crypto-CommonModulusAttack(GXYCTF2019)

最新推荐文章于 2023-07-13 16:17:41 发布
最新推荐文章于 2023-07-13 16:17:41 发布
阅读量868 收藏 1
点赞数 1
分类专栏: crypto 文章标签: java 算法 密码学
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/figfig55/article/details/128025882
版权

比较少见的一道java密码题,记录一下。
题目源码CommonModulusAttack.class用jdgui反编译一下即可,大概改写一下变量名字以便分析。

import java.io.IOException;
import java.io.PrintWriter;
import java.math.BigInteger;
import java.nio.file.Paths;
import java.util.ArrayList;
import java.util.Random;
import java.util.Scanner;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

public class CommonModulusAttack {
  private Random random = new Random();
  
  private ArrayList<BigInteger> states = new ArrayList<>(24);
  
  private String seed;
  
  private int statespoint = 0;
  
  private int stateselse = 24;
  
  public void oldtest() {
    try {
      PrintWriter printWriter = new PrintWriter("old.txt", "UTF-8");
      for (int b = 0; b < 20; b++) {
        int i = this.random.nextInt();
        printWriter.println(i);
      } 
      printWriter.close();
    } catch (IOException iOException) {
      iOException.printStackTrace();
    } 
  }
  
  public BigInteger generate_init_state() {
    BigInteger initStat = BigInteger.valueOf(0L);
    char[] seedCharArray = this.seed.toCharArray();
    for (char c : seedCharArray) {
    	initStat = initStat.shiftLeft(1);
      if (c == '1')
    	  initStat = initStat.xor(new BigInteger(this.seed, 2)); 
      if (initStat.shiftRight(256) != BigInteger.ZERO)
    	  initStat = initStat.xor(new BigInteger("10000000000000000000000000000000000000000000000000000000000000223", 16)); 
    } 
    return initStat;
  }
  
  public void gen_states() {
    BigInteger plain = generate_init_state();
    BigInteger e = BigInteger.valueOf(17L);
    ArrayList<BigInteger> nList = new ArrayList(24);
    ArrayList<BigInteger> cList = new ArrayList(24);
    for (int b = 0; b < 24; b++) {
      BigInteger p = BigInteger.probablePrime(512, this.random);
      BigInteger q = BigInteger.probablePrime(512, this.random);
      BigInteger n = p.multiply(q);
      BigInteger cipher = plain.modPow(e, n);
      nList.add(n);
      cList.add(cipher);
    } 
    try {
      PrintWriter printWriter = new PrintWriter("product", "UTF-8");
      for (int b1 = 0; b1 < 24; b1++) {
        printWriter.println(((BigInteger)nList.get(b1)).toString());
        this.states.add(cList.get(b1));
      } 
      printWriter.close();
    } catch (IOException iOException) {
      iOException.printStackTrace();
    } 
  }
  
  public byte[] encrypt(BigInteger plainInt) {
    try {
      IvParameterSpec iv = new IvParameterSpec(new byte[16]);
      byte[] randomBytes = new byte[16];
      this.random.nextBytes(randomBytes);
      SecretKeySpec key = new SecretKeySpec(randomBytes, "AES");
      Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
      cipher.init(1, key, iv);
      byte[] cBytes = new byte[128];
      byte[] plainBytes = plainInt.toByteArray();
      if (plainBytes.length == 129) {
        for (byte b = 0; b < 128; b++)
        	cBytes[b] = plainBytes[b + 1]; 
      } else {
        for (byte b = 0; b < 128; b++)
        	cBytes[b] = plainBytes[b]; 
      } 
      return cipher.doFinal(cBytes);
    } catch (Exception exception) {
      exception.printStackTrace();
      return null;
    } 
  }
  
  public void gen_new_states() {
    for (int b = 0; b < 24; b++) {
      BigInteger stateInt = this.states.get(this.statespoint - 24 + b);
      byte[] cBytes = encrypt(stateInt);
      this.states.add(new BigInteger(cBytes));
    } 
    this.stateselse += 24;
  }
  
/**
 * AES encryption
 * @param paramBigInteger
 * @return aes encrypted bytes
 */
  public byte[] stateconvert(BigInteger paramBigInteger) {
    return encrypt(paramBigInteger);
  }
  
  public byte[] lrandout() {
    if (this.stateselse > 0) {
      this.stateselse--;
      BigInteger stateInt = this.states.get(this.statespoint);
      this.statespoint++;
      return stateconvert(stateInt);
    } 
    gen_new_states();
    return lrandout();
  }
  
  public static String byte2hex(byte[] paramArrayOfbyte) {
    StringBuffer stringBuffer = new StringBuffer(paramArrayOfbyte.length * 2);
    for (int b = 0; b < paramArrayOfbyte.length; b++) {
      if ((paramArrayOfbyte[b] & 0xFF) < 16)
        stringBuffer.append("0"); 
      stringBuffer.append(Long.toString((paramArrayOfbyte[b] & 0xFF), 16));
    } 
    return stringBuffer.toString();
  }
  
  public static String convert_2_binary(String paramString) {
    byte[] arrayOfByte = paramString.getBytes();
    StringBuilder stringBuilder = new StringBuilder();
    for (byte b : arrayOfByte) {
      int i = b;
      for (int b1 = 0; b1 < 8; b1++) {
        stringBuilder.append(((i & 0x80) == 0) ? 0 : 1);
        i <<= 1;
      } 
    } 
    return stringBuilder.toString();
  }
  
  public void initseed() {
    try {
      Scanner scanner = new Scanner(Paths.get("flag", new String[0]), "UTF-8");
      String flag = scanner.next();
      String binFlag = convert_2_binary(flag);
      this.seed = binFlag;
    } catch (IOException iOException) {
      iOException.printStackTrace();
    } 
  }
  
  public static void main(String[] paramArrayOfString) {
    CommonModulusAttack commonModulusAttack = new CommonModulusAttack();
    commonModulusAttack.oldtest();
    commonModulusAttack.initseed();
    commonModulusAttack.gen_states();
    for (int b = 0; b < 24; b++)
      commonModulusAttack.lrandout(); 
    try {
      PrintWriter printWriter = new PrintWriter("new.txt", "UTF-8");
      for (int b1 = 0; b1 < 24; b1++)
        printWriter.println(byte2hex(commonModulusAttack.lrandout())); 
      printWriter.close();
    } catch (IOException iOException) {
      iOException.printStackTrace();
    } 
    System.out.println("Bye!");
  }
}

相关文件:

#old.txt
-1029728314
1487023297
1423989849
1599108224
-1105891682
-155445570
1810855967
-86576152
-699473878
148445908
2098722170
1844125436
1326761031
552466959
-2003932646
-743304688
1450367769
1947341463
-1847355229
111050485

