XCTF-Crypto-1 lfsr

最新推荐文章于 2024-01-03 11:32:36 发布
最新推荐文章于 2024-01-03 11:32:36 发布
阅读量121 收藏
点赞数
分类专栏: CTF练习记录 文章标签: 网络安全 密码学 ctf
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/orchid_sea/article/details/135008701
版权

简单的LFSR

题目

from secret import secret
for b in secret: assert(b == '0' or b == '1')
assert(len(secret) == 128)
# a 01 string with length 128
# your flag is flag{md5(secret).hexdigest()}

def string2bits(s):
    return [int(b) for b in s]

def lfsr(state, mask):
    assert(len(state) == 128)
    assert(len(mask)  == 128)

    output = 0
    for i in range(128):
        output = output + (state[i] * mask[i])

    return output

if __name__ == '__main__':
    initState = [0, 1, 0, 1, 1, 0, 0, 1, 1, 0, 0, 0, 0, 1, 0, 0, 1, 0, 0, 0, 1, 1, 1, 0, 0, 1, 1, 0, 1, 1, 0, 1, 0, 0, 1, 0, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 1, 0, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 1, 0, 1, 0, 0, 1, 1, 0, 1, 0, 1, 0, 0, 0, 0, 0, 1, 1, 0, 1, 0, 1, 0, 0, 0, 1, 1, 1, 1, 1, 1, 1, 0, 1, 1, 0, 1, 0, 1, 0, 0, 1, 1, 1, 1, 0, 0, 1, 1, 1, 1, 0, 1, 0, 1, 1, 0, 1, 0, 0, 0, 0, 0, 0, 1, 1, 0, 1, 0, 0]
    mask = string2bits(secret)

    for i in range(256):
        state = initState[i:]
        output = lfsr(state, mask)
        initState += [output]

