CRYPTO

最新推荐文章于 2024-04-27 08:00:00 发布
最新推荐文章于 2024-04-27 08:00:00 发布
阅读量1.1k 收藏 5
点赞数 2
分类专栏: CTF积累及刷题 文章标签: 安全
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/wow0524/article/details/124404042
版权

目录

有p、q、e,求d

有e、n、c,用yafu中分解n,得到p、q

p、q相差过大或过小

有n1、n2,公因数分解n

有n1、n2、c1、c2,公因数分解n

有dp、dq、p、q、c,无e

低加密指数广播攻击

需要自己根据逻辑构造

gmpy2.gcd(a,b)求a、b的最大公因数

getFrime()生成多少位的素数,常见的512,1024

pow()和gmpy2.powmod()差不多,都是c的d次幂模n取余

gmpy2.invert(a,b)求大整数a模b的逆元

gmpy2.iroot(9,2)对9开平方根,返回True开根完全,返回False开根不完全

inverse()

有p、q、e,求d

p=473398607161

q=4511491

e=17

from Crypto.Util.number import *
import gmpy2
p=473398607161
q=4511491
e=17
n=(p-1)*(q-1)
d=gmpy2.invert(e,n)
print(d)

有e、n、c,用yafu中分解n,得到p、q

e= 0x10001

n= 0x693de79988f0a223c218a3df5a38a0c2017e0c6229ab453997

c= 0x5735b2f81f688b2688abc8f2173116f1513a74511f4cf3717a

yafu能把n分解成最大的两个素数,还有一个在线网站http://factordb.com/

P31 = 1015160638425039120874927280779

P30 = 650747828183128078958464225957

解密脚本

from Crypto.Util.number import *
import gmpy2
e= 0x10001
n= 0x693de79988f0a223c218a3df5a38a0c2017e0c6229ab453997
c= 0x5735b2f81f688b2688abc8f2173116f1513a74511f4cf3717a 
P31 = 1015160638425039120874927280779
P30 = 650747828183128078958464225957
N=(P30-1)*(P31-1)
d=gmpy2.invert(e,N)
m=gmpy2.powmod(c,d,n)#c的d次幂魔n取余
flag=long_to_bytes(m)
print(flag)

加密脚本

from Crypto.Util.number import *
import gmpy2
msg=b'flag is :testflag'
hex_msg=bytes_to_long(msg)
p=getPrime(100)
q=getPrime(100)
n=p*q
e=0x10001
phi=(p-1)*(q-1)
c=pow(hex_msg,e,n)
print("e=",hex(e))
print("n=",hex(n))
print("c=",hex(c))

p、q相差过大或过小

e= 0x10001

n= 0x6b08faacfb1b13b1b6c84e10ab01f6d3c254de08cc01be25343d14f8d408c4d57e09c38877ab411057dd14bd334249034b97276813fca3c05d980c421e8fabc415625d1ed78fbf447fb641c40b6030f2db929ab05b8625b1350876610dc13c00ce4bd625154bd6bd29fdfbfc7294d541ddac8adaeb8f5cefb50a012700f82e2b

c= 0x3847d8536cf53bfaa2d0007d790f746385d21a24e902ab1b7f5d36b9f5039817e86ba0440831f380d0af1f7058348891cd7cd3ce6d3059c2cf5b652c48fb0d0955dd75056468693d5facae78fbaaa9468ac74d25c23b0b9dffc7fc6736589655f70b7b2bd3f4fd56c255c8e31c49dab759c388d2640927313408d541dedfc360

p = 8669635848998823845146186787813430355139995793136698539760193296899185053118320398807820345722385955299452180252635026472458896431842612592795677684217449

q = 8669635848998823845146186787813430355139995793136698539760193296899185053118320398807820345722385955299452180252635026472458896431842612592795677684217203