#new.txt
22004ab9b42734a1ebd9ca08fd3766f78ad2f865e6d8e490f9ef388a1002acbda09d2d081241794e1d7ca3dc67e04b6e4e06eb8a8104eed8b26f5b03dfeaf0144aac16a043cea741079bc6d1798836ad902aec6b012e138153902f51a4227d601bc11647bd2855e67fc5a08d3b420e6a62fdca68e8cfe40996fd91fe355bad08
1f680a1d5cdd60fa81d3a2de5545de056012d2d8c486fca4c427186ce4dddc03b87da0da2de6edfdbfa2c64d29a123fdc2a738a623cd06486c76a614e4d0c535d17537e896cfdf5ab7f01fcd52cc59ad58e6f172e9849e94b49a578115553e04a09acd75deb85e080b857ff7010771cb519a37bcc064c3f6af36918a774f86bf
d0e94f43affe96d0808eb00b97f50ad06256dcb68e744e96946e2797f2ed364da4a916d3fc5d6825b55318fd19211582e6664d0b608e8cda3ad38eb1447d67861e8de5f2282829abf54688b1fd40bd1bb819ab791b9a5e10d77f566182708d528d5fc40f789c7ea5f296e73ee48d98dea2861ac7f7c8050b467a6fc5cd94abf0
f1e1c0fe6c34302316b08978c2a20026bdfbd062b0f76727d96729f780b95eb1507d1c686e22e01c4187487bfa2709a18470ace5f347fd2b652763cd0cacd891efe68283a2b76b2cf1a90fbae5cbbf3173b2b4d4c93eb835b38837201c9a21c1b63b99bf8b9606e28d283a9398db5165b9f255cb16b1289fc589750f1cbc26ad
f394b0d2ed4dacb07bddf04be7c6cb430c3fffe3f1bfa9d94f611429c4d7b882673f0fbfdebfee0b4a53b13627e4ad9f25c3ebcd3c3de51990ffce0ab9e9b7b190fbd80d53da0f4a91e2f4731ba81975dc3657bbd31f99055b61202e4b7b52549b8d830c3f96072bf32be665390fd2a765f8752c82c76b6b479495b1ac3d9280
6843dbbf0c7871a6cdd088a7e022374db584bdcac87f0f70f87f960595d30808e813eef46275dcd1075976f6a94af3522c11cdb825003ce737eb2857e53351badcc2b4cb93560b6cb8c8bf901550c1ac1110d036131686a36bfecdbf2c959413016b3b9169646568836786ac215e8e1325607248e9af99c91cb897c2781d8f59
39f086a1cf5990a2ae5df143de7af5e45f33e6a3a5537298b448f24d9092db1121b8e134c7f5a648de2fdfd9091d4f6cd33bebb631f39c4a68d3983d3ac0f76ef345d3836c96dfebf1b4ca557bdb1c4b0d6c48d01bd59066fc8651d2011d0bcd0309e43bea55828631e90dcc8818ba15bd4347239e1299ef1215df7426bd03bf
efa9b0aa39b79fe066f4d27fe960e835b39e054023946045c26a58e39963563edf2560bd78acf561a6c14ae1210df552fc7558821cbb8d2f3115b40aabcae16e6c58b5124bf474dad5ee7b0c9dd9ee711dfdf56f284a57f6bf22ac6447d88fb9b4bd75f30d2c1f6cfeb952ac6171cfde1730d128d752f548df7e40dfce0e4f29
47c9a3c158574175f410e4e596b1a25b7c44558a0c087d18a2a4183438750f79115eb8bde7a04040d4d306f4d3aa00320614f84fa1b7acd12a6e5219ee1dc8911ac6b013aea175d14ae960f9a2ed8cc0e521dca42521f32af9e0bbdd19626f12b753d81095270f968764444c54342f998ca69eb37d3ef2789fbda9994f53b386
029276b1916aeda79d21fa348b73bddc0e8be3a9857d3b84dc3afc9f0ec8cb781c0fb6f99c1e9baf51aab1faf906afd3ae72231243de2e4a52d25c4edc7aaa10d0e3be55f81d72644fc0df1f1ccf0929f496c2792f99ea1bf6f3663d4a696dcfcd900a9a3fa7cc12753fa99c188d9329b96f2ba527079c966d195d88dfe54c67
b774dfe29ee526af48bdc72b8942af3399580bb6f3bb2e802432ce578a63bf8323749660a22a73b99fe56a4b74c6e600b5f7a2d7921234f2a3e757777b8b99efabae00f401d4dc23588480ea71a3e940fab74ceee942652e7e33dcc6fa601e492657dec4c413231d4e1524ee6d9629d8a1b444f427c4bddc0939fc91a7ace0cd
aaa6c479a07fe88bd6f43880d6f7d1cce273491b8e0ba56f6bcba855d2658bcaba56f8493f935bacc5c56fc1d33568c4de097d8cc9f692bbe1459440a82e04a5a701d837c0a9f5190c1be93628025cedfd8ab960beda62200ca4360bc161804c8592215252bf95e24729c97160370c91b4e56e17a9cbef091aba0d6c576d42bd
9807d0ee7fb4d7e513df9bce5ef427cc728b46fb8c583533169e5ea094ecb1e3be75cb5ed7e311d89f09f4325a00df097301699b80fb20e6651a643e5fcc6c4cf0db1035a719c5fa83848d72634f17693de5d3c8b286fd837d07c9f0a835824cf7e012b092d6df8d6ade536c068e0d493eec8c21e892a671bb8aacaa0990064a
6f22bde5b68e4bc123a0a14771b5c515527c95c9dacff0b0ab5b932bbf280336ab2125028370166fba401ff45955826b4011a6235e6b239923b056de389e2e177fc410afe03ae0da927ad9d5e63491d5310dd672ca94ee42277fec96a679465c164a8f3f8dbff4561a0d6d62114c86e125ea2a4a42537438d8ceed81cee6a8f6
3696e270e111e51ac6d75becc205a84ceb38dcece565e5bac9841ce552b68ad0051f6ba315f311c603646c4de25ee4c570d6f9b5f32a33790e34156fd4597ed427c7ffb3fd83db46e72718256e56c49b275dff1770189097aa23190f51eec7d38f7e870aa8da5e59f65a49c051845775d94abf611392617911c102f3de84c6bc
562493ebb7d11fe13975d834f016268f3c65acf63fe648d9cc06bff731d3aae77eb2a2c5d9ad27deed5b46667fe93b7e61a6fd216991b913e94abd54b2dfcc5610f5189b8622ccbd8663a4710a2bdef7cea7c3615af5a0fde24618dd28ef1bcee8aeaa2bdb174e617dac6fbcac809ffd4c4adec3a26d016549751220943d0d9a
80726f383e26ef91cba57fc24733f1c8316eac7d7c68130cd48ff672923b7a1b68c091eb985103685145df8e33d5ee3c325f2b4dd015203388830c13b412ed4c14728c13d10d05f9b1ecada1dce5881d30c76c27d7b29ebb42b9d2daa05ed7610f374910be32e6e863777a989d1d1e95bd76b1d105cad20f35dd878c7d4642cb
adda2d943f5b6da562d25ba8d7ad02b6effb41b3f568ecf662c1eb57f8e165cfcaf4b71270a3620f7bdeee48da561920485bf603efe449522d2d5e482142199b299b48d83c8c17091b7bb7cc263e731880c17c73649043755808857a07f7b59888e0c21816e416fff4990e6a80fa02d0496e427beeea3e9ed237b5db97273238
e4ebe13aa9e2d97b26579031a86b45ba4f44e53c4661c5f2cc4ec9069e9b92f51d41f3ba19a0a4483822ac0bc18af636c7dcc9065e123853efc20611a265643cee8400f3e5a8cf6f072154d1542b9b8513decfe9bdd0f9e10f3719c2ccdd8d45071d44bf6e0b93f3afccd156fa0fd5117f5007bc1b517df46c621bef960a3052
154a41666d2cb74e186f7bf673fc29f64efe88c00592ff768dac4b25f2fb6583e84545abf9d79fdda43457bb842732c09dc949ebd01bdcf06801ed19d9b2165409b7e34e2637a618c4d4cc5da330ae54935aa4ea6e85d3bd0b4dd3f6590954dc1680675d91d01559f4705cf73c4465b5054c750143d2f20fb33748b9c5857de8
f79487ca5b7e6b365ecbf81f3f9c65051886f3929eaddaab74af53a2b0892c8f8aeb75be423337a7876412acd503f48de8cab7526168d9cf0b2f09d8276139e0804ba3708fb4b585fbfc0330ecc6e5e22da2783714777451870c90fc637839b0e6816be8587ed677f3bb10c3478ad509c4ba9fc4d25dbf8d259abe1dc4b22021
869cb333a5072a42852fe63905f149a1b6a64444429e3f6f63352faf3c65b701ff545ec70790e3edd8bda9fd48914fb4271d95536a814157add96d2c698a17466e1d1a769cfc3ca9b43a0fda87751cb0d2950537708a5269e9b2d195b89039ca53012bcf54eb161bff6f437e377f976493de42f3885eac3e5964810f59e5c577
824ed0a8e1e1a22195f912a7ef7fd514c6eddee915e1f62a0a1e528b4afbda4e0d86cb699e09919a93d28a98ae34afba95b85305427655e4baff05a073c72ebdbc42e5152fbe18e7ae71123ca072b875f7de2376b4dd93aa9c39742217e11e57bfe0a3fd535a3379f30a3f6906fe3a7a7f569f1505a53a8a5d0175fc773df92e
c89dbd58c1d6142ca9846a2cbac25291e7c9d129243d56ab59e274c0ed2826b3afda5bac53279c223a81e6840945c85d4af41f32c8de6902ecc75328dbf5ce647473c42abe50a16cf68dac04bb2eb54ece759103ba015383a2dd5118edf551ba9c7e1b85161d82a1bec873e5942e2f1a175a99c107c5bf50a12d3d41b317dd95

