python-3.x - 如何使用单字节异或密码破解重复 key 异或挑战

Question

这个问题是关于challenge number 6在 set number 1在"the cryptopals crypto challenges"的挑战中.

挑战是:

There's a file here. It's been base64'd after being encrypted with repeating-key XOR.

Decrypt it.

之后是解密文件的步骤描述，总共有8个步骤。您可以在 the site 中找到它们.

一段时间以来，我一直在努力解决这个挑战，但我正在为最后两个步骤而苦苦挣扎。即使我已经解决了第 3 项挑战，它也包含了这些步骤的解决方案。
注意:当然，前 6 个步骤可能存在错误，但在查看 print 后，它们似乎运行良好。每一步之后。

我的代码:
写于 Python 3.6 .
为了不处理web请求，而且既然不是这个挑战的目的。我只是将文件的内容复制到乞讨中的字符串中，您也可以在运行代码之前执行此操作。

import base64

# Encoding the file from base64 to binary
file = base64.b64decode("""HUIfTQsP...JwwRTWM=""")
print(file)
print()

# Step 1 - guess key size
KEYSIZE = 4


# Step 2 - find hamming distance - number of differing bits
def hamming2(s1, s2):
    """Calculate the Hamming distance between two bit strings"""
    assert len(s1) == len(s2)
    return sum(c1 != c2 for c1, c2 in zip(s1, s2))


def distance(a, b):  # Hamming distance
    calc = 0
    for ca, cb in [(a[i], b[i]) for i in range(len(a))]:
        bina = '{:08b}'.format(int(ca))
        binb = '{:08b}'.format(int(cb))
        calc += hamming2(bina, binb)
    return calc

# Test step 2
print("distance: 'this is a test' and 'wokka wokka!!!' =", distance([ord(c) for c in "this is a test"], [ord(c) for c in "wokka wokka!!!"]))  # 37 - Working
print()


# Step 3
key_sizes = []
# For each key size
for KEYSIZE in range(2, 41):
    # take the first KEYSIZE worth of bytes, and the second KEYSIZE worth of bytes -
    # file[0:KEYSIZE], file[KEYSIZE:2*KEYSIZE]
    # and find the edit distance between them
    # Normalize this result by dividing by KEYSIZE
    key_sizes.append((distance(file[0:KEYSIZE], file[KEYSIZE:2*KEYSIZE]) / KEYSIZE, KEYSIZE))
key_sizes.sort(key=lambda a: a[0])


# Step 4
for val, key in key_sizes:
    print(key, ":", val)
KEYSIZE = key_sizes[0][1]
print()


# Step 5 + 6
# Each line is a list of all the bytes in that index
splited_file = [[] for i in range(KEYSIZE)]
counter = 0
for char in file:
    splited_file[counter].append(char)
    counter += 1
    counter %= KEYSIZE
for line in splited_file:
    print(line)
print()


# Step 7
# Code from another level
# Gets a string and a single char
# Doing a single-byte XOR over it
def single_char_string(a, b):
    final = ""
    for c in a:
        final += chr(c ^ b)
    return final


# Going over all the bytes and listing the result arter the XOR by number of bytes
def find_single_byte(in_string):
    helper_list = []
    for num in range(256):
        helper_list.append((single_char_string(in_string, num), num))
    helper_list.sort(key=lambda a: a[0].count(' '), reverse=True)
    return helper_list[0]

# Step 8
final_key = ""
key_list = []
for line in splited_file:
    result = find_single_byte(line)
    print(result)
    final_key += chr(result[1])
    key_list.append(result[1])
print(final_key)
print(key_list)

输出:

b'\x1dB\x1fM\x0b\x0f\x02\x1fO\x13N<\x1aie\x1fI...\x08VA;R\x1d\x06\x06TT\x0e\x10N\x05\x16I\x1e\x10\'\x0c\x11Mc'

distance: 'this is a test' and 'wokka wokka!!!' = 37

5 : 1.2
3 : 2.0
2 : 2.5
.
.
.
26 : 3.5
28 : 3.5357142857142856
9 : 3.5555555555555554
22 : 3.727272727272727
6 : 4.0

[29, 15, 78, 31, 19, 27, 0, 32, ... 17, 26, 78, 38, 28, 2, 1, 65, 6, 78, 16, 99]
[66, 2, 60, 73, 1, 1, 30, 3, 13, ... 26, 14, 0, 26, 79, 99, 8, 79, 11, 4, 82, 59, 84, 5, 39]
[31, 31, 19, 26, 79, 47, 17, 28, ... 71, 89, 12, 1, 16, 45, 78, 3, 120, 11, 42, 82, 84, 22, 12]
[77, 79, 105, 14, 7, 69, 73, 29, 101, ... 54, 70, 78, 55, 7, 79, 31, 88, 10, 69, 65, 8, 29, 14, 73, 17]
[11, 19, 101, 78, 78, 54, 100, 67, 82, ... 1, 76, 26, 1, 2, 73, 21, 72, 73, 49, 27, 86, 6, 16, 30, 77]

('=/n?3; \x00\x13&-,>1...r1:n\x06<"!a&n0C', 32)
('b"\x1ci!!>ts es(ogg ...5i<% tc:. :oC(o+$r\x1bt%\x07', 32)
('??:<+6!=ngm2i4\x0byD...&h9&2:-)sm.a)u\x06&=\x0ct&~n +=&*4X:<(3:o\x0f1<mE gy,!0\rn#X+\nrt6,', 32)
('moI.\'ei=Et\'\x1c:l ...6k=\x1b m~t*\x155\x1ei+=+ts/e*9$sgl0\'\x02\x16fn\x17\'o?x*ea(=.i1', 32)
('+3Enn\x16Dcr<$,)\x01...i5\x01,hi\x11;v&0>m', 32)
 
[32, 32, 32, 32, 32]

请注意，在将 key 打印为字符串时，您看不到它，但其中有 5 个字符。

这不是正确的答案，因为您可以在第四部分看到 - 在 XOR 之后，结果看起来不像单词......可能是最后两个函数中的一个问题，但我无法弄清楚。
我还尝试了其他一些长度，但似乎不是问题。

所以我要问的不是修复我的代码，我想自己解决这个挑战:)。我想让你告诉我我错在哪里？为什么？我该如何继续？
感谢您的帮助。

Answer 1

经过反复思考和检查，结论是问题出在第 3 步。结果不够好，因为我只看了前两个块。

我修正了代码，所以它会计算 KEYSIZE根据所有的块。

第 3 步的代码现在如下所示:

# Step 3
key_sizes = []
# For each key size
for KEYSIZE in range(2, 41):
    running_sum = []
    for i in range(0, int(len(file) / KEYSIZE) - 1):
        running_sum.append(distance(file[i * KEYSIZE:(i + 1) * KEYSIZE],
                                     file[(i + 1) * KEYSIZE:(i + 2) * KEYSIZE]) / KEYSIZE)
    key_sizes.append((sum(running_sum)/ len(running_sum), KEYSIZE))
key_sizes.sort(key=lambda a: a[0])

感谢任何试图提供帮助的人。