    outputState = initState[128:]
    print('outputState =', outputState)
    #
    # outputState = [31, 66, 128, 222, 385, 664, 1143, 2000, 3458, 6003, 10379, 17942, 31047, 53687, 92924, 160797, 278304, 481638, 833479, 1442422, 2496163, 4319845, 7475835, 12937561, 22389578, 38746915, 67054735, 116043520, 200822710, 347539886, 601445745, 1040850538, 1801275628, 3117252874, 5394657302, 9335889442, 16156509611, 27960142496, 48387281659, 83738092531, 144915522009, 250787996657, 434008851435, 751087316130, 1299817167363, 2249438425629, 3892834588915, 6736864173067, 11658686709797, 20176297502410, 34916709837729, 60426182042628, 104572380769600, 180970937597032, 313184800936842, 541991553121913, 937960088661442, 1623215570164618, 2809105439634215, 4861383488449105, 8413016146818879, 14559402864389777, 25196220721365800, 43604091771673155, 75460397027739861, 130590302153314191, 225997048627046433, 391106116962451401, 676840674047358730, 1171327366605398299, 2027076463289970382, 3508019282374090135, 6070910253447116278, 10506199749411485204, 18181825882182859769, 31465115864423937634, 54452920337985370536, 94235169707018163674, 163081560265112209496, 282225790871820528073, 488414489680745790033, 845240659945376349091, 1462757121910708796880, 2531419155626961478438, 4380824981460105751921, 7581370898424646092677, 13120173698498971899800, 22705518590912550882405, 39293730885686099313323, 68000969928723717268434, 117681162033195064953557, 203656740661184789826464, 352444412513853856490154, 609933476834387348179796, 1055539066458205919344242, 1826695472762162772755920, 3161243819621244340994611, 5470787351316040252901913, 9467638673598260118507327, 16384512191330329194463349, 28354719587732695891973236, 49070128760035595469947547, 84919814815174884654495265, 146960587438213290271803310, 254327147405947343219170013, 440133637427387650641676733, 761686751771954639615932308, 1318160346062225166536927204, 2281182774793880566386854202, 3947770745464875128215489476, 6831935621711193478803584270, 11823215517979626989252654459, 20461027873324936552011726278, 35409458704049766870463574070, 61278923692217093991616774374, 106048118957748860598268928024, 183524821535095103500935105397, 317604503036094959823791626415, 549640204006492782256703506357, 951196695803666227643791343005, 1646122586216645151673646795131, 2848747878127492747395146497119, 4929987925010971381846789176787, 8531741656523753626888968333475, 14764866932914585711739993009471, 25551792860485990447357753377411, 44219438031623458174827090101591, 76525303351860239321171606062486, 132433208420836012247860425341878, 229186346534231007543300455047052, 396625454174562824696341867974807, 686392332170111774628387415187708, 1187857281228776953526538661167132, 2055682813511567389589959681437591, 3557524878237416677051445431119245, 6156583679200434562674367324375645, 10654464521349051207718915685250792, 18438410026033851006551039004948926, 31909155416202798852780253976608864, 55221366589513932226781115179478434, 95565027912492621164419094117570641, 165382987128929746587819720020389833, 286208595645816231325692474821432127, 495307054513959920117280296979778603, 857168799202977606481906830566592959, 1483399728776458203402121501599814357, 2567142851419860475561591348189292465, 4442647717774532025797522076302827645, 7688360128977964468508623330874749520, 13305327189541069887965447505836108943, 23025941637865784521234444191415083701, 39848248807227476288131461546822173104, 68960607908058729168472941626927516912, 119341892941264496254850267375680858596, 206530769418287872448439164819365157712, 357418151038572249261836365381689027787, 618540932431735991718001801386896334770, 1070434962471260463170389697079661487176, 1852474022011964581139009223827365513544, 3205855677870125101423860144920010424249, 5547991769498476629256700835469967207037, 9601247144996961660705018593534913225922, 16615732425220501988109900409620796156745, 28754864847988594478375696246052761203187, 49762612400465240380187427652132912229336, 86118213596547492163397334421181607606370, 149034513167786192667574788821667110253623, 257916243121530494722068502259305736264048, 446344856986474817826595353109273441918350, 772435768089263602359077702861161388353409, 1336762385595787378549468975393213339116484, 2313375104267880490155624917599100889633507, 4003482167596451918353914186255524345816532, 6928348730257112541629154203810355027525535, 11990066177033590775605142065871666200189459, 20749776393589512464840020374644649655647874, 35909161302935015278730531942138798319507636, 62143699335409560081369603141161471393159562, 107544682943462043814216772302622710407400704, 186114746194704481727730115452186541297539854, 322086576510057527551600558671512063007190557, 557396793585831655018738502556644467159583633, 964620099559052960425720416252526682882655111, 1669352868873354804885622348664567494237803783, 2888949755545809136243688064556192446919868175, 4999560515746991945989073252770067125902428535, 8652142635098861248148452777057412533362877977, 14973230535426489152060521332311783517581989420, 25912382876992006096351135796067625851883928825, 44843468133024591960270046213401958144446811548, 77605237763877474989955856305494246316739147127, 134302122006319171731632762048131880552676359659, 232420652202367984596938247872208285088912788686, 402222680946414142984184322215356821073359953948, 696078784456971603910909918744734815016448573082, 1204620468022900362280402553035290601874308600586, 2084692860035604927076197374205039877760447754956, 3607729103106034863624554004184342562208475089341, 6243466138784576918107250594832177417637788944304, 10804821623826866941723224844111388709787418308073, 18698615116609470739339911758664365362637188157227, 32359461308280335893458609544003265039362932173740, 56000657248244594858300036379967633467510318826268, 96913653239119041752111865895809664169241405330164, 167716892009274048794745102986623447430717183044189, 290247606246426020117292750048691625438809474898504, 502296888062545512718475829352732508523042936581530, 869265269816240261877029457458234318249621243667628, 1504333646627354107869007496936781479204707239575364, 2603370684363759081777877568090078592049534352669947, 4505342904082185194291963661562434728467247085801567, 7796859204598587173314308958000104480418858953375158, 13493093589225451977147040588861591346827624626553088, 23350886533928418622148518003626067086836308029229306, 40410592153292809121198774051487713973447271440824879, 69933788415571610361075397290260005189363125951186151, 121026060286409890014591649872661507384922097295622585, 209445356819655999941471437498154462693217873859873519, 362462079567824464738504374835340908769751488853277318, 627269857492024846036766185061792395514128412691597750, 1085541071185182881358902065797900004206275433304525877, 1878616361292087979017649753948129817575491489985996469, 3251097104102362704835900720328806405351210311448488910, 5626285705844227224482132571164442587287950705132698177, 9736741115435595736854097976874400909429981720207988487, 16850215667245180941552990697851306753178430167486844006, 29160657006948951882262364132481449161390275730087294685, 50464868454466647556267645846637274956572498586114427735, 87333524327649631040132103644841977096784627243509857937, 151137706390139040826448707126591974417399010694640174718, 261555988593488478677610370284679511774525269175612894617, 452643730033345117036459086235348615186246366652477694168, 783336475835524143955537154153262203019092265959952337070, 1355626939379487620769121922144227585175531097052439217983, 2346021735820790423533561047507688175516954900918138334291, 4059979796110323903393797058491537625611005518946149411026, 7026122432346967683382009847205881024752630926437218981740, 12159271452933065576710291263470354882115951853620136774055, 21042599768180623908382939506716338579508214228553692875423, 36415915765826987773364669427220163018133640081486671468436, 63020678797925209300085103082659626905494796721119527734083, 109062366622625198169859916735972641477602693706580750774247, 188741220186912829686057249397861922209555075583934877024777, 326631901551406455092777938653826814900794821912935940782874, 565262845103114204256414747869081614169923740442179762058936, 978232936025018959853100287323851115023773163216042197843195, 1692910980111501346802672231436092377546116455476214539222026, 2929718966760270262844895994547637314231078419236801672684198, 5070114923366815738216357619638190602226980891746062079428250, 8774242726964718704518978915749604855301897112378619823447909, 15184534590503864395968205111669668293209355696392197598100449, 26278061583779512058870924747917968681797893736357134971437061, 45476304623307832769415233578427592641287934525440233150419102, 78700412341998941621862709864667467345902574612843786168968091, 136197409928206718914848388530217366761295027423898231594892758, 235700600786468895717413188934153824796333855958950958366797470]
    #