#product
98814919313645615562227632501842353623335365853705229901835148468883495797275597414884229673154676216661172834551301610934651963240119409868685277777800714566912405986645043974924445077030680918856209854280255930507129711147257107127165995928330446921396988707590674551893978543347857267274126479566133964621
120309037005681976370949305207133746746983392014859786008077885868206237066288839457678467372792330832240493847319506910624107293327355575990265009395111812157069795648694878932912724266067108352114568041606927740805295578389613410752347225302683181568493377905133685788806771897944116380798383235212880787111
111785936365127017878364692255320290881390250034420261152076893236497751708479451558829998875477413370296672127312833416766071239043340476618512716523841455668113510503541200502811971438914643566444202595134432922460265282115077045761511350952491133678485898016929814918158114380643876728495327499109907572429
79107360215620077532659896175026195404235793190726547917783395438823337589603205953575483353228931287967504796791548380004359471560051416284517914649068134828827258371600937675407475086859499975654685415750272651221034077150245371035999615125332427139552452769011676593964204925071318469088799724530215124831
76569172668426111655559325602270543124911618387292779930876870738135074619169375835923184222768365842868492168017456879360896599138595315395127482484106260530315856131196505195380380922891702380525990613251179620270889682827012451440651535676227547036408820876146886053832887455868205776680614430725735043793
103550587454386321582558194662757829135212617455098189704465201424747083811259424236094773443146797074227050243796231001527513188517222102533609879856271977599085359214761995812013304273705087884012864870860316140959386263712261023431338642036955538675194995254860356196860928948904910104782072744666235086537
90971837642433291280873621883216367817998065218607475308728029342384397984877685262773211911225017685122069795492703551175449897609664953357038478590596118164908410836795589316859218558924908109018646584994451050418244132783990484997446700555849562546557811117907782116545477224921738603975274933186794342491
73413351017881312712468977975284224969712424335838849844092642943213311672854945671322891541815396298565073974489398966168460398863368939081968582617939378670552898186310210195570878457837228086549976345444751087428844389630498481701518885699105988150105202350202767346091098175295783591431654750734894877399
71566039368566410696192366523253937232453984906766927106190688497758283492117264515150487759343943529526150027981496199751072735188260477291107672692545413595715319871286731540613403720279178498965086799594314786942108180966532474527957866789627251162692053119249102334395349645969466674380262856097693438521
107628356419937581357884846311454393897766095193524472406415741434987693671384322405146875604772875861371298399663792861133695195849541253920791194728970646177177601304422827790522809107774220027822016584419667805968358988156290174765868439478153696514808349459959439415529354636614886500694506023255079823373
91790474865200416562498525223387195736004778541952759476953293702991209352845230506773341766471835481185571572235140157043225934157398559619371693860888447188748144001978514611594339471810299348783446801794220036396407380964251612645759456101262295721935493095278291895678614455197784652961018115949658419209
57745662696838303754303952465503228135078930819394673548775585096093512474118594638537980679427929033618503594855631276864271074749153391716985704043006635120113738881223783140512431675306017867810186495417036064170392661338259312054070420545443175282250796188844807847223002952495291671792316319261526203977
74932280401824987073956870313685377085306206587423235348665346009152728684240450812927074555554879023572849407016961782430835249861002565952666939003777340922054220851625176505153442063005452154788416303298829441483147485245199232639360652800187172042662155481290924850141197767078965685536829327773869523877
151358344215033244675875489778202324190602535755100062795559941742660074031432793530151212013764307368624092680307412309928239344375084702784223862577115959360359550888626830285200297868200193432953229394288774622849280647658223840091169768900707469559531106032962678397359686688885464319205469445395775505261
58689109871391516446867152324943075006307619674297402783356934482330092148515973708298623302336452436909987582230530380141926976193048683919739669740152340284783548654140031841997682049142230063299924009372163169151602233027862127015614058254349505308306391730351101028876962457506249662645940599043284890479
75861752129011706039232551442557324749632957472023260501544821732788259510015930776827063124846257933592600211419172200445500819665741080443558399298477165580569304097320488157982369509484537407955071525374169099071933569693698855275672496186292197585298047755984716638462181339492749181406670186116294083207
95346418806667240579084074666101586656652563700979849442906833893357500903462274404419599353579163690013564626109399908623932855557157233581946448703748443415302152330984340846031484190075840945839657868726300498034388094371265188156182339601979104590181781634872909781460522645431312963619475713195057529053
111263984476673436627489757275903278242507559263558167504820261180694675496975214444112803028740397579682261168188209236682419315487324285379489604372214244677171978542867983223205255696183564627476468236388981120865570003958834885830340089377367925355956102357809150294822256788916694056156982524732649022121
96342125779778036941833551361632436941989127906210900570779845131168275089639216016217308560788807120832119537472979904464676694024827555869317191603939804273190020844614998671864808084618549460537796585180744783403305042282594096501853485099449520451347637383758909023665498253598410753186362009460492830077
123521857465916800677857353280191063787794382070207831208108072146961113332349472274610835066727682678338330153931986264103329376246220375119477195903647449590640978718531623595252346576912612285734791871663640158415800617586885197074330899616507185403383799265717845801374846656401529390641443616981589591271
131405795868049704946945078209025643754825946515862168268539786167707046891586623717476673108436285639575419309084969446295535565904197185085776823271112656565198238246280988380382110403894156666473014985911785626169140414905488725615795364652211328520244008235414509954941587909513975543894548408022461287151
70967114730909286832264494950640090470702806737946498609585048455374288588521539757280256786923900427556094520842779667859333365003824139739221992299308163341116429010529334098884182035133381995880826298540167736908299468072146475041847885773746257305103221598524542443653591683985019129894558266194325182821
107979432465960445003549108683102634118917861056034954024622240724163563602890130060316628069849623795318199576811119794560257267198435021465634488362082571221559448800322437539178387390819167699914898519745802727807447711037649579119174492560260601959406822151422632429549878526990294167401411360169366398309
118859893624530448832013335940179713922013208072805796098733098460272093097271354351290476904722130296985679088987020794135009361338702308650147800222344594443187427748099291365938946361540610154000110289387874941903994296345375923386002742685159036859796319092682744673080262820281354319298093885235987771731

分析一下程序逻辑。

  1. 首先是执行oldtest函数,逻辑很简单就是生成了20个随机整数输出到old.txt

  2. 然后执行initseed函数,就是从flag文件中读取字符串转为二进制形式,保存为seed

  3. 接下来是执行gen_states函数
    3.1 调用generate_init_state函数生成initStat值,本质上是seed在有限域上求平方,原理详见这篇攻防世界-密码学-onetimepad

    • 取initStat=0
    • 按位取seed值,每取一位则initStat=initStat<<1
    • 当seed相应bit位为1时,initStat=initStat XOR seed
    • 当initStat>>256不为0时,initStat=initStat XOR 0x10000000000000000000000000000000000000000000000000000000000000223
    • 返回最终initStat

    3.2 循环24轮生成随机512bit大素数p和q,e固定为17,n=p*q,将24轮的n值打印至product文件,每轮都将initStat值进行RSA加密,24轮密文依次放入states数组中

  4. 继续调用24次lrandout函数,再调用24次lrandout函数并输出函数返回值至new.txt
    4.1 lrandout函数是本题的一个重点详细分析一下

    • 需要注意两个私有变量stateselse初始值为24,statepoint初始值为0
    • 每次调用函数时先判断stateselse是否大于0,如果stateselse大于0则将stateselse减1,然后取states数组的第statepoint个元素为stateInt,并将statepoint加一,最后返回stateInt进行AES加密后的值(注意这里每次AES加密都用的16字节随机密钥,iv为16个全0字节,这地方是重中之重
    • 如果stateselse不大于零,则会调用gen_new_states函数,这个函数的作用实际上就是将第一次gen_states函数中记录的24个RSA加密密文取出再进行AES加密,然后追加在states数组中,最后将stateselse变量重置为24

