通过对源代码进行审计,可以发现是分组加密,而每次分组加密时,对于每一个比特位而言,他与key中进行异或操作的数都是一样的,从这里我们可以发现,如果我们知道一组明文和它对应的密文,那么,我们就能知道这将会形成一种映射关系.通过这种关系我们可以判断其他明文组的比特位情况.然后就可以还原每一位比特,显然题目给了我们大量的明文密文对,我们可以很轻松地还原密文成明文.
from Crypto.Util.number import bytes_to_long
from Crypto.Util.number import long_to_bytes
pbox1 = [22, 28, 2, 21, 3, 26, 6, 14, 7, 16, 15, 9, 17, 19, 8, 11, 10, 1, 13, 31, 23, 12, 0, 27, 4, 18, 30, 29, 24, 20, 5, 25]
pbox2 = [17, 6, 7, 27, 4, 20, 11, 22, 2, 19, 9, 24, 23, 31, 15, 10, 18, 28, 5, 0, 16, 29, 25, 8, 3, 21, 30, 12, 14, 13, 1, 26]
f=[2670163133,2168059145,2640667901,1361473960,4285198444,1462920522,1669035357,1836344829,292090312,1735062728,2338346668]
tmp="flag"
tmp=bin(3972024911)[2:].zfill(32)
emtmp=bin(3661089527)[2:].zfill(32)
dic={}
for i in range(32):
dic[i]=pbox2.index(pbox1.index(i))
print(dic)
flag=''
for x in f:
x = bin(x)[2:].zfill(32)
for i in range(32):
if (emtmp[dic[i]] == x[dic[i]]):
flag += tmp[i]
else:
flag += str(eval(tmp[i]) ^ 1)
print(long_to_bytes(eval('0b'+flag)))
#flag{843f4cf5-8edc-49e7-9fd2-7cb31840c10f}