分析

参考链接:
https://ctf-wiki.org/crypto/streamcipher/fsr/lfsr/
http://www.360doc.com/content/21/0330/15/73146922_969754517.shtml
https://blog.csdn.net/figfig55/article/details/128528215

LFSR为线性反馈移位寄存器,initState为初识化数组, 进行了256轮lfsr计算。每轮的输出output是对应state和mask乘积的和,将其追加到initState尾部,且下一轮state数组取值右移一位。

简单实例:

#sage
print("加密过程")
def lfsr(state, mask):
    output = 0
    for i in range(5):
        output = output + (state[i] * mask[i])
    return output
mask = [1, 1, 0, 0, 1]
initState = [0, 1, 0, 1, 1]
for i in range(10):
    state = initState[i:]
    output = lfsr(state, mask)
    print("i:",i,"state:",state,"output:",output)
    initState += [output]
        
outputState = initState[5:]
print('outputState =', outputState)

加密运算如下:
o u t 1 = s 1 m 1 + s 2 m 2 + s 3 m 3 + s 4 m 4 + s 5 m 5 out1 = s1m1 + s2m2 + s3m3 + s4m4 + s5m5 out1=s1m1+s2m2+s3m3+s4m4+s5m5
o u t 2 = s 2 m 1 + s 3 m 2 + s 4 m 3 + s 5 m 4 + o u t 1 m 5 out2 = s2m1 + s3m2 + s4m3 + s5m4 + out1m5 out2=s2m1+s3m2+s4m3+s5m4+out1m5

可换算成矩阵运算:
[ s 1 s 2 s 3 s 4 s 5 s 2 s 3 s 4 s 5 o u t 1 s 3 s 4 s 5 o u t 1 o u t 2 s 4 s 5 o u t 1 o u t 2 o u t 3 s 5 o u t 1 o u t 2 o u t 3 o u t 4 o u t 1 o u t 2 o u t 3 o u t 4 o u t 5 o u t 2 o u t 3 o u t 4 o u t 5 o u t 6 . . . . . . . . . . . . . . . o u t 5 o u t 6 o u t 7 o u t 8 o u t 9 ] [ m 1 m 2 m 3 m 4 m 5 ] = [ o u t 1 o u t 2 o u t 3 o u t 4 o u t 5 o u t 6 o u t 7 o u t 8 o u t 9 o u t 10 ] \left[ \begin{matrix} s1 & s2 & s3 & s4 & s5\\ s2 & s3 & s4 & s5 & out1 \\ s3 & s4 & s5 & out1 & out2 \\ s4 & s5 & out1& out2 & out3\\ s5 & out1& out2 & out3& out4\\ out1 & out2 & out3 & out4& out5\\ out2 & out3 & out4 & out5& out6\\ ...& ...& ... & ...& ...\\ out5 & out6 & out7 & out8 & out9\\ \end{matrix} \right] \left[ \begin{matrix} m1\\ m2\\ m3\\m4\\ m5\\ \end{matrix} \right] = \left[ \begin{matrix} out1\\ out2\\ out3\\out4\\ out5\\ out6 \\out7 \\out8 \\out9 \\out10 \end{matrix} \right] s1s2s3s4s5out1out2...out5s2s3s4s5out1out2out3...out6s3s4s5out1out2out3out4...out7s4s5out1out2out3out4out5...out8s5out1out2out3out4out5out6...out9 m1m2m3m4m5 = out1out2out3out4out5out6out7out8out9out10
S [ 10 ∗ 5 ] M [ 5 ∗ 1 ] = O u t [ 10 ∗ 1 ] S_{[10 *5]}M_{[5 *1]} = Out_{[10 *1]} S[105]M[51]=Out[101]
因此要解密mask,就是计算 M = O u t / S M = Out/S M=Out/S

