攻防世界 Crypto进阶 简单的rsa

最新推荐文章于 2024-01-15 20:35:04 发布
最新推荐文章于 2024-01-15 20:35:04 发布
阅读量3k 收藏 6
点赞数 3
分类专栏: Crypto-RSA
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/jianpanliu/article/details/106482642
版权

1、题目

#! /usr/bin/env python
# -*- coding: utf-8 -*-

from Crypto.Util.number import getPrime, long_to_bytes, bytes_to_long, isPrime, getRandomNBitInteger
from libnum import invmod

def destory(x, num):
	while True:
		dt = getRandomNBitInteger(num)
		r = x ^ dt
		if isPrime(r):
			return r

flag = "xxxxxxx"
flag = bytes_to_long(flag)

p = getPrime(2048)
q = getPrime(2048)
n = p*q
e = 0x10001
phi_n = (p-1)*(q-1)
d = invmod(e, phi_n)
print "n: ", hex(n)
print "e: ", hex(e)
print "d: ", hex(d)
print "Destory q, p"
new_p = destory(p, 900)
new_q = destory(q, 900)

new_n = new_p * new_q
print "new n: ", hex(new_n)
c = pow(flag, e, new_n)
print "enc_flag: ", hex(c)

'''
n:  0x73cec712124b33c0294e01eb52e8c3cd2fe9ddbcbf457b3b950360063dfae42cbbe9855bd986bcfea0948fadfb252f5e2ff3c982ff47afb6596a496636f1fc5ecfe9f5db7620b23fe9e30d230aa9299ab9a78bfb5e0630fd1149259b2b2104ea65d2e27b89785e4bf01d0594d9f94575cbcc3383f63c5aabe4d5b48eb761cce3ab21689b3f3155b5f15efee240d5ac149318ff80bd72a75fccdc57402aa197b472d98758019df8e9edb31bda82967dc66bcad845df824775eeb66ee304664d7929e8405122f9b0a5406887729dbe9760eb62dd7018087723c07c07082d1d51035fb211a9fc6d8fb5b3ee5bb91af5e3d0b89addce289041a5683a1fe7dc06a3bae283062ba3febdd987b5ac9b9a8ae4b8b02b804accc0a413bb144680fd8d0d8d8bebe176e5a9121f7653c31ede984d234ccce50e688f7048a0bfdfc84004c006ae912c4d4e514c200883e8dabaeb4bf57a5f628eb4bd2e6688d9b7688bc3eed4ce03831be5044dedbd5fddc43a3274b26c990a0e444fcf4a607de59c4906dfd1ea111920c38b4a365c5838e9cf1a22b146aa7afbc6e2e29ebe35aee4bf4d2fbe186c0f359c71f80b8f6298ad38619168d5986a857f558017c546d6df896c690896601aabd48398e957b77ef0e15d6cda339050b74cda3328c34c889306d089efc95ff467a4a775d3e104642cd9819f002b5db8c5f39b4e8d1a83007276b8a0b7L
e:  0x10001
d:  0x37f2646fd190ad1e9f95c50d97cf4590a21e1c766bfd382cafafa2bb41442ce9839aac47944e288de6abfec1b17be4675f492a47f3e600f85a3823df9299d32f46c8a372f39d961f9471914e257f55cf1ef3d7878783fc34b61e1d61da332879c8d9597b0f0dac988916ac349e1d73b615cfbfef778ceeccee4f63dc32b1b7d7213c9199b6acb1d8a5141c94d777a29b89f8e0aea457788eaa9ca43626a24c74ebab355c89e3747626d4899745d148500c91416c782f2b30c9332f5cd32a4d3144d2a407ce9acc00f99dc619d425586285350cff734cdba9d4fad636d7fcbabfa382965005d8343e36ffe72604e557bae5044435ad990b6dca6d922e64387cee4abc0574d2eeeb42dda977be1e1064f6a6b00e78db75a7bf8e6e0c2ac3c6a52b2e6670cad3c907d990