crypto/even_rsa_can_be_broken
This commit is contained in:
@@ -0,0 +1,34 @@
|
||||
from sys import exit
|
||||
from Crypto.Util.number import bytes_to_long, inverse
|
||||
from setup import get_primes
|
||||
|
||||
e = 65537
|
||||
|
||||
def gen_key(k):
|
||||
"""
|
||||
Generates RSA key with k bits
|
||||
"""
|
||||
p,q = get_primes(k//2)
|
||||
N = p*q
|
||||
d = inverse(e, (p-1)*(q-1))
|
||||
|
||||
return ((N,e), d)
|
||||
|
||||
def encrypt(pubkey, m):
|
||||
N,e = pubkey
|
||||
return pow(bytes_to_long(m.encode('utf-8')), e, N)
|
||||
|
||||
def main(flag):
|
||||
pubkey, _privkey = gen_key(1024)
|
||||
encrypted = encrypt(pubkey, flag)
|
||||
return (pubkey[0], encrypted)
|
||||
|
||||
if __name__ == "__main__":
|
||||
flag = open('flag.txt', 'r').read()
|
||||
flag = flag.strip()
|
||||
N, cypher = main(flag)
|
||||
print("N:", N)
|
||||
print("e:", e)
|
||||
print("cyphertext:", cypher)
|
||||
exit()
|
||||
|
||||
Executable
+53
@@ -0,0 +1,53 @@
|
||||
#!/usr/bin/env nix-shell
|
||||
#!nix-shell -i sage -p sage python3Packages.pwntools python3Packages.pycryptodome
|
||||
|
||||
import time
|
||||
import sys
|
||||
|
||||
from sage.all import *
|
||||
|
||||
from pwn import *
|
||||
from Crypto.Util.number import long_to_bytes
|
||||
|
||||
ADDR, PORT, *_ = "verbal-sleep.picoctf.net 56956".split()
|
||||
|
||||
def factor_n(n) -> (int, int):
|
||||
print('Factoring N')
|
||||
start = time.time()
|
||||
factors = ZZ(n).factor()
|
||||
stop = time.time()
|
||||
print(f"Took: {stop - start}")
|
||||
|
||||
p, q, *rest = [x[0] for x in list(factors)]
|
||||
assert len(rest) == 0
|
||||
|
||||
return p, q
|
||||
|
||||
def decrypt(p: int, q: int, e: int, n: int, enc: int) -> bytes:
|
||||
phi = (p - 1) * (q - 1)
|
||||
d = inverse_mod(e, phi)
|
||||
m = power_mod(enc, d, n)
|
||||
return long_to_bytes(m)
|
||||
|
||||
def main():
|
||||
r = remote(ADDR, PORT)
|
||||
|
||||
n = int(r.recvline().split(b' ')[1].strip())
|
||||
e = int(r.recvline().split(b' ')[1].strip())
|
||||
enc = int(r.recvline().split(b' ')[1].strip())
|
||||
|
||||
r.close()
|
||||
|
||||
print(f"{n=}")
|
||||
print(f"{e=}")
|
||||
print(f"{enc=}")
|
||||
|
||||
p, q = factor_n(n)
|
||||
|
||||
print(f"{p=}")
|
||||
print(f"{q=}")
|
||||
|
||||
print(decrypt(p, q, e, n, enc).decode())
|
||||
|
||||
if __name__ == '__main__':
|
||||
main()
|
||||
Reference in New Issue
Block a user