到这里整个题目的逻辑就比较清楚了,已知的条件就是一开始输出到old.txt的20个随机整数,然后就是输出到product的24轮RSA加密的n值,最后就是new.txt中经过两次AES加密后的24轮RSA密文值,需要通过这些条件反推出seed也就是flag。

题目逻辑基本分析完毕,此处是华丽的分割线,后面是解题思路

注意到本题中多次进行AES加密,如果此处无法通过随机密钥解密的话那本题几乎无解(个人浅见欢迎斧正)。这地方讲真只能是找个巨人的肩膀站一站,比如这里PredictJavaNextInt
专门的java随机数预测工具(大概原理是爆破,可见java的随机数算法真的不安全)
请出predict.java

import java.util.Random;
import java.util.Scanner;

/**
 * References:
 * https://stackoverflow.com/questions/14616163/how-to-obtain-the-nth-random-nextint-value
 * https://www.codemagi.com/blog/post/247
 * https://docs.oracle.com/javase/7/docs/api/java/util/Random.html#Random()
 */

public class predict {
    private static int calculated(long seed) {
        //32 bit MIN MAX value
        int bits = 32;
        long seed2 = (seed * 25214903917L + 11) & 281474976710655L;
        return (int)(seed2 >>> (48 - bits));}

    public static void main(String[] args) {
        
        long seed = 0;
        Scanner z = new Scanner(System.in);
        System.out.println("Enter a randomly generated number (random.nexInt() method) by java:");
        long target1 = z.nextLong();
        System.out.println("Enter the SECOND randomly generated number:");
        long target2 = z.nextLong();
        //Brute forcing begins
        for (int i = 0; i < 65536; i++) {
            seed = target1 * 65536 + i;
            if (calculated(seed) == target2) {
                System.out.println("Seed found: " + seed);
                break;}}

        //Setting the exact seed to replicate the original run of generating numbers
        long calSeed = (seed ^ 25214903917L) & 281474976710655L;
        Random random = new Random(calSeed);
        int result2 = random.nextInt();
        int result3 = random.nextInt();
        System.out.println("\n" + "Numbers after that can be " + result2 +" and "+ result3 + "\n" + "The seed calculated is: " + calSeed);}
}

使用很简单,输入old.txt中前两个随机数,即可计算出此时的随机数种子,注意这地方构造Random对象时候参数需要用calSeed:

Enter a randomly generated number (random.nexInt() method) by java:
-1029728314
Enter the SECOND randomly generated number:
1487023297
Seed found: -67484274725178

Numbers after that can be 1487023297 and 1423989849
The seed calculated is: 213967908243627

得到随机种子后可以用原来的程序打印一下每次AES密钥,但是要做一定的修改:

//指定随机种子
  private Random random = new Random(213967908243627L);

//由于此时nextInt是从old中第二个数字1487023297开始,所以循环次数为20-1
  public void oldtest() {
    try {
      PrintWriter printWriter = new PrintWriter("old.txt", "UTF-8");
      //for (int b = 0; b < 20; b++) {
      for (int b = 0; b < 20-1; b++) {
        int i = this.random.nextInt();
        printWriter.println(i);
      } 
      printWriter.close();
    } catch (IOException iOException) {
      iOException.printStackTrace();
    } 
  }

//每次AES加密时额外打印key对应的字节数组
  public byte[] encrypt(BigInteger plainInt) {
    try {
      IvParameterSpec iv = new IvParameterSpec(new byte[16]);
      byte[] randomBytes = new byte[16];
      this.random.nextBytes(randomBytes);
      SecretKeySpec key = new SecretKeySpec(randomBytes, "AES");
      //add print
      System.out.println(byte2hex(randomBytes));
      Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
      cipher.init(1, key, iv);
      byte[] cBytes = new byte[128];
      byte[] plainBytes = plainInt.toByteArray();
      if (plainBytes.length == 129) {
        for (int b = 0; b < 128; b++)
        	cBytes[b] = plainBytes[b + 1]; 
      } else {
        for (int b = 0; b < 128; b++)
        	cBytes[b] = plainBytes[b]; 
      } 
      return cipher.doFinal(cBytes);
    } catch (Exception exception) {
      exception.printStackTrace();
      return null;
    } 
  }

得到共72个key。前24个key用来加密了24次RSA密文但没有保存也没有输出;中间24个key也用来加密了24次RSA密文,加密结果被追加在states数组中;最后24个key被用来再次加密之前追加的states元素,并且输出到了new。72个key值如下:

0e5ca3996d4d52833fba5440babc94e7
2dbdc88f7f2bebe94b36a69490256199
48ff99f7b2f0a251e82bfa7bc118dc75
45dda3e9ed3ec45279b6933ae0912470
b7f8b7efcb7d53ab5b5d5341b28ebcf9
83ee88106bfc3eaa25f309172537199a
c591e04884dc8e8631a583938110f9c7
f47044d3bb1a40a55bffb5ecddaf0d4e
43097b95384857ff08e8e36bd39f698b
4a4ca62576c96c8d69d836fc776dfaa9
e55bce2c5aaebdcf01d57cc68410622d
5ca001b58777e98664eaae1ad8220232
c39cddcbf05c365b4032dc67229b3e3a
a425a611ade9ba3ba1a451a2d9fe2456
dadd467712016575703997666f3f00d3
bf1df5dcfea0c3003c1e5f5ac6b630f4
89a8e62570f5f9fd3c040cbbe2f622b0
f1d3f3fd5f91974d94ca3ff0e060b732
15064232cae07a44d708341827b71755
9ead7d780c28a08dcd3db25fdc1e1721
2518f98e75a410e875a699189b440c57
d2ca772517a24ae64c013db46398dc3f
4641c440dd9ab490cfc1c25ad1d4ea84
ba36a834e0b23a8b3f7856e290450a74
68ddbdaefd255770a471a2800f81bbd1
29a81213a27abb9e13d4f41275890eef
5f8afaefe88dd9f332bbe325d188d11d
14d2fc0ae7cce869fc1878a0969c7244
6300b25b442ff56cc15e1fc945646e5e
1644fcb40ec74aed703220306b478c3d
907a7a47caf969c718b44e54cea6c42e
eddaaf1bccb6dd67ac1781c7e36cbcfa
67af580dc83e0e8d06970d6982b18488
fbc00646a750c0772e00a779dc640499
4b59a6299ecf9995db637dd5ac355d3d
c6fe36b67d3602e539a8dc4bac26fce1
054f117f446c46c0ec03db9e4a8719ce
789bc54dfccd4cfc54a5453e9b437383
412c3595c3819ffe120a1adf8fbf4767
5f4d42f12767609ccbcabef866b146eb
0f8a91f4b7381bc92bdf164b62af901e
6eba9838d7b29fbe2c9eb678be64352b
62c7de98d4d356cf98fe3197dea12b07
bb48197338892350ccdbef40c7bbbd37
946103d15e5e1057be426618d0ee1757
ff7e9b48480011a6400b60f89ab84d6c
e0dc2bcaafaa374685412cf03c5d06a2
19f55b4b5bd22bb5e4239c19c30b507e
e73cc771b5a0b045dcb8bcc9d9551c22
8bd477e09914df7957418550c3eedfef
2c0d6a5071dca0c3330b84af90e5fa21
fbe827ff7e3d36abfd6727688fce2da2
98f9d97d799c62ddffcbd8c70190b3de
b4401d695a7b80e87c59fc360fc6de5e
f6f6c3d476007762395c47d8fdf194a3
225da128cf5a980e3f7904cca0e8f00e
78fbde1aa7971133df9604470d34f974
59f35b5356bd0947f6c0673b925ceedc
30477de85d3f1736728d59f2ea4c805a
8f3ce04aba1f90b014c590cdab4579af
983cceb87d51aa0377541a9e0314603c
9ed663f69a30a73550c9f3ffa37f7a40
0bc952b201239e2af6df79e7fa23b452
833441bbecb6274325e5f3baa6287d94
495d466577d26ba8feefcca7278df758
e29e274c75c82a965138985cd5fb00bd
f775fef3806682c41f0d0e6f13581213
7fc41ac15150ad455a2f03bcc57bcd9f
1db482d7523c0c01ee943447ffd7a434
c6daa3cc71e5ad8104d8dd15feec8ff4
a685dfb837c6833c84d6b0415bcd7a66
444ed64c18f1be3edc4529e67d204ec9
Bye!