e53a7a311ef7b097c7644ff6f2bf96573e47d33031eeabf22620bdbc254a8fff8b0fa6f90d320c45e8d9094c26401f78560e16f77d6e09bc219c9849f1b68dc84ed36eb0cec7df16c4672c16a6b704ef2185ce04539f08688b72d48f9491e55be0095ee74f9622e8ae6835381e2efcd520cd02d1eeeb09bc11ab75bc903053102bc92718f2bf8691561a40026e53e950674f712aaef8cc69360df54c1af8b1f4aef997371b8a108e9b193a51002fe8d61f3991153e7ebd9593d68cd03b2f252c3d9d7a5bf802dcd150bd86028bd3b07cb415b767d716c1L
Destory q, p
new n:  0x73cec712124b33c0294e01eb52e8c3cd2fe9ddbcbf457b3b950360063dfae42cbbe9855bd986bcfea0948fadfb252f5e2ff3c982ff47afb6596a496636f1fc5ecfe9f5db7620b23fe9e30d230aa9299ab9a78bfb5e0630fd1149259b2b2104ea65d2e27b89785e4bf01d0594d9f94575cbcc3383f63c5aabe4d5b48eb761cce3ab21689b3f3155b5f15efee240d5ac11cee2acbd019de7c06f607ea618b5cd735b5a6972d2b446a12ff58cf8314822fa5ea09d0963acd00441b2a1b37aca01d7f39052927db98a0bd5ca1c49a7ad67923e3aac30ecd33cc8b4b30a40cdb3acc721ee5da53a02977cee959affe672a668525eb78df96af0a14f4ac04fab68efa8eabe9535e1064a5fc2ff7cac9520210311db0c3bf91101bc55a67a81e4f69364c724ee6ad6bdc301df642c9392e9befa4ff0d65481adb6feac251cd207044587da9710809700246cb3c63e659a97249f5e7418568e37db2fb2c1115e719d6682bb2e89b4e23d40ba4c532f289e10e0b89a5647c486a09b9e376844171b229d74f871004d4945a702a391a04ac704f43809e972891e6ab33b3c0f03f0b6f9ae005b26be6e647a1865c727277423f59a595187ffbfea13501e23b6b57ef115eaa6febcb207a3112628652a39578847241c33989e84607b0f683b30ddf773348b07360b063d9120a397809591ca18a04cd32ad9cbfe0494ed3ae8d2c5b43fdb51cbL
enc_flag:  0x3b0487110b2d61683fc9e65717d6431281c25ceda38915c9c2ff16013066e8cbe9d5f6c1f05988333d96e861f1b216f85d537aa70f603b3d20487a18c5e0d3a03556be88f984f508803f4bb25300149e805204c91f7aea038e545cf588a29bcb20113f81b16d9aacdbd820aa48615a5227ab2f329423da0a254c8f318dff4a7b75cf48e5ac18abc2975fee111ee56297fd7778b49320f6427227f21c08391d7429c49b399c366db38467a339229048e50735dff071bf89dbbab22997071a6b5a16935f5b65032f2cefb9c670cddd1470f6bf16d7c46d0fff22b82b2c1d867f4faa60e5daaad35a15ac0413a17beb5371a06f22c646336ae5e5738cfc5e997860056fb8bf1e02f27031ecd2b7983df510c4cdebbc644ea49e99e2376b89a90be8c89e4995c6689cc39d01fcc8ffef416e49684c0a01fdffab4613cb8eddbfa9e14d9b2daca6ad57c4e440a049d04b915ecfd64095c549bb9d22fb502a740a7373c1961c8cb7a58604bcbca3e5a97e28d5f498061db7cfbf07085ec84f47856e88992ab08870cbdb050431260861d0bcc9bbdf9a4164b8581f1f67e86ab854db1769418e300d73cf902509c76969473d0ee1b70c3b24085942fa9782507b359ffe049b18832610b4555b9bfe8eeae14cec53ab21881475f81069a6a33d6e38e3825eeb13874da8f0c91160712090a092286ea3838d88020e459f795783ad099367L
'''

