1 | Bletchley provides a variety of tools that make black box |
---|
2 | cryptanalysis easier by taking care of some of the more tedious |
---|
3 | engineering challenges. Bletchley is maintained by <a href="http://vsecurity.com/">VSR</a>. |
---|
4 | Bletchley is currently in the early stages of development, which means |
---|
5 | documentation may be lacking. Contributions are welcome. |
---|
6 | |
---|
7 | *Contents* |
---|
8 | <wiki:toc max_depth="2" /> |
---|
9 | |
---|
10 | |
---|
11 | = Command Line Tools = |
---|
12 | |
---|
13 | == bletchley-analyze == |
---|
14 | |
---|
15 | Analyzes samples of encrypted data in an attempt to decode samples to |
---|
16 | binary and identify patterns useful in cryptanalysis. The purpose of |
---|
17 | the tool is to provide an cryptanalyst with a variety of information |
---|
18 | that is useful in determining how a token is encoded, encrypted and |
---|
19 | formatted. |
---|
20 | <br /> |
---|
21 | bletchley-analyze currently performs two primary functions: iterative |
---|
22 | encoding detection and ciphertext-only block analysis. Encrypted tokens |
---|
23 | are processed in multiple rounds. Within each round, the following |
---|
24 | occurs: |
---|
25 | <ul> |
---|
26 | <li>Token length analysis is performed to attempt to determine possible |
---|
27 | ciphertext block sizes, where applicable</li> |
---|
28 | <li>The tokens are analyzed for blocks of data that are repeated |
---|
29 | throughout any of the tokens</li> |
---|
30 | <li>A hexadecimal dump and escaped binary/ascii string is printed for |
---|
31 | each token with repeated blocks highlighted</li> |
---|
32 | <li>The full set of all known and possible data encodings is |
---|
33 | determined<sup>1</sup></li> |
---|
34 | <li>An educated guess is made as to the most likely encoding is</li> |
---|
35 | <li>All tokens are decoded using the most likely encoding, and then the |
---|
36 | process is repeated until no further encodings are detected</li> |
---|
37 | </ul> |
---|
38 | |
---|
39 | bletchley-analyze can read from stdin or from a file. Tokens are |
---|
40 | delimited with newlines. Various options are provided to give the |
---|
41 | analyst control over the block sizes and encoding used during analysis. |
---|
42 | See the tool's usage statement for more information. |
---|
43 | |
---|
44 | As an example, several tokens were encrypted using ECB mode and encoded |
---|
45 | using base64, and then percent (URL) encoding: |
---|
46 | {{{ |
---|
47 | zRW5bHxcRYHHqi0nriqOzg%3D%3D |
---|
48 | meU8SyxVHE3Hqi0nriqOzg%3D%3D |
---|
49 | vTA9eA4hhbFlktsbYI4hIg%3D%3D |
---|
50 | meU8SyxVHE1lktsbYI4hIg%3D%3D |
---|
51 | }}} |
---|
52 | |
---|
53 | These tokens were then fed to bletchley-analyze: |
---|
54 | <img src="http://bletchley.googlecode.com/svn/wiki/images/bletchley-analyze.png" /> |
---|
55 | |
---|
56 | 1. <i>Bletchley's blobtools module currently supports 33 encoding variants, |
---|
57 | including various forms of hexadecimal, base32, base64, and percent |
---|
58 | encodings.</i> |
---|
59 | |
---|
60 | |
---|
61 | == bletchley-encode == |
---|
62 | TODO |
---|
63 | |
---|
64 | == bletchley-decode == |
---|
65 | TODO |
---|
66 | |
---|
67 | == bletchley-http2py == |
---|
68 | TODO |
---|
69 | |
---|
70 | == bletchley-nextrand == |
---|
71 | TODO |
---|
72 | |
---|
73 | |
---|
74 | = Libraries = |
---|
75 | |
---|
76 | TODO |
---|