
A JPEG that becomes a PNG after AES encryption and a PDF after 3DES decryption - soundsop
https://code.google.com/p/corkami/source/detail?r=1906
======
zrm
See also The International Journal of Proof-of-Concept Or Get The Fuck Out.

[https://archive.org/details/Pocorgtfo00](https://archive.org/details/Pocorgtfo00)

[https://archive.org/details/Pocorgtfo01](https://archive.org/details/Pocorgtfo01)

[https://archive.org/details/Pocorgtfo02](https://archive.org/details/Pocorgtfo02)

[https://archive.org/details/pocorgtfo03](https://archive.org/details/pocorgtfo03)

[https://archive.org/details/pocorgtfo04](https://archive.org/details/pocorgtfo04)

[https://archive.org/details/pocorgtfo05](https://archive.org/details/pocorgtfo05)

~~~
voltagex_
For the uninitiated, some of these files are bootable (on x86), or contain
other goodies hidden somehow. These are written (or collated) by Travis
Goodspeed - travisgoodspeed.blogspot.com

~~~
snake_plissken
This blog is amazing! Very motivating. Thanks for sharing.

------
nathancahill
The file in question: [https://corkami.googlecode.com/svn-
history/r1906/trunk/src/a...](https://corkami.googlecode.com/svn-
history/r1906/trunk/src/angecryption/PoCs/mrmcd.jpg) (direct download, 173kb)

Imgur mirror: [http://i.imgur.com/jUEAygp.jpg](http://i.imgur.com/jUEAygp.jpg)

~~~
nwh
People are going to be mighty confused if they try to use that, imgur re-
encodes all of it's images uploaded.

~~~
gpvos
Even JPEGs? That would explain some of the bad quality images on there. Or do
they re-encode without recompressing, à la jpegtran?

~~~
iancarroll
They do compression on big images IIRC

------
gear54rus
How in the hell does one discover that kind of thing? :) I don't really know
much about crypto and symmetric ciphers in general, but aren't the odds of
discovering something that converts from JPEG to PNG by applying AES extremely
small? Let alone something that ALSO goes from JPEG to PDF by applying 3DES.

I presume there is some algorithm based on the nature of ciphers themselves?

~~~
gizmo686
I didn't check this demo in particular, but I have seen this trick before. The
first observation needed is that you can insert an arbitrary block of data
into the picture without changing how it renders. The second observation is
that AES is a symmetric algorithm, meaning decryption is the same operation as
encryption. Using this, you can encrypt the PNG, and embed the result in the
unencrypted JPEG. Then, when you encrypt the JPEG, you encrypt the embedded
PNG.

There are a couple of complications to this. The major one is that both
formats require correct data near the begging of the file. The size of this
region is small enough that it is feasible to brute force passwords until you
find one that works.

~~~
mehrdada
You get the definition of "symmetric" wrong. Symmetric encryption refers to
using the same key for encryption and decryption, as opposed to asymmetric,
aka public-key encryption. By no means AESEncrypt and AESDecrypt are the same
functions.

That said, some encryption modes employing AES, like AES in CTR mode, are
based on generating a pseudo-random keystream and XORing it with cleartext to
get the ciphertext. The inverse of that operation is itself, but that has
nothing to do with the term "symmetric encryption". This particular case uses
AES in CBC mode, which is not symmetric in that sense.

~~~
cbsmith
There is a difference between "symmetric _key_ encryption" and "symmetric
encryption".

~~~
dlitz
Is there? The usual term for what you're describing is a "stream cipher" or a
"streaming-mode cipher".

~~~
zamalek
I think the objection here comes from not stating that it's AES in CTR mode.

AES is not a symmetric algorithm, AES in CTR mode is.

------
diafygi
Previous discussion:
[https://news.ycombinator.com/item?id=7775015](https://news.ycombinator.com/item?id=7775015)

------
sprkyco
tl:dr I'm a fanboy of Corkami and just wanted to show appreciation.

Ange Albertini does some amazing research and I was orginally introduced to
his works after reading POC||GTFO from a Talk Travis Goodspeed gave. Recently
Corkami did a giveaway on twitter for a signed mini-poster (Corkami's Posters
are amazing as well highly recommended!) Fortunately I have a signed mini-
poster en route to my mailbox cannot wait to have that thing framed.

------
tiles
The raw file:

* (JPG) [https://corkami.googlecode.com/svn-history/r1906/trunk/src/a...](https://corkami.googlecode.com/svn-history/r1906/trunk/src/angecryption/PoCs/mrmcd.jpg)

------
pushedx
Does anyone know what block size is needed, IV, cypher mode?

~~~
shuzchen
The python file in that commit shows you everything you need:
[https://code.google.com/p/corkami/source/browse/trunk/src/an...](https://code.google.com/p/corkami/source/browse/trunk/src/angecryption/PoCs/mrmcd.py?spec=svn1906&r=1906)

------
dmead
GOD WHERE IS THE PICTURE IM FREAKING OUT