2、分析

1加密过程:加密函数的大致过程是先生成两个2048位的大素数p、q,计算出重要参数n、phi_n、e和 d,再通过destory()函数产生新的p和q,并计算出新的n,最后再通过new_n对flag加密得到enc_flag。
2已知参数:题目给出n、e、d以及new_n,已知信息还是挺多的;通过其中的n、e和d(关键,一般题目不会给出私钥)就可以通过脚本计算出p、q。
3求p、q,脚本如下:

# -*- coding: UTF-8 -*-
import random
def gcd(a, b):
    if a < b:
        a, b = b, a
    while b != 0:
        temp = a % b
        a = b
        b = temp
    return a

def getpq(n, e, d):
    p = 1
    q = 1
    while p == 1 and q == 1:
        k = d * e - 1
        g = random.randint(0, n)
        while p == 1 and q == 1 and k % 2 == 0:
            k /= 2
            y = pow(g, k, n)
            if y != 1 and gcd(y - 1, n) > 1:
                p = gcd(y - 1, n)
                q = n / p
        return p, q

n = 0x73cec712124b33c0294e01eb52e8c3cd2fe9ddbcbf457b3b950360063dfae42cbbe9855bd986bcfea0948fadfb252f5e2ff3c982ff47afb6596a496636f1fc5ecfe9f5db7620b23fe9e30d230aa9299ab9a78bfb5e0630fd1149259b2b2104ea65d2e27b89785e4bf01d0594d9f94575cbcc3383f63c5aabe4d5b48eb761cce3ab21689b3f3155b5f15efee240d5ac149318ff80bd72a75fccdc57402aa197b472d98758019df8e9edb31bda82967dc66bcad845df824775eeb66ee304664d7929e8405122f9b0a5406887729dbe9760eb62dd7018087723c07c07082d1d51035fb211a9fc6d8fb5b3ee5bb91af5e3d0b89addce289041a5683a1fe7dc06a3bae283062ba3febdd987b5ac9b9a8ae4b8b02b804accc0a413bb144680fd8d0d8d8bebe176e5a9121f7653c31ede984d234ccce50e688f7048a0bfdfc84004c006ae912c4d4e514c200883e8dabaeb4bf57a5f628eb4bd2e6688d9b7688bc3eed4ce03831be5044dedbd5fddc43a3274b26c990a0e444fcf4a607de59c4906dfd1ea111920c38b4a365c5838e9cf1a22b146aa7afbc6e2e29ebe35aee4bf4d2fbe186c0f359c71f80b8f6298ad38619168d5986a857f558017c546d6df896c690896601aabd48398e957b77ef0e15d6cda339050b74cda3328c34c889306d089efc95ff467a4a775d3e104642cd9819f002b5db8c5f39b4e8d1a83007276b8a0b7
e = 0x10001
d = 0x37f2646fd190ad1e9f95c50d97cf4590a21e1c766bfd382cafafa2bb41442ce9839aac47944e288de6abfec1b17be4675f492a47f3e600f85a3823df9299d32f46c8a372f39d961f9471914e257f55cf1ef3d7878783fc34b61e1d61da332879c8d9597b0f0dac988916ac349e1d73b615cfbfef778ceeccee4f63dc32b1b7d7213c9199b6acb1d8a5141c94d777a29b89f8e0aea457788eaa9ca43626a24c74ebab355c89e3747626d4899745d148500c91416c782f2b30c9332f5cd32a4d3144d2a407ce9acc00f99dc619d425586285350cff734cdba9d4fad636d7fcbabfa382965005d8343e36ffe72604e557bae5044435ad990b6dca6d922e64387cee4abc0574d2eeeb42dda977be1e1064f6a6b00e78db75a7bf8e6e0c2ac3c6a52b2e6670cad3c907d990e53a7a311ef7b097c7644ff6f2bf96573e47d33031eeabf22620bdbc254a8fff8b0fa6f90d320c45e8d9094c26401f78560e16f77d6e09bc219c9849f1b68dc84ed36eb0cec7df16c4672c16a6b704ef2185ce04539f08688b72d48f9491e55be0095ee74f9622e8ae6835381e2efcd520cd02d1eeeb09bc11ab75bc903053102bc92718f2bf8691561a40026e53e950674f712aaef8cc69360df54c1af8b1f4aef997371b8a108e9b193a51002fe8d61f3991153e7ebd9593d68cd03b2f252c3d9d7a5bf802dcd150bd86028bd3b07cb415b767d716c1
p, q = getpq(n, e, d)
print "p: " + hex(p)
print "q: " + hex(q)

