coolcat writeup
I am honored to give a misc challenge for RCTF( forgive me for my poor english plz
The idea of this challenge comes from an article authored by Merricx , a crypto master
you can visit it for this link
https://merricx.github.io/dont-roll-your-own-crypto-1/
After reading this article , I tried to user a part of technique in it to make a simple challenge
If you want to learn more , you can search for knowledge about Arnold’s Cat Map
Now , I will give one solution to solved this challenge
now let’s see the source code
def ACM(img, p, q, m):
counter = 0
if img.mode == "P":
img = img.convert("RGB")
assert img.size[0] == img.size[1]
while counter < m:
dim = width, height = img.size
with Image.new(img.mode, dim) as canvas:
for x in range(width):
for y in range(height):
nx = (x + y * p) % width
ny = (x * q + y * (p * q + 1)) % height
canvas.putpixel((nx, ny), img.getpixel((x, y)))
img = canvas
counter += 1
return canvas
# My image was encrypted by ACM , but I lost the p ,q and m ......
lol , i made m is uncertain , so each time you get the image may be different!
As the m increase , the server takes more time to encrypt the image
so I set m random.randint(1,5) ( I think if there are too many requests , this way will be blocked , so I made m tiny , you can also get m by brute-force
get m
form the picture , you can see that Timing Attack is work
encrypt one time takes about 1.75s ,so you can get the m ! ( unfortunately , there are too many requests
get p,q
now we need to get p ,q
notice
so have two ways to get p,q
first way
We know that this encryt way is periodicity
because the m is tiny , and p ,q is certain , so you can recover the image by encrypt it over and over again
the code comes from a write up ,thanks a lot
second way
just to upload a one pic image with size 600x600
and you can get q,p by solving linear equations in two variables
at last
Thanks for Merricx’s great article again .
Hope you will paticipate RCTF next year and have fun again!