Library contains implementations of popular cryptographic algorithms and also some cryptanalytic attacks on those algorithms. The implementations follow the standards, so they should be safe enough against modern cryptanalytic techniques. BUT it is strongly NOT recommended to use this library for real world encryption. Instead, consider using more popular, reviewed and tested libraries. First of all, despite that the algorithms were implemented according to official standards, there is no guarantee that code doesn't contain any mistakes (aka possible security threats). And the second reason is that library contains 100% Python code and only uses standard library dependencies, so it is a lot slower than other libraries. The library never meant to be replacement for popular crypto libraries for real-world applications.
However, because of it uses only Python code and it doesn't have any dependencies except standard Python library this package doesn't have any installation issues as other libraries have (PyCrypto, for example might have some troubles during installation and configuration). Also, this library contains cryptanalytic attacks implementations, that might be useful for hackers' competitions, like CTFs.
- Private key factorization: finds divisor of RSA modulus (
N
), using private and public exponents (d
ande
). - Common modulus attack: decrypts message that was encrypted with different public exponents (
E1
,E2
) but the same modulus (N
). - Wiener attack (Attack on small private exponent): finds private exponent (
d
) ifd < (N^0.25) / 3
, e.g. ifd
is small. Attack usesN
ande
. - Hastad attack (Attack on small public exponent): decrypts message that was encrypted with different moduluses but the same small public exponent.
- Repeated secret nonce attack: finds private key from two different signatures that used same parameters, including secret nonce.
More attacks are to be added in future.