但是S和Out有重叠数字,所以计算一半即可。若用下半部分:
[ o u t 1 o u t 2 o u t 3 o u t 4 o u t 5 o u t 2 o u t 3 o u t 4 o u t 5 o u t 6 . . . . . . . . . . . . . . . o u t 5 o u t 6 o u t 7 o u t 8 o u t 9 ] [ m 1 m 2 m 3 m 4 m 5 ] = [ o u t 6 o u t 7 o u t 8 o u t 9 o u t 10 ] \left[ \begin{matrix} out1 & out2 & out3 & out4& out5\\ out2 & out3 & out4 & out5& out6\\ ...& ...& ... & ...& ...\\ out5 & out6 & out7 & out8 & out9\\ \end{matrix} \right] \left[ \begin{matrix} m1\\ m2\\ m3\\m4\\ m5\\ \end{matrix} \right] = \left[ \begin{matrix} out6 \\out7 \\out8 \\out9 \\out10 \end{matrix} \right] out1out2...out5out2out3...out6out3out4...out7out4out5...out8out5out6...out9 m1m2m3m4m5 = out6out7out8out9out10

对应解密代码:

#sage
print("解密过程")
#mask: [1, 1, 0, 0, 1]
initState = [0, 1, 0, 1, 1]
outputState = [2, 3, 4, 6, 9, 14, 21, 31, 46, 69]

OOi = []
Oi = []
for i in range(5):
    OOi += outputState[i:i+5]
    Oi += [outputState[i+5]]
#     print(OOi,Oi)

OO = matrix(ZZ, 5, 5, OOi) #每轮的S序列矩阵
O = matrix(ZZ, 5, 1, Oi) #每轮得到的Out结果矩阵
print("OO:\n",OO)
print("O:\n",O)

Mask = OO.solve_right(O)#OO左乘O,即计算00/0
print("Mask:\n",Mask)

解密

同理128长度为:
[ s 1 s 2 s 3 . . . s 127 s 128 s 2 s 3 s 4 . . . s 128 o u t 1 s 3 s 4 s 5 . . . o u t 1 o u t 2 . . . . . . . . . . . . . . . . . . s 128 o u t 1 o u t 2 . . . . . . o u t 127 o u t 1 o u t 2 o u t 3 . . . . . . o u t 128 o u t 2 o u t 3 o u t 4 . . . . . . o u t 129 . . . . . . . . . . . . . . . . . . o u t 128 o u t 129 o u t 130 . . . . . . o u t 255 ] [ m 1 m 2 m 3 . . . m 127 m 128 ] = [ o u t 1 o u t 2 o u t 3 . . . o u t 127 o u t 128 . . . o u t 255 o u t 256 ] \left[ \begin{matrix} s1 & s2 & s3 & ... & s127 & s128\\ s2 & s3 & s4 & ... & s128 & out1 \\ s3 & s4 & s5 & ... & out1 & out2 \\ ...& ...& ...& ... & ...& ...\\ s128 & out1 & out2 & ... & ...& out127\\ out1 & out2 & out3 & ... & ...& out128\\ out2 & out3 & out4 & ... & ...& out129\\ ...& ...& ...& ... & ...& ...\\ out128 & out129 & out130 & ... & ...& out255\\ \end{matrix} \right] \left[ \begin{matrix} m1\\ m2\\ m3\\...\\ m127\\ m128\\ \end{matrix} \right] = \left[ \begin{matrix} out1\\ out2\\ out3\\...\\ out127\\ out128 \\... \\out255 \\out256 \end{matrix} \right] s1s2s3...s128out1out2...out128s2s3s4...out1out2out3...out129s3s4s5...out2out3out4...out130...........................s127s128out1..................s128out1out2...out127out128out129...out255 m1m2m3...m127m128 = out1out2out3...out127out128...out255out256

EXP 代码

#sage
from hashlib import md5

initState = [0, 1, 0, 1, 1, 0, 0, 1, 1, 0, 0, 0, 0, 1, 0, 0, 1, 0, 0, 0, 1, 1, 1, 0, 0, 1, 1, 0, 1, 1, 0, 1, 0, 0, 1, 0, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 1, 0, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 1, 0, 1, 0, 0, 1, 1, 0, 1, 0, 1, 0, 0, 0, 0, 0, 1, 1, 0, 1, 0, 1, 0, 0, 0, 1, 1, 1, 1, 1, 1, 1, 0, 1, 1, 0, 1, 0, 1, 0, 0, 1, 1, 1, 1, 0, 0, 1, 1, 1, 1, 0, 1, 0, 1, 1, 0, 1, 0, 0, 0, 0, 0, 0, 1, 1, 0, 1, 0, 0]
outputState = [31, 66, 128, 222, 385, 664, 1143, 2000, 3458, 6003, 10379, 17942, 31047, 53687, 92924, 160797, 278304, 481638, 833479, 1442422, 2496163, 4319845, 7475835, 12937561, 22389578, 38746915, 67054735, 116043520, 200822710, 347539886, 601445745, 1040850538, 1801275628, 3117252874, 5394657302, 9335889442, 16156509611, 27960142496, 48387281659, 83738092531, 144915522009, 250787996657, 434008851435, 751087316130, 1299817167363, 2249438425629, 3892834588915, 6736864173067, 11658686709797, 20176297502410, 34916709837729, 60426182042628, 104572380769600, 180970937597032, 313184800936842, 541991553121913, 937960088661442, 1623215570164618, 2809105439634215, 4861383488449105, 8413016146818879, 14559402864389777, 25196220721365800, 43604091771673155, 75460397027739861, 130590302153314191, 225997048627046433, 391106116962451401, 676840674047358730, 1171327366605398299, 2027076463289970382, 3508019282374090135, 6070910253447116278, 10506199749411485204, 18181825882182859769, 31465115864423937634, 54452920337985370536, 94235169707018163674, 163081560265112209496, 282225790871820528073, 488414489680745790033, 845240659945376349091, 1462757121910708796880, 2531419155626961478438, 4380824981460105751921, 7581370898424646092677, 13120173698498971899800, 22705518590912550882405, 39293730885686099313323, 68000969928723717268434, 117681162033195064953557, 203656740661184789826464, 352444412513853856490154, 609933476834387348179796, 1055539066458205919344242, 1826695472762162772755920, 3161243819621244340994611, 5470787351316040252901913, 9467638673598260118507327, 16384512191330329194463349, 28354719587732695891973236, 49070128760035595469947547, 84919814815174884654495265, 146960587438213290271803310, 254327147405947343219170013, 440133637427387650641676733, 761686751771954639615932308, 1318160346062225166536927204, 2281182774793880566386854202, 3947770745464875128215489476, 6831935621711193478803584270, 11823215517979626989252654459, 20461027873324936552011726278, 35409458704049766870463574070, 61278923692217093991616774374, 106048118957748860598268928024, 183524821535095103500935105397, 317604503036094959823791626415, 549640204006492782256703506357, 951196695803666227643791343005, 1646122586216645151673646795131, 2848747878127492747395146497119, 4929987925010971381846789176787, 8531741656523753626888968333475, 14764866932914585711739993009471, 25551792860485990447357753377411, 44219438031623458174827090101591, 76525303351860239321171606062486, 132433208420836012247860425341878, 229186346534231007543300455047052, 396625454174562824696341867974807, 686392332170111774628387415187708, 1187857281228776953526538661167132, 2055682813511567389589959681437591, 3557524878237416677051445431119245, 6156583679200434562674367324375645, 10654464521349051207718915685250792, 18438410026033851006551039004948926, 31909155416202798852780253976608864, 55221366589513932226781115179478434, 95565027912492621164419094117570641, 165382987128929746587819720020389833, 286208595645816231325692474821432127, 495307054513959920117280296979778603, 857168799202977606481906830566592959, 1483399728776458203402121501599814357, 2567142851419860475561591348189292465, 4442647717774532025797522076302827645, 7688360128977964468508623330874749520, 13305327189541069887965447505836108943, 23025941637865784521234444191415083701, 39848248807227476288131461546822173104, 68960607908058729168472941626927516912, 119341892941264496254850267375680858596, 206530769418287872448439164819365157712, 357418151038572249261836365381689027787, 618540932431735991718001801386896334770, 1070434962471260463170389697079661487176, 1852474022011964581139009223827365513544, 3205855677870125101423860144920010424249, 5547991769498476629256700835469967207037, 9601247144996961660705018593534913225922, 16615732425220501988109900409620796156745, 28754864847988594478375696246052761203187, 49762612400465240380187427652132912229336, 86118213596547492163397334421181607606370, 149034513167786192667574788821667110253623, 257916243121530494722068502259305736264048, 446344856986474817826595353109273441918350, 772435768089263602359077702861161388353409, 1336762385595787378549468975393213339116484, 2313375104267880490155624917599100889633507, 4003482167596451918353914186255524345816532, 6928348730257112541629154203810355027525535, 11990066177033590775605142065871666200189459, 20749776393589512464840020374644649655647874, 35909161302935015278730531942138798319507636, 62143699335409560081369603141161471393159562, 107544682943462043814216772302622710407400704, 186114746194704481727730115452186541297539854, 322086576510057527551600558671512063007190557, 557396793585831655018738502556644467159583633, 964620099559052960425720416252526682882655111, 1669352868873354804885622348664567494237803783, 2888949755545809136243688064556192446919868175, 4999560515746991945989073252770067125902428535, 8652142635098861248148452777057412533362877977, 14973230535426489152060521332311783517581989420, 25912382876992006096351135796067625851883928825, 44843468133024591960270046213401958144446811548, 77605237763877474989955856305494246316739147127, 134302122006319171731632762048131880552676359659, 232420652202367984596938247872208285088912788686, 402222680946414142984184322215356821073359953948, 696078784456971603910909918744734815016448573082, 1204620468022900362280402553035290601874308600586, 2084692860035604927076197374205039877760447754956, 3607729103106034863624554004184342562208475089341, 6243466138784576918107250594832177417637788944304, 10804821623826866941723224844111388709787418308073, 18698615116609470739339911758664365362637188157227, 32359461308280335893458609544003265039362932173740, 56000657248244594858300036379967633467510318826268, 96913653239119041752111865895809664169241405330164, 167716892009274048794745102986623447430717183044189, 290247606246426020117292750048691625438809474898504, 502296888062545512718475829352732508523042936581530, 869265269816240261877029457458234318249621243667628, 1504333646627354107869007496936781479204707239575364, 2603370684363759081777877568090078592049534352669947, 4505342904082185194291963661562434728467247085801567, 7796859204598587173314308958000104480418858953375158, 13493093589225451977147040588861591346827624626553088, 23350886533928418622148518003626067086836308029229306, 40410592153292809121198774051487713973447271440824879, 69933788415571610361075397290260005189363125951186151, 121026060286409890014591649872661507384922097295622585, 209445356819655999941471437498154462693217873859873519, 362462079567824464738504374835340908769751488853277318, 627269857492024846036766185061792395514128412691597750, 1085541071185182881358902065797900004206275433304525877, 1878616361292087979017649753948129817575491489985996469, 3251097104102362704835900720328806405351210311448488910, 5626285705844227224482132571164442587287950705132698177, 9736741115435595736854097976874400909429981720207988487, 16850215667245180941552990697851306753178430167486844006, 29160657006948951882262364132481449161390275730087294685, 50464868454466647556267645846637274956572498586114427735, 87333524327649631040132103644841977096784627243509857937, 151137706390139040826448707126591974417399010694640174718, 261555988593488478677610370284679511774525269175612894617, 452643730033345117036459086235348615186246366652477694168, 783336475835524143955537154153262203019092265959952337070, 1355626939379487620769121922144227585175531097052439217983, 2346021735820790423533561047507688175516954900918138334291, 4059979796110323903393797058491537625611005518946149411026, 7026122432346967683382009847205881024752630926437218981740, 12159271452933065576710291263470354882115951853620136774055, 21042599768180623908382939506716338579508214228553692875423, 36415915765826987773364669427220163018133640081486671468436, 63020678797925209300085103082659626905494796721119527734083, 109062366622625198169859916735972641477602693706580750774247, 188741220186912829686057249397861922209555075583934877024777, 326631901551406455092777938653826814900794821912935940782874, 565262845103114204256414747869081614169923740442179762058936, 978232936025018959853100287323851115023773163216042197843195, 1692910980111501346802672231436092377546116455476214539222026, 2929718966760270262844895994547637314231078419236801672684198, 5070114923366815738216357619638190602226980891746062079428250, 8774242726964718704518978915749604855301897112378619823447909, 15184534590503864395968205111669668293209355696392197598100449, 26278061583779512058870924747917968681797893736357134971437061, 45476304623307832769415233578427592641287934525440233150419102, 78700412341998941621862709864667467345902574612843786168968091, 136197409928206718914848388530217366761295027423898231594892758, 235700600786468895717413188934153824796333855958950958366797470]