4coppersmith高位已知攻击
得到p、q后我们还需要知道new_p和new_q,分析函数destory(x, num),函数算法是生成一个900位的随机数与原来2048位的p和q进行异或,将新得到的素数作为new_p和new_q;因此,new_p和new_q与原p、q的高1148位相同,只有低位900个bit不一样,通过已知高位攻击(大佬现成的exp)计算出new_p,这里还是把脚本贴出来(需要使用sage):

n = 0x73cec712124b33c0294e01eb52e8c3cd2fe9ddbcbf457b3b950360063dfae42cbbe9855bd986bcfea0948fadfb252f5e2ff3c982ff47afb6596a496636f1fc5ecfe9f5db7620b23fe9e30d230aa9299ab9a78bfb5e0630fd1149259b2b2104ea65d2e27b89785e4bf01d0594d9f94575cbcc3383f63c5aabe4d5b48eb761cce3ab21689b3f3155b5f15efee240d5ac11cee2acbd019de7c06f607ea618b5cd735b5a6972d2b446a12ff58cf8314822fa5ea09d0963acd00441b2a1b37aca01d7f39052927db98a0bd5ca1c49a7ad67923e3aac30ecd33cc8b4b30a40cdb3acc721ee5da53a02977cee959affe672a668525eb78df96af0a14f4ac04fab68efa8eabe9535e1064a5fc2ff7cac9520210311db0c3bf91101bc55a67a81e4f69364c724ee6ad6bdc301df642c9392e9befa4ff0d65481adb6feac251cd207044587da9710809700246cb3c63e659a97249f5e7418568e37db2fb2c1115e719d6682bb2e89b4e23d40ba4c532f289e10e0b89a5647c486a09b9e376844171b229d74f871004d4945a702a391a04ac704f43809e972891e6ab33b3c0f03f0b6f9ae005b26be6e647a1865c727277423f59a595187ffbfea13501e23b6b57ef115eaa6febcb207a3112628652a39578847241c33989e84607b0f683b30ddf773348b07360b063d9120a397809591ca18a04cd32ad9cbfe0494ed3ae8d2c5b43fdb51cbL
p_fake =0xc9c18c5bc8ca981badeaf82992ea66f77858a323cfd384f9ccb9de51ba027630e4a5472d9328ee97be4c42af5594b385910f879a0bd54984f1bb66e85eb10917fd192f94d1ec2714ee8c6bd44615da6cc8a312b2e82a7c7c3999aabf887df80ecee929a23cf5a407f672e9dca6390e0dc3758fc940cd250daedf5e79880e75270083dfbab0846c1cc153be6e7737e8ed994490ad71ccfa06644d979e97e896145122fc9cd682369f3073221a2d822758a96ea399cb67ceb9f11ef2db881974b55234d749dcde0841ef254423ef41cbaaf1b58de43120e623edddfaf35dbc24216849f0d388800149cad287fc4f6e92925b9fbcbbbf2d9bd1019841c117311ea1

pbits = 2048
kbits = 900
pbar = p_fake & (2^pbits-2^kbits)  
print ("upper %d bits (of %d bits) is given" % (pbits-kbits, pbits))
   