解密脚本

from Crypto.Util.number import *
import gmpy2
e= 0x10001
n= 0x6b08faacfb1b13b1b6c84e10ab01f6d3c254de08cc01be25343d14f8d408c4d57e09c38877ab411057dd14bd334249034b97276813fca3c05d980c421e8fabc415625d1ed78fbf447fb641c40b6030f2db929ab05b8625b1350876610dc13c00ce4bd625154bd6bd29fdfbfc7294d541ddac8adaeb8f5cefb50a012700f82e2b
c= 0x3847d8536cf53bfaa2d0007d790f746385d21a24e902ab1b7f5d36b9f5039817e86ba0440831f380d0af1f7058348891cd7cd3ce6d3059c2cf5b652c48fb0d0955dd75056468693d5facae78fbaaa9468ac74d25c23b0b9dffc7fc6736589655f70b7b2bd3f4fd56c255c8e31c49dab759c388d2640927313408d541dedfc360
p = 8669635848998823845146186787813430355139995793136698539760193296899185053118320398807820345722385955299452180252635026472458896431842612592795677684217449
q = 8669635848998823845146186787813430355139995793136698539760193296899185053118320398807820345722385955299452180252635026472458896431842612592795677684217203

N=(p-1)*(q-1)
d=gmpy2.invert(e,N)
m=gmpy2.powmod(c,d,n)#c的d次幂魔n取余
flag=long_to_bytes(m)
print(flag)

有n1、n2,公因数分解n

e= 0x10001

n1= 0x66713d5ea32148e8fa38253bdf27f92b260f96918df4fa9cac448e416b6348a225d09fdf74eef64b64cd25c343e1a53cd55504d800fc8da5ed67a69e456ade46265f53daea67670ed872dd0a4857f8f2345e47208a00e72603af28b4835a8acdc97c382871df97f2f06b948c1be172add0856f9f13ab82b38f3e7f244306a58d

n2= 0x522c8618048f09cdd2b9ada2f4d9b9a8257ee27584381e792a868ea2d62bd99e03527bd88bea5ffd1d3ad8da6cbd32ac1a2499eeee271e4611604cc32edb17074e2fddcb5f9f2e9fe29397a4bf8d6c2d5a54aea220facb265d8e4cb6c59e5161e02f7241c5c1daeb8428cec384fdb06786a1bde6d265845bcbc37a735027939f

c= 0x14400c29a4d0323fd0df6bc2590893efe3089a3d9756895ee5768f7b712421487bfb117d1f9f242d0bfa8ba1d774562b30520063d44b091ca81ef5c8f3547e2a8f1d69b5c49d19d67dbc5615b4a7b539b41bc1a92fca69f281abd3573e97ddaab46995fc6c1470c1aeaf4231e874f503b307203eb1ede71c07e9d1c2ccdfe18a

解密脚本

from Crypto.Util.number import *
import gmpy2
e= 0x10001
n1= 0x66713d5ea32148e8fa38253bdf27f92b260f96918df4fa9cac448e416b6348a225d09fdf74eef64b64cd25c343e1a53cd55504d800fc8da5ed67a69e456ade46265f53daea67670ed872dd0a4857f8f2345e47208a00e72603af28b4835a8acdc97c382871df97f2f06b948c1be172add0856f9f13ab82b38f3e7f244306a58d
n2= 0x522c8618048f09cdd2b9ada2f4d9b9a8257ee27584381e792a868ea2d62bd99e03527bd88bea5ffd1d3ad8da6cbd32ac1a2499eeee271e4611604cc32edb17074e2fddcb5f9f2e9fe29397a4bf8d6c2d5a54aea220facb265d8e4cb6c59e5161e02f7241c5c1daeb8428cec384fdb06786a1bde6d265845bcbc37a735027939f
c= 0x14400c29a4d0323fd0df6bc2590893efe3089a3d9756895ee5768f7b712421487bfb117d1f9f242d0bfa8ba1d774562b30520063d44b091ca81ef5c8f3547e2a8f1d69b5c49d19d67dbc5615b4a7b539b41bc1a92fca69f281abd3573e97ddaab46995fc6c1470c1aeaf4231e874f503b307203eb1ede71c07e9d1c2ccdfe18a 

q=gmpy2.gcd(n1,n2)#n1、n2的最大公因数
p1=n1//q
p2=n2//q
phi_n1=(p1-1)*(q-1)
d=gmpy2.invert(e,phi_n1)
m=pow(c,d,n1)
flag=long_to_bytes(m)
print(flag)

单斜杠/除,得到浮点数,双斜杠//整除,得到整数,四舍五入

有n1、n2、c1、c2,公因数分解n

from Crypto.Util.number import *
import gmpy2
e=65537
n1=23220619839642624127208804329329079289273497927351564011985292026254914394833691542552890810511751239656361686073628273309390314881604580204429708461587512500636158161303419916259271078173864800267063540526943181173708108324471815782985626723198144643256432774984884880698594364583949485749575467318173034467846143380574145455195152793742611717169602237969286580028662721065495380192815175057945420182742366791661416822623915523868590710387635935179876275147056396018527260488459333051132720558953142984038635223793992651637708150494964785475065404568844039983381403909341302098773533325080910057845573898984314246089
n2=22642739016943309717184794898017950186520467348317322177556419830195164079827782890660385734113396507640392461790899249329899658620250506845740531699023854206947331021605746078358967885852989786535093914459120629747240179425838485974008209140597947135295304382318570454491064938082423309363452665886141604328435366646426917928023608108470382196753292656828513681562077468846105122812084765257799070754405638149508107463233633350462138751758913036373169668828888213323429656344812014480962916088695910177763839393954730732312224100718431146133548897031060554005592930347226526561939922660855047026581292571487960929911
c1=9700614748413503291260966231863562117502096284616216707445276355274869086619796527618473213422509996843430296526594113572675840559345077344419098900818709577642324900405582499683604786981144099878021784567540654040833912063141709913653416394888766281465200682852378794478801329251224801006820925858507273130504236563822120838520746270280731121442839412258397191963036040553539697846535038841541209050503061001070909725806574230090246041891486506980939294245537252610944799573920844235221096956391095716111629998594075762507345430945523492775915790828078000453705320783486744734994213028476446922815870053311973844961
c2=20513108670823938405207629835395350087127287494963553421797351726233221750526355985253069487753150978011340115173042210284965521215128799369083065796356395285905154260709263197195828765397189267866348946188652752076472172155755940282615212228370367042435203584159326078238921502151083768908742480756781277358357734545694917591921150127540286087770229112383605858821811640935475859936319249757754722093551370392083736485637225052738864742947137890363135709796410008845576985297696922681043649916650599349320818901512835007050425460872675857974069927846620905981374869166202896905600343223640296138423898703137236463508

q=gmpy2.gcd(n1,n2)
#print(q)
q=138376604533530412400239558340424700312412702699022481119357799054715877829291635290832719835033140580690053865677079316241919169166375123691917675235979462772103681398725285808551041924624882840901583892858174270714471366531758975241868470938138238307005782651296179579961869801841395682782645916848523771439
p1=n1//q
p2=n2//q
phi1=(p1-1)*(q-1)
phi2=(p2-1)*(q-1)
d1=gmpy2.invert(e,phi1)
d2=gmpy2.invert(e,phi2)
m1=pow(c1,d1,n1)
m2=pow(c2,d2,n2)
flag1=long_to_bytes(m1)
flag2=long_to_bytes(m2)
print(flag1+flag2)

有dp、dq、p、q、c,无e

dp=d%(p-1)d对p-1取余

dq=d%(q-1)d对q-1取余

两个式子是同余式

解题思路1:

式子变形代换

解密脚本 

from Crypto.Util.number import *
import gmpy2
import gmpy2
import binascii
def decrypt(dp,dq,p,q,c):
    InvQ = gmpy2.invert(q,p)#p关于q的逆元
    mp = pow(c,dp,p)
    mq = pow(c,dq,q)
    m=(((mp-mq)*InvQ)%p)*q+mq
    print (binascii.unhexlify(hex(m)[2:]))