# 已知initState初始化数组和outputState输出序列,求mask
OOi = []
Oi = []
for i in range(128):
    OOi += outputState[i:i+128]
    Oi += [outputState[i+128]]

OO = matrix(ZZ, 128, 128, OOi) #生成128*128的每轮outputState矩阵
O = matrix(ZZ, 128, 1, Oi) #生成128*1的每轮output数据
Mask = OO.solve_right(O)#OO左乘O,即计算00/0

#处理mask得到flag
M=Mask.str().replace('\n','').replace('[','').replace(']','')
print(M)
md5 = md5()
md5.update(M.encode('utf8'))
flag = md5.hexdigest()
print("flag:",flag)
777sea
关注
专栏目录
XCTF-Crypto-新手训练区第6题不仅仅是Morse-write up
seven749的博客
10-05 381
XCTF-Crypto-新手训练区第6题不仅仅是Morse-write up 题目的附件给出的是一串Morse密码 先用Morse密码解码器解密 Morse (空格用··–·-来表示) 根据题目的提示以及解密后的明文可知还包含另一种解密,由一大串ab组成,故可以想到培根密码,解密得到答案。 attackanddefenceworldisinteresting 注意flag格式。 原理: (观察可得其规律依次进b) ...
XCTF-RE】新手练习区-open-source.c
08-03
题目:https://adworld.xctf.org.cn/task/task_list?type=reverse&number=4&grade=0&page=1 我的解题记录:https://www.yuque.com/jianouzuihuai/study/zgwso7
攻防世界:streamgame1(考点:LFSR
MikeCoke的博客
02-18 1323
题目: from flag import flag assert flag.startswith("flag{") # 作用:判断字符串是否以指定字符或子字符串开头flag{ assert flag.endswith("}") # 作用:判断字符串是否以指定字符或子字符串结尾},flag{},6个字节 assert len(flag)==25 # flag的长度为25字节,25-6=19个字节 #3<<2可以这么算,bin(3)=0b11向左移动2位变成1100,0b1100=12(十进制) d
简单LFSR算法实现(包含两种实现Galois型和Fibonacci型)
09-27
简单LFSR算法实现(包含两种实现Galois型和Fibonacci型)
XCTF crypto 不仅仅是Mors
YenKoc的博客
03-23 456
一. 题目暗示摩斯码,打开文件发现里面有反斜杠的。不管它直接拿来解密 二. 发现一句话是句英文,还有其他的加密方式,后面那串只有两种字符A和B,手抓饼A套餐,b套餐 培根加密,拿来解密后,得到flag ...
xctf_Crypto_onetimepad
M3ng@L的博客
01-07 920
XCTF_onetimepad 虽然叫做onetimepad,但实际上不是严格的一次一密加密 Vernam加密法_百度百科 题目描述 #!/usr/bin/env python # coding=utf-8 from os import urandom def process(m, k): tmp = m ^ k res = 0 for i in bin(tmp)[2:]: res = res << 1; if (int(i)):
XCTF 攻防世界】CRYPTO 密码学 新手练习区 幂数加密
weixin_45844670的博客
08-07 627
题目链接:https://adworld.xctf.org.cn/task/answer?type=crypto&number=5&grade=0&id=5120&page=1 下载附件,得到一串数字。没有头绪。查看wp 得知这是 二进制幂数加密法 百度链接: 二进制幂数加密法 从给出的一串字符可以看出,除第一组以外,每一个以0分隔的一组排列的数字都是从小到大 那么可以确定,以0分隔的每一组都是一个字符 不明白的可以举个例子: 那么我们直接用python脚本跑一下,可以得到
crypto-简单LFSR(xctf)
耐酸碱高温固化材料近距离传输研究
01-03 1749
即为LFSR(线性反馈移位寄存器)的初始状态,最主要的操作就是进行256轮LFSR计算。接下来就是简单的线性方程组求解了。是flag转二进制之后的数组。数组后256个元素,命名为。256轮循环最终输出。随机数题,记录一下。可改写为矩阵乘法形式。
XCTF-RE】新手练习区-csaw2013reversing2.exe
08-03
题目:https://adworld.xctf.org.cn/task/task_list?type=reverse&number=4&grade=0&page=1 我的解题记录:https://www.yuque.com/jianouzuihuai/study/ova41g
XCTF-HW-pipeline附件
11-09
附件
XCTF-Mobile】新手练习区-12.rar
09-01
题目:https://adworld.xctf.org.cn/task/answer?type=mobile&number=6&grade=0&id=5095&page=1 我的解题记录:https://www.yuque.com/jianouzuihuai/ctf/hackermind
XCTF-CRYPTO-练习记录
计算机系秃头少女的博客
12-08 1245
grep [选项]… 模式 [文件]… -E, --extended-regexp <模式> 是扩展正则表达式 -o, --only-matching 只显示行中非空匹配部分 [] #匹配一个指定范围内的字符,如’[Gg]rep’匹配Grep和grep。 用法:tr [选项]… SET1 [SET2] -d, --delete delete characters in SET1, do not translate #删除SET1中的字符,不进行翻译 \n 换行
