I have a pair of encrypted value + plaintext, the encrypt code looks like this:
from Crypto.Cipher import AES
from Crypto.Util import Counter
......
cryptor = AES.new(key, AES.MODE_CTR, counter=counter)
Suppose that I already know the counter, and I have a pair of encrypted value + plaintext, then is it possible to get the key?
If it is possible, then how to achieve that in detail in python?
By the way, I tried several times with same counter and CTR mode, it always generate the same encrypted output, so I believe the answer is yes?
This is not possible.
Generally speaking, both with symmetric encryption and with asymmetric encryption, it's not possible to obtain the key by looking at known plaintext and ciphertext, even when the attacker can submit additional plaintext for encryption and additional ciphertext for decryption. There are often ways to misuse cryptographic primitives that allow attackers to do more than they should: for example, many weaknesses that only allows attackers to get some plaintext encrypted can be leveraged to also get ciphertext decrypted. But the attacker can't obtain the key from outputs of the encryption or decryption process.
There are common weaknesses in implementations of cryptography that allow attackers to reconstruct the key, but they require intermediate values from the calculations. Those values normally only live in memory for a short time, if at all, but a careless implementation might leak them through side channels.
With a plaintext and the corresponding ciphertext encrypted in CTR mode, you can potentially decrypt other ciphertext if the counter value has been reused for some other plaintext (which would be a misuse of CTR). (Note that what matters is the counter value, which is incremented for each block, and not just the initial counter value that's used for the first block.) But you can't decrypt plaintext encrypted with different counter values.