Crypto
暴力破解,直接怼
import string
def to_identity_map(a):
return ord(a) - 0x41
def from_identity_map(a):
return chr(a % 26 + 0x41)
def encrypt(m):
ch = m
if not ch.isalpha():
ech = ch
else:
chi = to_identity_map(ch)
ech = from_identity_map(chi + i)
return ech
enc = "DJF_CTA_SWYH_NPDKK_MBZ_QPHTIGPMZY_KRZSQE?!_ZL_CN_PGLIMCU_YU_KJODME_RYGZXL"
for i in range(len(enc)):
for c in range(65,127):
tmp = encrypt(chr(c))
if tmp == enc[i]:
print(chr(c),end='')
break
- Primary Knowledge
RSA
python3 安装 Crypto 遇到的问题参考:
https://blog.csdn.net/weixin_47419513/article/details/116942795
这里的n不是p*q的形式,所以大概率分解不出来。我们知道ed mod Φ(n) =1我们直接求私钥d
from Crypto.Util.number import long_to_bytes
n = 144595784022187052238125262458232959109987136704231245881870735843030914418780422519197073054193003090872912033596512666042758783502695953159051463566278382720140120749528617388336646147072604310690631290350467553484062369903150007357049541933018919332888376075574412714397536728967816658337874664379646535347
e = 65537
c = 15114190905253542247495696649766224943647565245575793033722173362381895081574269185793855569028304967185492350704248662115269163914175084627211079781200695659317523835901228170250632843476020488370822347715086086989906717932813405479321939826364601353394090531331666739056025477042690259429336665430591623215
phi = n-1
d = pow(e, -1, phi)
m = pow(c, d, n)
print(long_to_bytes(m).decode())
- Blunt
p = getPrime(32)
print(f'p = 0x{p:x}')
g = random.randint(1, p-1)
print(f'g = 0x{g:x}')
a = random.randint(1, p-1)
b = random.randint(1, p-1)
A, B = pow(g, a, p), pow(g, b, p)
print(f'A = 0x{A:x}')
print(f'B = 0x{B:x}')
C = pow(A, b, p)
assert C == pow(B, a, p)
写一段代码其实是Diffie-Hellman密钥交换的过程
在这里插入图片描述
原理如下:
解出共享密钥C
有限域 令 p为一个素数,集合 GF§=Zp={0,1,2,…,p−1}. sage中求解离散对数我目前知道的四个函数:
(1)discrete_log:通用的求离散对数的方法:discrete_log(a,base,ord,operation)
(2)discrete_log_rho:求离散对数的Pollard-Rho算法:discrete_log_rho(a,base,ord,operation)
(3)discrete_log_lambda:求离散对数的Pollard-kangaroo算法(也称为lambda算法):discrete_log_lambda(a,base,bounds,operation)
(4)bsgs:小步大步法:bsgs(base,a,bounds,operation)
参数说明:求解以base为底,a的对数;ord为base的阶,可以缺省,operation可以是’+‘与’‘,默认为’';bounds是一个区间(ld,ud),需要保证所计算的对数在此区间内。
ciphertext = b'\x94\x99\x01\xd1\xad\x95\xe0\x13\xb3\xacZj{\x97|z\x1a(&\xe8\x01\xe4Y\x08\xc4\xbeN\xcd\xb2*\xe6{'
C = 1739735275
hash = sha256()
hash.update(long_to_bytes(int(C)))
key = hash.digest()[:16]
iv = b'\xc1V2\xe7\xed\xc7@8\xf9\\\xef\x80\xd7\x80L*'
cipher = AES.new(key, AES.MODE_CBC, iv)
decrypted = cipher.decrypt(ciphertext)
flag = unpad(decrypted, 16)
print(flag)
参考:https://blog.csdn.net/ckm1607011/article/details/106849551