Skip to content

Instantly share code, notes, and snippets.

@mcsmonk

mcsmonk/RecoverLEA128Key.py

Created January 25, 2025 07:16
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save mcsmonk/20ab0e1b7a36b1e6a75bdf5623737b76 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save mcsmonk/20ab0e1b7a36b1e6a75bdf5623737b76 to your computer and use it in GitHub Desktop.
Download ZIP
Recover the Master Key of LEA-128 from the First-Round Key
Raw
RecoverLEA128Key.py
def rol32(value, bits):
return ((value << bits) | (value >> (32 - bits))) & 0xFFFFFFFF
def ror32(value, bits):
return ((value >> bits) | (value << (32 - bits))) & 0xFFFFFFFF
def inverse_master_key(rk):
T0, T1, T2, T3 = rk[0], rk[1], rk[2], rk[3]
T00 = ror32(T0, 1)
T01 = ror32(T1, 3)
T02 = ror32(T2, 6)
T03 = ror32(T3, 11)
delta_0 = 0xc3efe9db
delta1 = rol32(delta_0, 0)
delta2 = rol32(delta_0, 1)
delta3 = rol32(delta_0, 2)
delta4 = rol32(delta_0, 3)
T0 = (T00 - delta1) & 0xFFFFFFFF
T1 = (T01 - delta2) & 0xFFFFFFFF
T2 = (T02 - delta3) & 0xFFFFFFFF
T3 = (T03 - delta4) & 0xFFFFFFFF
K0, K1, K2, K3 = T0, T1, T2, T3
K = [[K0, K1, K2, K3]]
T0 = (0x100000000 + T00 - delta1) & 0xFFFFFFFF
T1 = (0x100000000 + T01 - delta2) & 0xFFFFFFFF
T2 = (0x100000000 + T02 - delta3) & 0xFFFFFFFF
T3 = (0x100000000 + T03 - delta4) & 0xFFFFFFFF
K0, K1, K2, K3 = T0, T1, T2, T3
K.append([K0, K1, K2, K3])
return K
rk1_guess1 = [ 0x39558DB2, 0x4091416C, 0x9EA11B6A, 0x0D1AA17D ]
master_key = inverse_master_key(rk1_guess1)
print('first guess')
for i in range(len(master_key)):
print(f"\ta candidate of master key: {['%08X' % k for k in master_key[i]]}")
rk1_guess2 = [ 0xB9558DB2, 0xC091416C, 0x1EA11B6A, 0x8D1AA17D ]
master_key = inverse_master_key(rk1_guess2)
print('second guess')
for i in range(len(master_key)):
print(f"\ta candidate of master key: {['%08X' % k for k in master_key[i]]}")
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment