NSSCTF_crypto_[HGAME 2022 week3]RSA attack 3

于 2025-03-20 10:09:11 发布
阅读量428 收藏
点赞数 13
分类专栏: CTF NSSCTF 文章标签: python 开发语言 密码学 crypto NSSCTF 维纳攻击
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/suisuisama/article/details/146389025
版权

[HGAME 2022 week3]RSA attack 3
题目:太多了自己去看,提示:维纳攻击

首先在做这题之前你得先懂得维纳攻击的原理
https://www.cnblogs.com/wandervogel/p/16805992.html

ok啊看懂了维纳攻击的原理就来开始写脚本吧

from Crypto.Util.number import long_to_bytes
import gmpy2

# 已知参数
n = 507419170088344932990702256911694788408493968749527614421614568612944144764889717229444020813658893362983714454159980719026366361318789415279417172858536381938870379267670180128174798344744371725609827872339512302232610590888649555446972990419313445687852636305518801236132032618350847705234643521557851434711389664130274468354405273873218264222293858509477860634889001898462547712800153111774564939279190835857445378261920532206352364005840238252284065587291779196975457288580812526597185332036342330147250312262816994625317482869849388424397437470502449815132000588425028055964432298176942124697105509057090546600330760364385753313923003549670107599757996810939165300581847068233156887269181096893089415302163770884312255957584660964506028002922164767453287973102961910781312351686488047510932997937700597992705557881172640175117476017503918294534205898046483981707558521558992058512940087192655700351675718815723840568640509355338482631416345193176708501897458649841539192993142790402734898948352382350766125000186026261167277014748183012844440603384989647664190074853086693408529737767147592432979469020671772152652865219092597717869942730499507426269170189547020660681363276871874469322437194397171763927907099922324375991793759
e = 77310199867448677782081572109343472783781135641712597643597122591443011229091533516758925238949755491395489408922437493670252550920826641442189683907973926843505436730014899918587477913032286153545247063493885982941194996251799882984145155733050069564485120660716110828110738784644223519725613280140006783618393995138076030616463398284819550627612102010214315235269945251741407899692274978642663650687157736417831290404871181902463904311095448368498432147292938825418930527188720696497596867575843476810225152659244529481480993843168383016583068747733118703000287423374094051895724494193455175131120243097065270804457787026492578916584536863548445813916819417857064037664101684455000184987531252344582899589746272173970083733130106407810619258077266603898529285634495710846838011858287024329514491058790557305041389614650730267774482954666726949886313386881066593946789460028399523245777171320319444673551268379126203862576627540177888290265714418064334752499940587750374552330008143708562065940245637685833371348603338834447212248648869514585047871442060412622164276894766238383894693759347590977926306581080390685360615407766600573527565016914830132066428454738135380178959590692145577418811677639050929791996313180297924833690095
c = 165251729917394529793163344300848992394021337429474789711805041655116845722480301677817165053253655027459227404782607373107477419083333844871948673626672704233977397989843349633720167495862807995411682262559392496273163155214888276398332204954185252030616473235814999366132031184631541209554169938146205402400412307638567132128690379079483633171535375278689326189057930259534983374296873110199636558962144635514392282351103900375366360933088605794654279480277782805401749872568584335215630740265944133347038070337891035560658434763924576508969938866566235926587685108811154229747423410476421860059769485356567301897413767088823807510568561254627099309752215808220067495561412081320541540679503218232020279947159175547517811501280846596226165148013762293861131544331444165070186672186027410082671602892508739473724143698396105392623164025712124329254933353509384748403154342322725203183050328143736631333990445537119855865348221215277608372952942702104088940952142851523651639574409075484106857403651453121036577767672430612728022444370874223001778580387635197325043524719396707713385963432915855227152371800527536048555551237729690663544828830627192867570345853910196397851763591543484023134551876591248557980182981967782409054277224

# 维纳攻击实现
def wiener_attack(e, n):
    # 将 e/n 展开为连分数
    def continued_fractions(e, n):
        cf = []
        while n != 0:
            cf.append(e // n)
            e, n = n, e % n
        return cf

    # 计算连分数的收敛分数
    def convergents(cf):
        numerators = [0, 1]
        denominators = [1, 0]
        for i in range(len(cf)):
            numerators.append(cf[i] * numerators[i+1] + numerators[i])
            denominators.append(cf[i] * denominators[i+1] + denominators[i])
        return numerators[2:], denominators[2:]

    cf = continued_fractions(e, n)
    numerators, denominators = convergents(cf)

    # 尝试每个收敛分数来找到 k 和 d
    for i in range(len(denominators)):
        k = numerators[i]
        d = denominators[i]
        if k == 0:
            continue
        # 检查是否满足 ed - 1 = k * phi(n)
        phi_n = (e * d - 1) // k
        # 解方程 x^2 - (n - phi_n + 1)x + n = 0 来找到 p 和 q
        b = n - phi_n + 1
        discriminant = b * b - 4 * n
        if discriminant < 0:
            continue
        sqrt_discriminant = gmpy2.isqrt(discriminant)
        if sqrt_discriminant * sqrt_discriminant != discriminant:
            continue
        p = (b + sqrt_discriminant) // 2
        q = (b - sqrt_discriminant) // 2
        if p * q == n:
            return d, p, q
    return None

# 执行维纳攻击
result = wiener_attack(e, n)
if result:
    d, p, q = result
    print(f"Found d: {d}")
    print(f"Found p: {p}")
    print(f"Found q: {q}")
    # 解密消息
    m = pow(c, d, n)
    print(f"Decrypted message: {long_to_bytes(m).decode()}")
else:
    print("Wiener's Attack failed.")

也是有点难度的

最后flag为

hgame{dO|YOU:kNOw!tHE*PRINcIplE*bEhInd%WInNEr#aTTacK}

改一下

NSSCTF{dO|YOU:kNOw!tHE*PRINcIplE*bEhInd%WInNEr#aTTacK}

评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值