p=0xf85d730bbf09033a75379e58a8465f8048b8516f8105ce2879ce774241305b6eb4ea506b61eb7e376d4fcd425c76e80cb748ebfaf3a852b5cf3119f028cc5971
q=0xc1f34b4f826f91c5d68c5751c9af830bc770467a68699991be6e847c29c13170110ccd5e855710950abab2694b6ac730141152758acbeca0c5a51889cbe84d57
dp=0xf7b885a246a59fa1b3fe88a2971cb1ee8b19c4a7f9c1a791b9845471320220803854a967a1a03820e297c0fc1aabc2e1c40228d50228766ebebc93c97577f511
dq=0x865fe807b8595067ff93d053cc269be6a75134a34e800b741cba39744501a31cffd31cdea6078267a0bd652aeaa39a49c73d9121fafdfa7e1131a764a12fdb95
c=0xae05e0c34e2ba4ca3536987cc2cfc3f1f7f53190164d0ac50b44832f0e7224c6fdeebd2c91e3991e7d179c26b1b997295dc9724925ba431f527fba212703a0d14a34ce133661ae0b6001ee326303d6ccdc27dbd94e0987fae25a84f197c1535bdac9094bfb3846b7ca696b2e5082bea7bff804da275772ca05dd51b185a4fc30
decrypt(dp,dq,p,q,c)

解密思路2:

中国剩余定理直接把d求解出来,前提p-1和q-1互质,即gcd(p-1,q-1)=1

eg:

c_mod_p = 1062384575136942194457401502734355664153040886120004084031121

c_mod_q = 255520115722444172168148366934668388396463537147929322939703

就等于c=c_mod_p (mod p)、c=c_mod_q (mod q)

c=c_mod_p*inverse(q,p)*q+c_mod_q*inverse(p,q)*p 

 解密脚本

from sympy.ntheory.modular import crt
from gmpy2 import iroot,invert
from Crypto.Util.number import *
p = 12922128058767029848676385650461975663483632970994721128398090402671357430399910236576943902580268365115559040908171487273491136108931171215963673857907721
q = 10395910293559541454979782434227114401257890224810826672485874938639616819909368963527556812339196570118998080877100587760101646884011742783881592586607483
r = 8104533688439480164488403019957173637520526666352540480766865791142556044817828133446063428255474375204188144310967625626318466189746446739697284656837499
dp = 73360412924315743410612858109886169233122608813546859531995431159702281180116580962235297605024326120716590757069707814371806343766956894408106019058184354279568525768909190843389534908163730972765221403797428735591146943727032277163147380538250142612444372315262195455266292156566943804557623319253942627829
dq = 40011003982913118920477233564329052389422276107266243287367766124357736739027781899850422097218506350119257015460291153483339485727984512959771805645640899525080850525273304988145509506962755664208407488807873672040970416096459662677968243781070751482234692575943914243633982505045357475070019527351586080273
dr = 21504040939112983125383942214187695383459556831904800061168077060846983552476434854825475457749096404504088696171780970907072305495623953811379179449789142049817703543458498244186699984858401903729236362439659600561895931051597248170420055792553353578915848063216831827095100173180270649367917678965552672673
c = 220428832901130282093087304800127910055992783874826238869471313726515822196746908777026147887315019800546695346099376727742597231512404648514329911088048902389321230640565683145565701498095660019604419213310866468276943241155853029934366950674139215056682438149221374543291202295130547776549069333898123270448986380025937093195496539532193583979030254746589985556996040224572481200667498253900563663950531345601763949337787268884688982469744380006435119997310653
N = [(q-1)*(r-1),(p-1)*(r-1),(p-1)*(q-1)]
C = [dp,dq,dr]
phi = (p-1)*(q-1)*(r-1)
d = crt(N,C)[0]#中国剩余定理,返回的第一个数是结果
e = invert(d,phi)
n = p * q * r
m = pow(c,d,n)
print(long_to_bytes(m))

