1.RSA256 [分值:100]
问题描述:
RSA
题目已说明是RSA算法。
附件中共有四个文件。
3个加密后的信息,一个公钥,公钥内容如下:
-----BEGIN PUBLIC KEY-----
MDwwDQYJKoZIhvcNAQEBBQADKwAwKAIhANmelSKWptlg38JQSrpUW5RC1gp7npMK
/0UceOxV1VXrAgMBAAE=
-----END PUBLIC KEY-----
结果搜索,确定公钥应该是PKCS#8格式。
https://blog.csdn.net/yue7603835/article/details/72575262
Public Key file (PKCS#8)
Because RSA is not used exclusively inside X509 and SSL/TLS, a more generic key format is available in the form of PKCS#8, that identifies the type of public key and contains the relevant data.
It starts and ends with the tags:
-----BEGIN PUBLIC KEY-----
BASE64 ENCODED DATA
-----END PUBLIC KEY-----
Within the base64 encoded data the following DER structure is present:
PublicKeyInfo ::= SEQUENCE {
algorithm AlgorithmIdentifier,
PublicKey BIT STRING
}
AlgorithmIdentifier ::= SEQUENCE {
algorithm OBJECT IDENTIFIER,
parameters ANY DEFINED BY algorithm OPTIONAL
}
So for an RSA public key, the OID is 1.2.840.113549.1.1.1 and there is a RSAPublicKey as the PublicKey key data bitstring.
RSAPublicKey ::= SEQUENCE {
modulus INTEGER, -- n
publicExponent INTEGER -- e
}
key的格式是ASN.1 在线解析网站http://lapo.it/asn1js/
获取到数据如下:(10进制)
N=98432079271513130981267919056149161631892822707167177858831841699521774310891
E=65537
要想解密数据需要私钥D,要计算私钥D,则需要分解N,得到素数P,Q。
很幸运的是这个N已经被分解过,在网站之耳机可以查询:
http://factordb.com/index.php?query=98432079271513130981267919056149161631892822707167177858831841699521774310891
分解之后:
P=302825536744096741518546212761194311477
Q=325045504186436346209877301320131277983
接着用工具计算出D,输入P,Q点击Calc.D 立即就能出结果。
当然也可以用此工具分解N,但是速度有点慢。
知道了以上信息就可以解密了。
网上找了一段python代码:
https://my.oschina.net/KFeC5dSwgN1q/blog/1623311
def __multi(array, bin_array):
result = 1
for index in range(len(array)):
a = array[index]
if not int(bin_array[index]):
continue
result *= a
return result
def exp_mode(base, exponent, n):
bin_array = bin(exponent)[2:][::-1]
r = len(bin_array)
base_array = []
pre_base = base
base_array.append(pre_base)
for _ in range(r - 1):
next_base = (pre_base * pre_base) % n
base_array.append(next_base)
pre_base = next_base
a_w_b = __multi(base_array, bin_array)
return a_w_b % n
# 加密 m是被加密的信息 加密成为c
def encrypt(m, n,e):
c = exp_mode(m, e, n)
return c
# 解密 c是密文,解密为明文m
def decrypt(c, n,d):
m = exp_mode(c, d, n)
return m
解密:
P=0xE3D213B0A3C9551F9FB1EB8D7C3DAF35
Q=0xF4897CAABA80236BDC1B59385C4BF49F
N=0xD99E952296A6D960DFC2504ABA545B9442D60A7B9E930AFF451C78EC55D555EB
D=0x04547B732CBC3527104CB57C4728D6899B44C4994FAE2713D6B594BC0F522A41
E=0x10001
//x1 x2 x3 分别对应encrypted.message1,2,3 大端序
x1=0x0B39CC1B6127D3BBED2BC045148C911D467985A94B147EDE80750F95A360D47A
x2=0x9AFB1CDC1986D3BB53A3425B396C83618EFAAA81C14C965C813415E5C54FCE4B
x3=0x0F04B3B67EF230F80BB518D26DED38AF84B6C8D87BA80C09EBF1D865123082FA
//x1 x2 x3 分别对应encrypted.message1,2,3 小端序
x11=0x7ad460a3950f7580de7e144ba98579461d918c1445c02bedbbd327611bcc390b
x12=0x4BCE4FC5E51534815C964CC181AAFA8E61836C395B42A353BBD38619DC1CFB9A
x13=0xfa82301265d8f1eb090ca87bd8c8b684af38ed6dd218b50bf830f27eb6b3040f
num1=decrypt(x1,N,D)
num2=decrypt(x2,N,D)
num3=decrypt(x3,N,D)
print hex(num1)
print hex(num2)
print hex(num3)
这里num1,2,3就是解出来之后的明文,这里有个坑,密文32字节,解出来也应该是32字节,但是数字的话,最高位为0可以省略。
hex(num1) 值为0x25a8007e9ad2809abbf5a00666c61677b33623664333830362d346232620aL,补上几个0
00025a8007e9ad2809abbf5a00666c61677b33623664333830362d346232620a
16进制数据转字符。