那么可以用第49-72个key解密new中字节得出后半部分states,再用第25-48个key解密后半部分states得到前半部分states,也就是原本的RSA加密密文cipher。
得到24个RSA密文后就是老套路RSA广播攻击,得到initState值。
此部分sage exp为:

#sage
from Crypto.Util.number import *
from Crypto.Cipher import AES
import gmpy2
e = 17

ns = [98814919313645615562227632501842353623335365853705229901835148468883495797275597414884229673154676216661172834551301610934651963240119409868685277777800714566912405986645043974924445077030680918856209854280255930507129711147257107127165995928330446921396988707590674551893978543347857267274126479566133964621,120309037005681976370949305207133746746983392014859786008077885868206237066288839457678467372792330832240493847319506910624107293327355575990265009395111812157069795648694878932912724266067108352114568041606927740805295578389613410752347225302683181568493377905133685788806771897944116380798383235212880787111,111785936365127017878364692255320290881390250034420261152076893236497751708479451558829998875477413370296672127312833416766071239043340476618512716523841455668113510503541200502811971438914643566444202595134432922460265282115077045761511350952491133678485898016929814918158114380643876728495327499109907572429,79107360215620077532659896175026195404235793190726547917783395438823337589603205953575483353228931287967504796791548380004359471560051416284517914649068134828827258371600937675407475086859499975654685415750272651221034077150245371035999615125332427139552452769011676593964204925071318469088799724530215124831,76569172668426111655559325602270543124911618387292779930876870738135074619169375835923184222768365842868492168017456879360896599138595315395127482484106260530315856131196505195380380922891702380525990613251179620270889682827012451440651535676227547036408820876146886053832887455868205776680614430725735043793,103550587454386321582558194662757829135212617455098189704465201424747083811259424236094773443146797074227050243796231001527513188517222102533609879856271977599085359214761995812013304273705087884012864870860316140959386263712261023431338642036955538675194995254860356196860928948904910104782072744666235086537,90971837642433291280873621883216367817998065218607475308728029342384397984877685262773211911225017685122069795492703551175449897609664953357038478590596118164908410836795589316859218558924908109018646584994451050418244132783990484997446700555849562546557811117907782116545477224921738603975274933186794342491,73413351017881312712468977975284224969712424335838849844092642943213311672854945671322891541815396298565073974489398966168460398863368939081968582617939378670552898186310210195570878457837228086549976345444751087428844389630498481701518885699105988150105202350202767346091098175295783591431654750734894877399,71566039368566410696192366523253937232453984906766927106190688497758283492117264515150487759343943529526150027981496199751072735188260477291107672692545413595715319871286731540613403720279178498965086799594314786942108180966532474527957866789627251162692053119249102334395349645969466674380262856097693438521,107628356419937581357884846311454393897766095193524472406415741434987693671384322405146875604772875861371298399663792861133695195849541253920791194728970646177177601304422827790522809107774220027822016584419667805968358988156290174765868439478153696514808349459959439415529354636614886500694506023255079823373,91790474865200416562498525223387195736004778541952759476953293702991209352845230506773341766471835481185571572235140157043225934157398559619371693860888447188748144001978514611594339471810299348783446801794220036396407380964251612645759456101262295721935493095278291895678614455197784652961018115949658419209,57745662696838303754303952465503228135078930819394673548775585096093512474118594638537980679427929033618503594855631276864271074749153391716985704043006635120113738881223783140512431675306017867810186495417036064170392661338259312054070420545443175282250796188844807847223002952495291671792316319261526203977,74932280401824987073956870313685377085306206587423235348665346009152728684240450812927074555554879023572849407016961782430835249861002565952666939003777340922054220851625176505153442063005452154788416303298829441483147485245199232639360652800187172042662155481290924850141197767078965685536829327773869523877,151358344215033244675875489778202324190602535755100062795559941742660074031432793530151212013764307368624092680307412309928239344375084702784223862577115959360359550888626830285200297868200193432953229394288774622849280647658223840091169768900707469559531106032962678397359686688885464319205469445395775505261,58689109871391516446867152324943075006307619674297402783356934482330092148515973708298623302336452436909987582230530380141926976193048683919739669740152340284783548654140031841997682049142230063299924009372163169151602233027862127015614058254349505308306391730351101028876962457506249662645940599043284890479,75861752129011706039232551442557324749632957472023260501544821732788259510015930776827063124846257933592600211419172200445500819665741080443558399298477165580569304097320488157982369509484537407955071525374169099071933569693698855275672496186292197585298047755984716638462181339492749181406670186116294083207,95346418806667240579084074666101586656652563700979849442906833893357500903462274404419599353579163690013564626109399908623932855557157233581946448703748443415302152330984340846031484190075840945839657868726300498034388094371265188156182339601979104590181781634872909781460522645431312963619475713195057529053,111263984476673436627489757275903278242507559263558167504820261180694675496975214444112803028740397579682261168188209236682419315487324285379489604372214244677171978542867983223205255696183564627476468236388981120865570003958834885830340089377367925355956102357809150294822256788916694056156982524732649022121,96342125779778036941833551361632436941989127906210900570779845131168275089639216016217308560788807120832119537472979904464676694024827555869317191603939804273190020844614998671864808084618549460537796585180744783403305042282594096501853485099449520451347637383758909023665498253598410753186362009460492830077,123521857465916800677857353280191063787794382070207831208108072146961113332349472274610835066727682678338330153931986264103329376246220375119477195903647449590640978718531623595252346576912612285734791871663640158415800617586885197074330899616507185403383799265717845801374846656401529390641443616981589591271,131405795868049704946945078209025643754825946515862168268539786167707046891586623717476673108436285639575419309084969446295535565904197185085776823271112656565198238246280988380382110403894156666473014985911785626169140414905488725615795364652211328520244008235414509954941587909513975543894548408022461287151,70967114730909286832264494950640090470702806737946498609585048455374288588521539757280256786923900427556094520842779667859333365003824139739221992299308163341116429010529334098884182035133381995880826298540167736908299468072146475041847885773746257305103221598524542443653591683985019129894558266194325182821,107979432465960445003549108683102634118917861056034954024622240724163563602890130060316628069849623795318199576811119794560257267198435021465634488362082571221559448800322437539178387390819167699914898519745802727807447711037649579119174492560260601959406822151422632429549878526990294167401411360169366398309,118859893624530448832013335940179713922013208072805796098733098460272093097271354351290476904722130296985679088987020794135009361338702308650147800222344594443187427748099291365938946361540610154000110289387874941903994296345375923386002742685159036859796319092682744673080262820281354319298093885235987771731]

keys = [0x0e5ca3996d4d52833fba5440babc94e7,0x2dbdc88f7f2bebe94b36a69490256199,0x48ff99f7b2f0a251e82bfa7bc118dc75,0x45dda3e9ed3ec45279b6933ae0912470,0xb7f8b7efcb7d53ab5b5d5341b28ebcf9,0x83ee88106bfc3eaa25f309172537199a,0xc591e04884dc8e8631a583938110f9c7,0xf47044d3bb1a40a55bffb5ecddaf0d4e,0x43097b95384857ff08e8e36bd39f698b,0x4a4ca62576c96c8d69d836fc776dfaa9,0xe55bce2c5aaebdcf01d57cc68410622d,0x5ca001b58777e98664eaae1ad8220232,0xc39cddcbf05c365b4032dc67229b3e3a,0xa425a611ade9ba3ba1a451a2d9fe2456,0xdadd467712016575703997666f3f00d3,0xbf1df5dcfea0c3003c1e5f5ac6b630f4,0x89a8e62570f5f9fd3c040cbbe2f622b0,0xf1d3f3fd5f91974d94ca3ff0e060b732,0x15064232cae07a44d708341827b71755,0x9ead7d780c28a08dcd3db25fdc1e1721,0x2518f98e75a410e875a699189b440c57,0xd2ca772517a24ae64c013db46398dc3f,0x4641c440dd9ab490cfc1c25ad1d4ea84,0xba36a834e0b23a8b3f7856e290450a74,0x68ddbdaefd255770a471a2800f81bbd1,0x29a81213a27abb9e13d4f41275890eef,0x5f8afaefe88dd9f332bbe325d188d11d,0x14d2fc0ae7cce869fc1878a0969c7244,0x6300b25b442ff56cc15e1fc945646e5e,0x1644fcb40ec74aed703220306b478c3d,0x907a7a47caf969c718b44e54cea6c42e,0xeddaaf1bccb6dd67ac1781c7e36cbcfa,0x67af580dc83e0e8d06970d6982b18488,0xfbc00646a750c0772e00a779dc640499,0x4b59a6299ecf9995db637dd5ac355d3d,0xc6fe36b67d3602e539a8dc4bac26fce1,0x054f117f446c46c0ec03db9e4a8719ce,0x789bc54dfccd4cfc54a5453e9b437383,0x412c3595c3819ffe120a1adf8fbf4767,0x5f4d42f12767609ccbcabef866b146eb,0x0f8a91f4b7381bc92bdf164b62af901e,0x6eba9838d7b29fbe2c9eb678be64352b,0x62c7de98d4d356cf98fe3197dea12b07,0xbb48197338892350ccdbef40c7bbbd37,0x946103d15e5e1057be426618d0ee1757,0xff7e9b48480011a6400b60f89ab84d6c,0xe0dc2bcaafaa374685412cf03c5d06a2,0x19f55b4b5bd22bb5e4239c19c30b507e,0xe73cc771b5a0b045dcb8bcc9d9551c22,0x8bd477e09914df7957418550c3eedfef,0x2c0d6a5071dca0c3330b84af90e5fa21,0xfbe827ff7e3d36abfd6727688fce2da2,0x98f9d97d799c62ddffcbd8c70190b3de,0xb4401d695a7b80e87c59fc360fc6de5e,0xf6f6c3d476007762395c47d8fdf194a3,0x225da128cf5a980e3f7904cca0e8f00e,0x78fbde1aa7971133df9604470d34f974,0x59f35b5356bd0947f6c0673b925ceedc,0x30477de85d3f1736728d59f2ea4c805a,0x8f3ce04aba1f90b014c590cdab4579af,0x983cceb87d51aa0377541a9e0314603c,0x9ed663f69a30a73550c9f3ffa37f7a40,0x0bc952b201239e2af6df79e7fa23b452,0x833441bbecb6274325e5f3baa6287d94,0x495d466577d26ba8feefcca7278df758,0xe29e274c75c82a965138985cd5fb00bd,0xf775fef3806682c41f0d0e6f13581213,0x7fc41ac15150ad455a2f03bcc57bcd9f,0x1db482d7523c0c01ee943447ffd7a434,0xc6daa3cc71e5ad8104d8dd15feec8ff4,0xa685dfb837c6833c84d6b0415bcd7a66,0x444ed64c18f1be3edc4529e67d204ec9]

