Link to this headingCCM

CCM is a Combination of Counter Mode (CTR) with a Message Authentication Code (MAC) using the CBC-MAC algorithm.

  • Uses MAC then Encrypt

Link to this headingPoC

This is a Work in Progress and does not work exactly as the standard CCM work.

from cryptopals_lib import * from aes_lib import AES import os def CBC_MAC(enc_obj, message, iv=None): #First Block is the IV cipher_block = iv if iv == None: cipher_block = b"\x00" * enc_obj.block_size blocks = to_blocks(message, enc_obj.block_size) for block in blocks: #print(block, cipher_block) xor_block = fixedlen_xor(block, cipher_block) cipher_block = enc_obj.aes_block_encryption(xor_block) #Do regular CBC Encryption but the MAC is the last block return cipher_block def proper_impl(header, data, key, nonce): import json from base64 import b64encode from Crypto.Cipher import AES from Crypto.Random import get_random_bytes cipher = AES.new(bytes(key), AES.MODE_CCM, nonce=nonce) cipher.update(header) ciphertext, tag = cipher.encrypt_and_digest(data) json_k = [ 'nonce', 'header', 'ciphertext', 'tag' ] json_v = [ x.hex() for x in (cipher.nonce, header, ciphertext, tag) ] result = json.dumps(dict(zip(json_k, json_v))) return result if __name__ == '__main__': key = [0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f] nonce = os.urandom(16) plaintext = add_PKCS7_pad(b"Message Data", 16) aes_obj = AES(key) mac_plaintext = CBC_MAC(AES(key), plaintext, b"\x00" * 16) cypher_text = aes_obj.ctr_encryption(nonce, plaintext + mac_plaintext) print(f"cypher_text: {cypher_text.hex()} ") #print(f"mac_plaintext: {mac_plaintext.hex()} ") print(proper_impl(b"", plaintext, key, nonce[0:9]))