xctf攻防世界 CRYPTO高手进阶区 enc
热门推荐
l8947943的博客
03-13 1万+
0x01. 进入环境,下载附件 题目给出的是一个文件,没有后缀,放入winhex中查看,如图: 0x02. 问题分析 ascii一堆ZERO和ONE,我们尝试将其转换成对应的01字符串,结果如下: 010011000110100100110000011001110100110001101001001100000111010101001100011010010100000101110101010010010100001100110000011101010100110001101001001100000110
xctf攻防世界 CRYPTO高手进阶区 best_rsa
l8947943的博客
02-14 3188
1. 进入环境,下载附件 题目给的压缩包,包括4个文件,如图: 给出了2个公钥文件和和2个密文文件,用常规的RSA解密方式分别解密,解密失败(n为2048位难以分解) 2. 问题分析 继续复习RSA 明文为m,密文为c,模数n = p * q 使用欧拉函数,φ(n) = (p - 1) * (q- 1) 选取一个大整数e,使得gcd(e, φ(n) ) = 1,e用来加密秘钥 私钥d可以由欧拉函数值计算出来,满足ed mod φ(n) ≡ 1 将明文m加密成密文c:m^e ≡ c (mod n) 将
XCTF-攻防世界 crypto-提高区 enc 题解
YUK_103的博客
09-11 1907
题目如图下载附件后放入winhex查看内容发现: 全是0和1,你能想到什么?我目前所能想到的就是2进制转ASCII和摩斯密码,但是这也没有明确的分割界限故判断是前者。 直接py转成数字字符再说 s = "(那一串字符串)" li = s.split(' ') ans = '' cnt = 0 //调试用 for i in li: if i == 'ZERO': ans +=...
攻防世界XCTF-密码破译入门12题解题报告
最新发布
jennycisp的博客
01-03 894
听说你想学习破译密码(crypto)?这可是CTF中最冷门的鸭,你可真是个奇怪的人。还不如学习WEB安全,快去渗透它吧,给个好评哟~如果你坚持要搞,那就来挑战12道新手密码题吧。相信我,你会转去做WEB安全的。如果你硬着皮头,搞到底,你会发现你是没朋友滴,嘿嘿,渗透大法好~
crypto-[中等偏下] 线性反馈移位寄存器(xctf)
耐酸碱高温固化材料近距离传输研究
01-10 857
求解有点问题,最后是把initState组在outputState前面一起解方程组,得到正解。最主要的操作就是进行256轮LFSR计算,这地方和简单LFSR有点不同。,即为LFSR(线性反馈移位寄存器)的初始状态,随机数题,LFSR变形,记录一下。是flag转二进制之后的数组。数组后256个元素,命名为。尝试模2条件下线性方程组求解。256轮循环最终输出。可改写为矩阵乘法形式。
c实现一个简单的线性反馈移位寄存器LFSR
windmyway的博客
05-11 6172
c实现一个简单LSFR 移位寄存器是流密码产生密钥流的一个主要组成部分。GF(2)上一个n级反馈移位寄存器由n个二元存储器与一个反馈函数组成,如图1。若是a1, a2, ..., an 的线性函数,则称之为线性反馈移位寄存器(Linear Feedback Shift Register, LSFR),则 f 可写为 反馈函数是n元布尔函数,即n个变元 a1, a2, a3, ..., an 可以独立的取0和1这两个可能的值函数中的运算有逻辑与、或、补等运算,最后的值也为 0 或 1. 图1..
数据处理方法(LFSR
XiaoCaiDaYong的博客
04-18 2648
线性反馈移位寄存器(LFSR):通常由移位寄存器和异或门逻辑组成。其主要应用在: 伪随机数,伪噪声序列,计数器,BIST,数据的加密和 CRC 校验等。
guess-xsctf
07-28
根据提供的引用内容,我无法确定问题"guess-xsctf"的具体含义。请提供更多的信息或者明确你的问题,我将尽力回答。 #### 引用[.reference_title] - *1* [xctf攻防世界 REVERSE 高手进阶区 Guess-the-Number](https://blog.csdn.net/l8947943/article/details/124064262)[target="_blank" data-report-click={"spm":"1018.2226.3001.9630","extra":{"utm_source":"vip_chatgpt_common_search_pc_result","utm_medium":"distribute.pc_search_result.none-task-cask-2~all~insert_cask~default-1-null.142^v91^insert_down1,239^v3^insert_chatgpt"}} ] [.reference_item] - *2* *3* [攻防世界 xctf -Guess writeup](https://blog.csdn.net/haodeshua/article/details/96317161)[target="_blank" data-report-click={"spm":"1018.2226.3001.9630","extra":{"utm_source":"vip_chatgpt_common_search_pc_result","utm_medium":"distribute.pc_search_result.none-task-cask-2~all~insert_cask~default-1-null.142^v91^insert_down1,239^v3^insert_chatgpt"}} ] [.reference_item] [ .reference_list ]
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值