news = [0x22004ab9b42734a1ebd9ca08fd3766f78ad2f865e6d8e490f9ef388a1002acbda09d2d081241794e1d7ca3dc67e04b6e4e06eb8a8104eed8b26f5b03dfeaf0144aac16a043cea741079bc6d1798836ad902aec6b012e138153902f51a4227d601bc11647bd2855e67fc5a08d3b420e6a62fdca68e8cfe40996fd91fe355bad08,0x1f680a1d5cdd60fa81d3a2de5545de056012d2d8c486fca4c427186ce4dddc03b87da0da2de6edfdbfa2c64d29a123fdc2a738a623cd06486c76a614e4d0c535d17537e896cfdf5ab7f01fcd52cc59ad58e6f172e9849e94b49a578115553e04a09acd75deb85e080b857ff7010771cb519a37bcc064c3f6af36918a774f86bf,0xd0e94f43affe96d0808eb00b97f50ad06256dcb68e744e96946e2797f2ed364da4a916d3fc5d6825b55318fd19211582e6664d0b608e8cda3ad38eb1447d67861e8de5f2282829abf54688b1fd40bd1bb819ab791b9a5e10d77f566182708d528d5fc40f789c7ea5f296e73ee48d98dea2861ac7f7c8050b467a6fc5cd94abf0,0xf1e1c0fe6c34302316b08978c2a20026bdfbd062b0f76727d96729f780b95eb1507d1c686e22e01c4187487bfa2709a18470ace5f347fd2b652763cd0cacd891efe68283a2b76b2cf1a90fbae5cbbf3173b2b4d4c93eb835b38837201c9a21c1b63b99bf8b9606e28d283a9398db5165b9f255cb16b1289fc589750f1cbc26ad,0xf394b0d2ed4dacb07bddf04be7c6cb430c3fffe3f1bfa9d94f611429c4d7b882673f0fbfdebfee0b4a53b13627e4ad9f25c3ebcd3c3de51990ffce0ab9e9b7b190fbd80d53da0f4a91e2f4731ba81975dc3657bbd31f99055b61202e4b7b52549b8d830c3f96072bf32be665390fd2a765f8752c82c76b6b479495b1ac3d9280,0x6843dbbf0c7871a6cdd088a7e022374db584bdcac87f0f70f87f960595d30808e813eef46275dcd1075976f6a94af3522c11cdb825003ce737eb2857e53351badcc2b4cb93560b6cb8c8bf901550c1ac1110d036131686a36bfecdbf2c959413016b3b9169646568836786ac215e8e1325607248e9af99c91cb897c2781d8f59,0x39f086a1cf5990a2ae5df143de7af5e45f33e6a3a5537298b448f24d9092db1121b8e134c7f5a648de2fdfd9091d4f6cd33bebb631f39c4a68d3983d3ac0f76ef345d3836c96dfebf1b4ca557bdb1c4b0d6c48d01bd59066fc8651d2011d0bcd0309e43bea55828631e90dcc8818ba15bd4347239e1299ef1215df7426bd03bf,0xefa9b0aa39b79fe066f4d27fe960e835b39e054023946045c26a58e39963563edf2560bd78acf561a6c14ae1210df552fc7558821cbb8d2f3115b40aabcae16e6c58b5124bf474dad5ee7b0c9dd9ee711dfdf56f284a57f6bf22ac6447d88fb9b4bd75f30d2c1f6cfeb952ac6171cfde1730d128d752f548df7e40dfce0e4f29,0x47c9a3c158574175f410e4e596b1a25b7c44558a0c087d18a2a4183438750f79115eb8bde7a04040d4d306f4d3aa00320614f84fa1b7acd12a6e5219ee1dc8911ac6b013aea175d14ae960f9a2ed8cc0e521dca42521f32af9e0bbdd19626f12b753d81095270f968764444c54342f998ca69eb37d3ef2789fbda9994f53b386,0x029276b1916aeda79d21fa348b73bddc0e8be3a9857d3b84dc3afc9f0ec8cb781c0fb6f99c1e9baf51aab1faf906afd3ae72231243de2e4a52d25c4edc7aaa10d0e3be55f81d72644fc0df1f1ccf0929f496c2792f99ea1bf6f3663d4a696dcfcd900a9a3fa7cc12753fa99c188d9329b96f2ba527079c966d195d88dfe54c67,0xb774dfe29ee526af48bdc72b8942af3399580bb6f3bb2e802432ce578a63bf8323749660a22a73b99fe56a4b74c6e600b5f7a2d7921234f2a3e757777b8b99efabae00f401d4dc23588480ea71a3e940fab74ceee942652e7e33dcc6fa601e492657dec4c413231d4e1524ee6d9629d8a1b444f427c4bddc0939fc91a7ace0cd,0xaaa6c479a07fe88bd6f43880d6f7d1cce273491b8e0ba56f6bcba855d2658bcaba56f8493f935bacc5c56fc1d33568c4de097d8cc9f692bbe1459440a82e04a5a701d837c0a9f5190c1be93628025cedfd8ab960beda62200ca4360bc161804c8592215252bf95e24729c97160370c91b4e56e17a9cbef091aba0d6c576d42bd,0x9807d0ee7fb4d7e513df9bce5ef427cc728b46fb8c583533169e5ea094ecb1e3be75cb5ed7e311d89f09f4325a00df097301699b80fb20e6651a643e5fcc6c4cf0db1035a719c5fa83848d72634f17693de5d3c8b286fd837d07c9f0a835824cf7e012b092d6df8d6ade536c068e0d493eec8c21e892a671bb8aacaa0990064a,0x6f22bde5b68e4bc123a0a14771b5c515527c95c9dacff0b0ab5b932bbf280336ab2125028370166fba401ff45955826b4011a6235e6b239923b056de389e2e177fc410afe03ae0da927ad9d5e63491d5310dd672ca94ee42277fec96a679465c164a8f3f8dbff4561a0d6d62114c86e125ea2a4a42537438d8ceed81cee6a8f6,0x3696e270e111e51ac6d75becc205a84ceb38dcece565e5bac9841ce552b68ad0051f6ba315f311c603646c4de25ee4c570d6f9b5f32a33790e34156fd4597ed427c7ffb3fd83db46e72718256e56c49b275dff1770189097aa23190f51eec7d38f7e870aa8da5e59f65a49c051845775d94abf611392617911c102f3de84c6bc,0x562493ebb7d11fe13975d834f016268f3c65acf63fe648d9cc06bff731d3aae77eb2a2c5d9ad27deed5b46667fe93b7e61a6fd216991b913e94abd54b2dfcc5610f5189b8622ccbd8663a4710a2bdef7cea7c3615af5a0fde24618dd28ef1bcee8aeaa2bdb174e617dac6fbcac809ffd4c4adec3a26d016549751220943d0d9a,0x80726f383e26ef91cba57fc24733f1c8316eac7d7c68130cd48ff672923b7a1b68c091eb985103685145df8e33d5ee3c325f2b4dd015203388830c13b412ed4c14728c13d10d05f9b1ecada1dce5881d30c76c27d7b29ebb42b9d2daa05ed7610f374910be32e6e863777a989d1d1e95bd76b1d105cad20f35dd878c7d4642cb,0xadda2d943f5b6da562d25ba8d7ad02b6effb41b3f568ecf662c1eb57f8e165cfcaf4b71270a3620f7bdeee48da561920485bf603efe449522d2d5e482142199b299b48d83c8c17091b7bb7cc263e731880c17c73649043755808857a07f7b59888e0c21816e416fff4990e6a80fa02d0496e427beeea3e9ed237b5db97273238,0xe4ebe13aa9e2d97b26579031a86b45ba4f44e53c4661c5f2cc4ec9069e9b92f51d41f3ba19a0a4483822ac0bc18af636c7dcc9065e123853efc20611a265643cee8400f3e5a8cf6f072154d1542b9b8513decfe9bdd0f9e10f3719c2ccdd8d45071d44bf6e0b93f3afccd156fa0fd5117f5007bc1b517df46c621bef960a3052,0x154a41666d2cb74e186f7bf673fc29f64efe88c00592ff768dac4b25f2fb6583e84545abf9d79fdda43457bb842732c09dc949ebd01bdcf06801ed19d9b2165409b7e34e2637a618c4d4cc5da330ae54935aa4ea6e85d3bd0b4dd3f6590954dc1680675d91d01559f4705cf73c4465b5054c750143d2f20fb33748b9c5857de8,0xf79487ca5b7e6b365ecbf81f3f9c65051886f3929eaddaab74af53a2b0892c8f8aeb75be423337a7876412acd503f48de8cab7526168d9cf0b2f09d8276139e0804ba3708fb4b585fbfc0330ecc6e5e22da2783714777451870c90fc637839b0e6816be8587ed677f3bb10c3478ad509c4ba9fc4d25dbf8d259abe1dc4b22021,0x869cb333a5072a42852fe63905f149a1b6a64444429e3f6f63352faf3c65b701ff545ec70790e3edd8bda9fd48914fb4271d95536a814157add96d2c698a17466e1d1a769cfc3ca9b43a0fda87751cb0d2950537708a5269e9b2d195b89039ca53012bcf54eb161bff6f437e377f976493de42f3885eac3e5964810f59e5c577,0x824ed0a8e1e1a22195f912a7ef7fd514c6eddee915e1f62a0a1e528b4afbda4e0d86cb699e09919a93d28a98ae34afba95b85305427655e4baff05a073c72ebdbc42e5152fbe18e7ae71123ca072b875f7de2376b4dd93aa9c39742217e11e57bfe0a3fd535a3379f30a3f6906fe3a7a7f569f1505a53a8a5d0175fc773df92e,0xc89dbd58c1d6142ca9846a2cbac25291e7c9d129243d56ab59e274c0ed2826b3afda5bac53279c223a81e6840945c85d4af41f32c8de6902ecc75328dbf5ce647473c42abe50a16cf68dac04bb2eb54ece759103ba015383a2dd5118edf551ba9c7e1b85161d82a1bec873e5942e2f1a175a99c107c5bf50a12d3d41b317dd95]

# Get states_2
states_2 = []
iv = b'\x00' * 16
for i in range(48, 72):
    cipher = AES.new(long_to_bytes(keys[i]), AES.MODE_CBC, iv)
    states_2.append(cipher.decrypt(long_to_bytes(news[i-48])))

# Get states_1 (c)
states_1 = []
for i in range(24, 48):
    cipher = AES.new(long_to_bytes(keys[i]), AES.MODE_CBC, iv)
    states_1.append(cipher.decrypt(states_2[i-24]))
cs = [bytes_to_long(x) for x in states_1]

# Broadcast Attack
def brd(ns, cs, e): 
    r = CRT(cs, ns) 
    m = int(r)^(1/e) 
    return m
m=brd(ns, cs, e)

#66869997917800083972572187953062445239249136563973495502684696601787248828812

最后一步就是进行有限域开方,计算原理其实不复杂:
GF(2^m)开平方
但实际情况a的迭代指数并没有那么大,迭代一定的次数k就可以找到 ( a k ) 2 = a (a^k)^2=a (ak)2=a即得到平方根,参考之前遇到过的一题bbencode解题脚本,python3.8运行很快出结果:

def bbencode(n):
    a = 0
    for i in bin(n)[2:]:
        a = a << 1
        if (int(i)):
            a = a ^ n
        if a >> 256:
            a = a ^ 0x10000000000000000000000000000000000000000000000000000000000000223
    return a
a = 66869997917800083972572187953062445239249136563973495502684696601787248828812
s = 66869997917800083972572187953062445239249136563973495502684696601787248828812
while True:
    if bbencode(s)==a:
        print(s.to_bytes(32,'big'))
        break
    s = bbencode(s)
山猪儿烦不得
关注
  • 1
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
cipher java 长度不变_RSA加解密的java实现(及中途的各种异常情况分析)
weixin_39612220的博客
02-13 1339
RSA加密算法是一种非对称的加密算法,主要包括以下知识点:1、密钥对的获取:主要涉及到两个参数:秘钥格式、秘钥长度(1)常见秘钥格式:PKCS8(java适用)、PKCS1(其他),如果不是java平台生成的秘钥,有可能报以下错误:java.security.InvalidKeyException: invalid key format //秘钥格式不合法(2)秘钥长度:1024、2048(越长越...
CommonModulusAttack:当使用相同的(N,e)rsa和明文中的模数和公共指数相同且不填充
05-12
在RSA中,当在rsa中使用相同的模数N和不同的公共指数e时,明文M相同,因此不进行填充。 如果我们至少有这样的(C1,E1,N)和(C2,E2,N)对。 该工具可以有效地找到纯文本M,而无需任何私人信息。 如何使用 工具 在命令行参数中输入argv(整数)#第一部分 输入argv作为文件 . / commonmodulusattack . rb - i "(C1,E1,N1),(C2,E2,N2),(C3,E3,N3)" . / commonmodulusattack . rb - f "(./test/cipher.txt,./test/pub.pem,./test/pub.pem),(./test/cipher1.txt,./test/pub.pem,./test/pub.pem)" api通过在第一部分中调用new来输入参数通过在第二部分中读取文件来输入参数 # ==
BUUCTF [GXYCTF2019] 禁止套娃
nareku的博客
06-29 1389
这题对我这个小白来说好难理解,慢慢补坑吧。PHP很多常用的函数都不是很了解,命令执行也是呜呜呜感觉学得还不是很精通。打开题目,只有如下:看源码也没有什么东西,常见的信息泄露:robots协议,备用文件,目录爆破,.git泄露都试试(看其他师傅的wp:也可以扫描后台,不太清楚为什么自己实操跑不出来有点奇怪),最后发现是.git泄露使用GitHack工具,py脚本跑一下得到后台源码: 得到的源码会留在工具所在的文件夹内,查看里面的index.php页面源码 解题过程: (一)在上面传送门的那个师傅的博
[GXYCTF2019]CommonModulusAttack
m0_57291352的博客
08-21 375
[GXYCTF2019]CommonModulusAttack 题目 old.txt -1029728314 1487023297 1423989849 1599108224 -1105891682 -155445570 1810855967 -86576152 -699473878 148445908 2098722170 1844125436 1326761031 552466959 -2003932646 -743304688 1450367769 1947341463 -1847355229 11
使用java实现AES加密以及解决javax.crypto.BadPaddingException异常
热门推荐
GalenGao
05-14 1万+
公司最近做agent项目,需要对一些远程重要的请求参数进行加密。加密之前选型,选择了AES,而DES算法加密,容易被破解。网上有很多关于加密的算法的Demo案列,我发现这些Demo在Window平台运行正常,然后再MAC下就一直报错,现在选择网上常见的AES加密算法如下: 一· AES加密 /** * AES加密字符串 * * @param conten...
关于android端和java端的javax.crypto.BadPaddingException异常问题总结
Hank-Android
06-09 9902
关于javax.crypto.BadPaddingException: Blocktype异常的几种解决办法 转载请注明出处 1.异常描述:最近做项目为了增强数据传输的安全性用到了RSA加密。即android客户端将要传送的信息,用私钥通过RSA非对称加密算法加密后,传到服务器端(PC端)。服务器端用对应(密钥)的公钥来解密时解密失败,抛出“javax.crypto.BadPaddin
crypto-js4.1.1版本,js在crypto-js文件夹里面
03-10
《深入理解crypto-js4.1.1:JavaScript加密库在前端安全中的应用》 在现代Web开发中,数据安全已经成为至关重要的环节。特别是在JavaScript环境中,由于其代码的开放性,如何保护用户信息不被窃取或篡改成为了一个...
小程序 crypto-js下载
02-24
小程序 crypto-js。 CryptoJS是谷歌开发的一个纯javascript写的前端加密类库插件。 目前crypto-js已支持的算法有:MD5、SHA-1、SHA-256、AES、RSA、Rabbit、MARC4、HMAC、HMAC-MD5、HMAC-SHA1、HMAC-SHA256、PBKDF2...
crypto-js.4.0.0
01-15
此资源为构建好的crypto-js.4.0.0版本,下载后可直接使用Script标签引入所需加密算法。支持:MD5 SHA-1 SHA-256 AES Rabbit MARC4 HMAC HMAC-MD5 HMAC-SHA等算法
crypto-js-4.0.0.tar.gz
07-20
《深入理解crypto-js 4.0.0:加密与安全的基石》 在现代网络环境中,数据的安全传输和存储已经成为至关重要的议题。crypto-js作为一款强大的JavaScript加密库,为开发者提供了丰富的加密算法和功能,使得在浏览器端...
sm-crypto-master.zip
12-17
国密算法SM2公私钥加解密及签名验签以及前端js sm-crypto,附件说明及参考及测试方法;
Android AES加密报错处理:javax.crypto.BadPaddingException: error:1e000065:Cipher functions:OPENSSL_internal
代码笔记
07-13 1210
Android 报错:error:1e00007b:Cipher functions:OPENSSL_internal:WRONG_FINAL_BLOCK_LENGTH,javax.crypto.BadPaddingException: pad block corrupted
关于“javax.crypto.BadPaddingExcgException”问题的解决方案
xiaoyi52的专栏
08-10 1490
在之前的blog中有一篇是关于找不到AES/ECB/PKCS7Padding问题的解决方案,提到过需要引入BouncyCastle组件,然后顺利解决。 后来在实际中又碰到过javax.crypto.BadPaddingExcgException异常,出现的场景是客户端通过rsa公钥对敏感字段进行加密后,服务端用私钥进行解密时报错。这个问题实际上也是跟BouncyCastle有关的。 这里对Bo...
javax.crypto.BadPaddingException: Given final block not properly padded. Such issues can arise if a
Horse7的博客
07-06 1720
背景:项目中使用微信小程序获取用户微信步数时经常失败。查看log中时发现了大量的微信步数解密失败的日志。 解析微信步数失败,更换解密模式重试 javax.crypto.BadPaddingException: Given final block not properly padded. Such issues can arise if a bad key is used during decryption. at com.sun.crypto.provider.CipherCore.unpad(Ci
java rsa nopadding,在Java中使用模数和指数进行RSA加密
weixin_33158374的博客
02-16 634
I'm currently doing RSA encryption on Java and I have to use private and public modulus for the encryption. I currently Have the following:private void createPublicKey() throws NoSuchAlgorithmExceptio...
SM4加解密
c1052981766的专栏
08-19 3529
基于开源项目:https://github.com/ZZMarquis/gmhelper @Test public void test(){ String str = "adf4976d917a07e0513dce45b6981919"; String miwei = "{\"你好\":\"2020\"}"; String abc = ""; byte[] cipherText = null; byte[] decr
关于javax.crypto.BadPaddingException异常
hhj724的专栏
05-23 9346
关于Linux操作系统下AES解密失败的异常如下: javax.crypto.BadPaddingException: Given final block not properly padded. Such issues can arise if a bad key is used during decryption. 由于windows上每次生成的key都相同,但是在solaris或部分li...
企业微信会话存档解密失败 Message is larger than modulus
weixin_42837814的博客
07-06 1118
然后就一直怀疑是私钥秘钥有问题,如此反复几次还是一样的问题,几近崩溃。最终远程debug发现靠后的消息可以正常解析,前面的几条消息解密异常。然后调整拉取消息的序列号到最后一次配置次要秘钥的时候,重启服务拉取解密正常。通过检查发现配置的私钥格式不正取,不是RSA格式。问题原因: 切换公钥旧的消息还是用旧的公钥加密,用新的私钥解密就一直解不了。
关于javax.crypto.BadPaddingException: Blocktype错误的几种解决方法
mhx123456789的博客
10-06 731
关于javax.crypto.BadPaddingException: Blocktype错误的几种解决方法
已知有个vue文件需要用到crypto-js下的core.js crypto-js/enc-base64.js crypto-js/cipher-core.js crypto-js/mode-ecb.js crypto-js/aes.js 等文件,如何导包?
最新发布
12-06
你可以使用以下方式导入crypto-js库中的文件: ```javascript // 导入core.js import CryptoJS from 'crypto-js/core'; // 导入enc-base64.js import 'crypto-js/enc-base64'; // 导入cipher-core.js import 'crypto-js/cipher-core'; // 导入mode-ecb.js import 'crypto-js/mode-ecb'; // 导入aes.js import 'crypto-js/aes'; ``` 以上代码中,我们首先导入了crypto-js库的core.js文件,然后分别导入了enc-base64.js、cipher-core.js、mode-ecb.js和aes.js等文件。在导入enc-base64.js、cipher-core.js、mode-ecb.js和aes.js等文件时,我们并没有将它们赋值给任何变量,而是直接导入它们,这是因为这些文件并没有导出任何变量或函数,它们只是向全局对象CryptoJS添加了一些方法和属性。

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值