PR.<x> = PolynomialRing(Zmod(n))  
f = x + pbar
   
x0 = f.small_roots(X=2^kbits, beta=0.4)[0]  # find root < 2^kbits with factor >= n^0.3
p = int(x0 + pbar)
print('p = ',p)

5、最后就是常规RSA求解:

import gmpy2
from Crypto.Util.number import *

new_n = 0x73cec712124b33c0294e01eb52e8c3cd2fe9ddbcbf457b3b950360063dfae42cbbe9855bd986bcfea0948fadfb252f5e2ff3c982ff47afb6596a496636f1fc5ecfe9f5db7620b23fe9e30d230aa9299ab9a78bfb5e0630fd1149259b2b2104ea65d2e27b89785e4bf01d0594d9f94575cbcc3383f63c5aabe4d5b48eb761cce3ab21689b3f3155b5f15efee240d5ac11cee2acbd019de7c06f607ea618b5cd735b5a6972d2b446a12ff58cf8314822fa5ea09d0963acd00441b2a1b37aca01d7f39052927db98a0bd5ca1c49a7ad67923e3aac30ecd33cc8b4b30a40cdb3acc721ee5da53a02977cee959affe672a668525eb78df96af0a14f4ac04fab68efa8eabe9535e1064a5fc2ff7cac9520210311db0c3bf91101bc55a67a81e4f69364c724ee6ad6bdc301df642c9392e9befa4ff0d65481adb6feac251cd207044587da9710809700246cb3c63e659a97249f5e7418568e37db2fb2c1115e719d6682bb2e89b4e23d40ba4c532f289e10e0b89a5647c486a09b9e376844171b229d74f871004d4945a702a391a04ac704f43809e972891e6ab33b3c0f03f0b6f9ae005b26be6e647a1865c727277423f59a595187ffbfea13501e23b6b57ef115eaa6febcb207a3112628652a39578847241c33989e84607b0f683b30ddf773348b07360b063d9120a397809591ca18a04cd32ad9cbfe0494ed3ae8d2c5b43fdb51cbL
new_p = 25469341510015610710601677541490068882874022771473379147959682877979811860690835905177575433486769235926750944378553837429714908846121392087707617153368450157831411033840331452402635316893579428297241392591768100008774205252294780519995317089863801331600746389471563346749402400584048767782402832414560955794979239140648096754408560344380360521296949892303389907769736015934314142003630949305013818258320986061050152391749744927750414406456844331212916757252664106717050422177732254023115330564252024804793822784448052701331761297133645421217718332137034826156560496020813364370285769780848619094541636625925906815949
enc_flag=0x3b0487110b2d61683fc9e65717d6431281c25ceda38915c9c2ff16013066e8cbe9d5f6c1f05988333d96e861f1b216f85d537aa70f603b3d20487a18c5e0d3a03556be88f984f508803f4bb25300149e805204c91f7aea038e545cf588a29bcb20113f81b16d9aacdbd820aa48615a5227ab2f329423da0a254c8f318dff4a7b75cf48e5ac18abc2975fee111ee56297fd7778b49320f6427227f21c08391d7429c49b399c366db38467a339229048e50735dff071bf89dbbab22997071a6b5a16935f5b65032f2cefb9c670cddd1470f6bf16d7c46d0fff22b82b2c1d867f4faa60e5daaad35a15ac0413a17beb5371a06f22c646336ae5e5738cfc5e997860056fb8bf1e02f27031ecd2b7983df510c4cdebbc644ea49e99e2376b89a90be8c89e4995c6689cc39d01fcc8ffef416e49684c0a01fdffab4613cb8eddbfa9e14d9b2daca6ad57c4e440a049d04b915ecfd64095c549bb9d22fb502a740a7373c1961c8cb7a58604bcbca3e5a97e28d5f498061db7cfbf07085ec84f47856e88992ab08870cbdb050431260861d0bcc9bbdf9a4164b8581f1f67e86ab854db1769418e300d73cf902509c76969473d0ee1b70c3b24085942fa9782507b359ffe049b18832610b4555b9bfe8eeae14cec53ab21881475f81069a6a33d6e38e3825eeb13874da8f0c91160712090a092286ea3838d88020e459f795783ad099367L

