in the 8 cycles, as the key is applied each time unchanged.
The input or Plain text is not an issue but trying to work out what the output or encrypted text in full (64 bits) is for any stage is eluding me. I can only ever get the first 16 bits for any stage of the process.
I can get the full 64 bits of plain text for any stage but I need to get a full 64 bits of encrypted HEX to be able to use the Hashcat DES brute force function.