C 202: ECB v. CBC Modes with Python

What you need:

Purpose

To use AES in Electronic Code Book (ECB) mode, see it fail to remove patterns from an image, and demonstrate that Cipher Block Chaining (CBC) is better.

Windows Users

Before doing this project, ou need to install Python 2.7 and the pycryptodome library, as explained in these instructions.

Download Image

Right-click the penguin image on the right side of this page and save it somewhere you can find it, such as in your Downloads folder.

The image is named "tux.bmp" and I got it from Wikipedia.

Opening Python

Open a Terminal or Command Prompt window and execute these commands:
cd Downloads
python
Python should open in Immediate Mode, as shown below. If it does not, you need to install or repair Python--see the instructions at the top of this page.

Encrypting the Image in ECB Mode

Execute these commands to import the AES functions and create a new "cipher" object. The encryption mode is not specified, so it defaults to ECB.
from Crypto.Cipher import AES
key = "aaaabbbbccccdddd"
cipher = AES.new(key, AES.MODE_ECB)

Execute these commands to read the "tux.bmp" binary file into a variable named "clear". After the second line, press Enter twice.

with open("tux.bmp", "rb") as f:
  clear = f.read()
  

Execute this command to encrypt the data in "clear".

ciphertext = cipher.encrypt(clear)
An error message appears, saying the input data must be a multiple of 16 bytes, as shown below.

Execute these commands to see the length of the "clear" data, and the length modulus 16.

len(clear)
len(clear)%16
As shown below, the length mod 16 is 2.

Execute this command to trim a section of "clear" out, skipping the first 64 bytes (the image file header), and the last 2 bytes, saving the result in a variable named "clear_trimmed".

clear_trimmed = clear[64:-2]

Execute these commands to see the length of the "clear_trimmed" data, and the length modulus 16.

len(clear_trimmed)
len(clear_trimmed)%16
As shown below, the length mod 16 is 0. It's now a multiple of 16 bytes long.

Execute this command to encrypt the data in "clear_trimmed", and put it in a variable named "ciphertext".

ciphertext = cipher.encrypt(clear_trimmed)

Execute these commands to add the first 64 bytes and the last 2 bytes to "ciphertext", and write it to a file named "tux_ecb.bmp".

After the third line, press Enter twice.

ciphertext = clear[0:64] + ciphertext + clear[-2:]
with open("tux_ecb.bmp", "w") as f:
  f.write(ciphertext)
  

Viewing the Encrypted File

In a file browser, navigate to your Downloads folder and double-click the "tux_ecb.bmp" file, as shown below.

The encrypted file still shows a lot of information about the image, as shown below.

(The image on Windows is twisted diagonally but still recognizable.)

Viewing the End of the File in Hex

Execute these commands to read the "tux_ecb.bmp" binary file into a variable named "clear". After the second line, press Enter twice.
with open("tux_ecb.bmp", "rb") as f:
  bytes = f.read()
  

Execute these commands to show the last four bytes of the encrypted file in hexadecimal. After the second line, press Enter twice.

for c in bytes[-4:]:
  print hex(ord(c)),
  
Four hexadecimal values appear, as shown below. In this image I have redacted the actual hexadecimal values.


C 202.1: Hexadecimal Values (10 pts)

The flag is the last four bytes of the decrypted text, in hex, like AABBCCDD

Encrypting the Image in CBC Mode

Execute these commands to create a new "cipher" object in CBC mode.

CBC mode requires an additional "iv" parameter, as shown below.

iv = "0000111122223333"
cipher = AES.new(key, AES.MODE_CBC, iv)

Execute this command to encrypt the data in "clear_trimmed", and put it in a variable named "ciphertext".

ciphertext = cipher.encrypt(clear_trimmed)

Execute these commands to add the first 64 bytes and the last 2 bytes to "ciphertext", and write it to a file named "tux_cbc.bmp".

After the third line, press Enter twice.

ciphertext = clear[0:64] + ciphertext + clear[-2:]
with open("tux_cbc.bmp", "w") as f:
  f.write(ciphertext)
  

Viewing the Encrypted File

In a file browser, navigate to your Downloads folder and double-click the "tux_cbc.bmp" file, as shown below.

The encrypted file is now random pixels, as shown below.

Viewing the End of the File in Hex

Execute these commands to read the "tux_cbc.bmp" binary file into a variable named "clear". After the second line, press Enter twice.
with open("tux_cbc.bmp", "rb") as f:
  bytes = f.read()
  

Execute these commands to show the last four bytes of the encrypted file in hexadecimal. After the second line, press Enter twice.

for c in bytes[-4:]:
  print hex(ord(c)),
  
Four hexadecimal values appear, as shown below. In this image I have redacted the actual hexadecimal values.


C 202.2: Hexadecimal Values (10 pts)

The flag is the last four bytes of the decrypted text, in hex, like AABBCCDD


Posted 9-17-17 by Sam Bowne
Revised 10-16-17
Added to Crypto Hero 4-15-18 9 pm
Windows instructions added 3-5-19
Modified for bew scoring engine 7-6-19