Cryptopals 8 - Detect AES in ECB mode

TL;DR

Challenge 8 in Cryptopals.

This challenge is about sifting through a bunch of lines in a provided file and see which represents something encrypted with AES-ECB. There is, apparently, exactly one such line.

I’m not sure I got this totally right.

The hint points out this:

Remember that the problem with ECB is that it is stateless and deterministic; the same 16 byte plaintext block will always produce the same 16 byte ciphertext.

Hence, the same plaintext ends up to the same ciphertext.

So I thought about looking for those lines where data has repetitions when chunked in 16 octets slices. This eventually worked, apparently, because the code actually gives back something:

#!/usr/bin/env perl
use v5.24;
use warnings;
use experimental 'signatures';
no warnings 'experimental::signatures';

use File::Basename 'dirname';
use lib dirname(__FILE__);
use CryptoPals ':all';

my $n = 0;
my @calcs;
for my $candidate (split m{\n}mxs, slurp(shift // '8.txt')) {
   ++$n;
   my $ciphertext = decode_base16($candidate);
   my $n_reps = repetitions_for_size($ciphertext, 16) or next;
   say $n, ' ', substr($candidate, 0, 27), '...';
}

sub repetitions_for_size ($data, $size = 16) {
   my %flag;
   my $n = 0;
   while (length $data) {
      my $chunk = substr $data, 0, $size, '';
      ++$n if $flag{$chunk}++;
   }
   return $n;
}

It’s number COUGH COUGH NO SPOILERS!!!

As I said, though, I’m not entirely sure that I got it right. What if the plaintext does not have a repetition at all? Or if it has a repetition, but not aligned to the block size of 16 octets?

All in all, my solution detects some data encrypted with AES-ECB, not all of them.

Stay safe and secure!


Comments? Octodon, Twitter, GitHub, Reddit, or drop me a line!