new_q = new_n//new_p
e = 0x10001
phi = (new_p-1)*(new_q-1)
d = gmpy2.invert(e,phi)
m = pow(enc_flag,d,new_n)
flag = long_to_bytes(m)
print(flag)
qtL0ng
关注
  • 3
    点赞
  • 6
    收藏
    觉得还不错? 一键收藏
  • 1
    评论
专栏目录
开始了学习rsa第一步,攻防世界Crypto - 初识rsa
m0_74047686的博客
02-28 1518
攻防世界Crypto - 初识rsa,开始学习rsa算法,详细的解答
攻防世界crypto密码学Caesar环境
03-10
攻防世界crypto密码学Caesar环境 此题详细解题博客:https://danbaku.blog.csdn.net/article/details/129448674
RSA原理理解以及攻防世界(初识RSA)解题思路-0基础理解
最新发布
weixin_49765221的博客
01-15 567
初见RSA
攻防世界 Crypto进阶 Handicraft_RSA
qtL0ng的博客
06-02 1305
1、题目 #!/usr/bin/python from Crypto.Util.number import * from Crypto.PublicKey import RSA from secret import s, FLAG def gen_prime(s): while True: r = getPrime(s) #生成一个素数r R = [r] #将r转换为列表 t = int(5 * s / 2) + 1 for i i
crypto攻防世界RSA(基础题) BaigeiRSA
m0_74897671的博客
04-11 728
1,解压文件,打开out文件发现n,c已知,用yafu分解出q,p。yafu使用方法 yafu-x64。
adworld-crypto-RSA_gcd
bunner_的博客
10-21 606
给定两个不同的n的时候一定要看看n1,n2有没有最大公约数(素数),如果有,那么该最大公约数就是两者共同的p 给定两个相同的n的时候,那就要考虑共模攻击了 拿到题目,有两个文件,里面分别有n,e,c 看了一下两份文件的e相同,n不同 题目的名字是RSA_gcd,自然想到了求n1n_1n1​,n2n_2n2​的最大公约数 求出的最大公约数若为素数的话,那么它就是p,题目自然就解出来了 import gmpy2 def get_p(n1, n2): p = gmpy2.gcd(n1, n2)..
CRYPTO [61dctf]cry Writeup(RSA已知p的高位攻击)
01-20
边学边做的大龄小白写了第一篇wp -.- [61dctf]cry 题目来源:https://www.jarvisoj.com/challenges Coppersmith攻击:已知p的高位攻击 关键点:用SageMath 恢复RSA完整的p 题目给了源码,其中print如下信息: print ====welcome to cry system==== (p,q,n,e,d)=rsa_gen() print give you the public key: print n:+hex(n).replace(L,) print e:+h
攻防世界--------[简单] 初识RSA
woshicainiao666的博客
09-22 781
【代码】攻防世界--------[简单] 初识RSA
crypto攻防世界RSA(基础题) 初识rsa
m0_74897671的博客
04-11 966
加密 M的e次方对n取模=C 解密 C的d次方对n取模=M。已知 pq = p*(q-1) qp = q*(p-1), 求φ(n)(在代码中我用A代替)(就这一步不好理解,其他因素直接求解)1,首先明白RSA加密过程。运行后,flag就出来了。
ctfshow RSA
m0_62506844的博客
01-17 984
无脑爆破的就不往上发了,虽然有绝大多数的题都可以无脑爆破 crypto easyrsa2 n1,n2不同,考虑模不互素的情况,由于n1,n2不互素,那么必然有一个公因数,由于n是由两个质数相乘得到的,所以只有两个因数,那他们的公因数设为p,则q1=n1//p, q2=n2//p,求解m就好了。 crypto easyrsa3 考虑共模攻击(前提是m和n相同,c和e不同),由于 c1 = m^e1 % n ……1 c2 = m^e2 % n ……2 由拓展欧几里得定理可以得到e1*s1+e2*s
攻防世界crypto密码学,morse环境
03-10
攻防世界crypto密码学,morse环境。 此题详细解题博客:
攻防世界密码学crypto,base64题目环境
03-10
攻防世界密码学crypto,base64题目环境。 此题详细解题博客:https://danbaku.blog.csdn.net/article/details/129448000
PYTHON Crypto库支持RSA,私钥加密公钥解密(修改版)
12-01
PYTHON Crypto库支持RSA,私钥加密公钥解密, 文件名:RSA.PY 路径:Crypto\PublicKey\RSA.py 将此Crypto库中以上文件替换。 关于加解密方法看我的文章有写
RSA.zip_Crypto++_crypto RSA_crypto rsa_rsa_rsa加密
09-14
使用crypto++ v5.22大数库进行RSA加密解密的程序
# 攻防世界Crypto - 初识rsa
yuanxu8877的博客
11-06 1832
# 攻防世界Crypto - 初识rsa
RSA已知高位攻击
m0_57291352的博客
10-09 7808
背景: rsa解密,已知e,n,c(其中n太大,分解不了),和p的高位或m的高位或d的高位 工具: sage (没下载的话,有个在线网站可用:https://sagecell.sagemath.org/) 基础知识: PR.<x> = PolynomialRing(Zmod(n)) 用于生成一个以x为符号的一元多项式环 f = x + p4 定义求解的函数 roots = f.small_roots(X=2^kbits, beta=0.4) 多项式小值根求解及因子分解,其中X表示求解根的上
[MRCTF 2020] - RSA
qtL0ng的博客
07-02 549
easy_RSA 题目: import sympy from gmpy2 import gcd, invert from random import randint from Crypto.Util.number import getPrime, isPrime, getRandomNBitInteger, bytes_to_long, long_to_bytes import base64 from zlib import * flag = b"MRCTF{XXXX}" base = 65537 de
[xctf crypto] simpleRSA
weixin_52640415的博客
11-12 604
RSA 求根公式,中国剩余定理,e与phi不互素
RSA原理及其攻击方法
sinri的博客
07-10 4268
RSA原理及其攻击方法 RSA 基于一个简单的数论事实,两个大素数相乘十分容易,将其进行因式分解却是困难的 密钥产生: 1.选两个大素数p和q 2.计算n=p*q,欧拉函数*φ(n) =(p-1) (q-1) 3.选一整数e,满足1<e<φ(n),且gcd(φ(n),e)=1,即φ(n)与e互质 4.计算d,满足d *e≡1 mod φ(n),即d是e在模φ(n)下的乘法逆元,因为e与φ(n)互素,由模运算可知,它的乘法逆元一定存在(欧拉定理:若a与n互素,则a^φ(n)≡1 mod n) 5.
攻防世界crypto_rsa
08-18
根据提供的引用内容,攻防世界crypto_rsa题目是一个RSA加密相关的题目。通过给定的N、e和c,需要解密出明文m。 在给定的代码中,首先计算了phi值,然后使用phi和指数e计算出私钥d。最后使用私钥d对密文c进行解密,得到明文m。 最终得到的明文是flag{bbe6ef5272d9be08a9a6e452b485aaf6}。<span class="em">1</span><span class="em">2</span> #### 引用[.reference_title] - *1* *2* [攻防世界 crypto_rsa3](https://blog.csdn.net/XiongSiqi_blog/article/details/129390659)[target="_blank" data-report-click={"spm":"1018.2226.3001.9630","extra":{"utm_source":"vip_chatgpt_common_search_pc_result","utm_medium":"distribute.pc_search_result.none-task-cask-2~all~insert_cask~default-1-null.142^v93^chatsearchT3_2"}}] [.reference_item style="max-width: 100%"] [ .reference_list ]

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值