低加密指数广播攻击

如果选取的加密指数较低,并且使用了相同的加密指数给一个接受者的群发送相同的信息,那么可以进行广播攻击得到明文。
这个识别起来比较简单,一般来说都是给了三组加密的参数和明密文,其中题目很明确地能告诉你这三组的明文都是一样的,并且e 都取了一个较小的数字。
('n=',
'0x683fe30746a91545a45225e063e8dc64d26dbf98c75658a38a7c9dfd16dd38236c7aae7de5cbb
f67056c9c57817fd3da79dc4955217f43caefde3b56a46acf5dL', 'e=', '0x7', 'c=',
'0x673c72ace143441c07cba491074163c003f1a550eab56b1255e5ea9fa2bbd68fd6a9ccb48db9f
d66d5dfc6a55c79cad3d9de53f700a1e3c2a29731dc56ba43cdL')
('n=',
'0xa39292e6ad271bb6a2d1345940dfab8001a53d28bc7468f285d2873d784004c2653549c589dae
91c6d8238977ff1c4bea4f17d424a0fc4d5587661cc7dde3a77L', 'e=', '0x7', 'c=',
'0x6111357d180d966a495f38566ebe4ea51fa0d54159b22bbd443cde9387687d87c08638483b392
21883453a5ad09f6a0e3726b214e8e333037d178a3d0f125343L')
('n=',
'0x52c32366d84d34564a5fdc1650fc401c41ad2a63a2d6ef57c32c7887bb25da9d42c0acfb887c6
334c938839c9a43aca93b2c7468915d1846576f92c342046d1fL', 'e=', '0x7', 'c=',
'0x26cd2225c0229b6a3f1d1d685e53d114aa3d792737d040fbc14189336ac12fb780872792b0c0b
259847badffd1427897ede0d60247aa5e79633f27ccb43e7cc2L') 
import binascii,gmpy2
from functools import reduce
n =  [
0x683fe30746a91545a45225e063e8dc64d26dbf98c75658a38a7c9dfd16dd38236c7aae7de5cbbf67056c9c57817fd3da79dc4955217f43caefde3b56a46acf5d,
0xa39292e6ad271bb6a2d1345940dfab8001a53d28bc7468f285d2873d784004c2653549c589dae91c6d8238977ff1c4bea4f17d424a0fc4d5587661cc7dde3a77,
0x52c32366d84d34564a5fdc1650fc401c41ad2a63a2d6ef57c32c7887bb25da9d42c0acfb887c6334c938839c9a43aca93b2c7468915d1846576f92c342046d1f
]
c =  [
0x673c72ace143441c07cba491074163c003f1a550eab56b1255e5ea9fa2bbd68fd6a9ccb48db9fd66d5dfc6a55c79cad3d9de53f700a1e3c2a29731dc56ba43cd,
0x6111357d180d966a495f38566ebe4ea51fa0d54159b22bbd443cde9387687d87c08638483b39221883453a5ad09f6a0e3726b214e8e333037d178a3d0f125343,
0x26cd2225c0229b6a3f1d1d685e53d114aa3d792737d040fbc14189336ac12fb780872792b0c0b259847badffd1427897ede0d60247aa5e79633f27ccb43e7cc2
]
def CRT(mi, ai):
    assert(reduce(gmpy2.gcd,mi)==1)
    assert (isinstance(mi, list) and isinstance(ai, list))
    M = reduce(lambda x, y: x * y, mi)
    ai_ti_Mi = [a * (M / m) * gmpy2.invert(M / m, m) for (m, a) in zip(mi, ai)]
    return reduce(lambda x, y: x + y, ai_ti_Mi) % M
e=0x7
m=gmpy2.iroot(CRT(n, c), e)[0]
print(binascii.unhexlify(hex(m)[2:].strip("L")))

需要自己根据逻辑构造

 题目

from Crypto.Util.number import *
flag=b'ayyctf{********************************}'
m=bytes_to_long(flag)
p=getPrime(512)
q=getPrime(512)
n=p*q
e=65537
a=int(pow((q+p),2021,n))
#a=(p+q)^2021modn
b=int(pow(p+2021,q,n))
#b=(p+2021)^qmodn
c=pow(m,e,n)
print(a)
print(b)
print(n)
print(e)
print(c)

思路 

解密脚本 

from Crypto.Util.number import *
from gmpy2 import *
import gmpy2
a=5103846095058837826533402149242459623116741056900904635444178105018456469063341485025499589260359217002833113578488481096840756048289197338355080338170802272734698546046913185087990380111834786149967211337235966852306114497814864800891588988775898366586536929555302403437591334583001625857000847673880447252
b=26771101448371809712493965596854280617394225840747583300013662469009848764358662921731128579324915661803232716821878808964633490631493347770926346776566731634319175724287223812661457093077196078615336273781278859542111613819926301051471500180524867979142124254096593062142070928714942890641308753744724073188
n=53016402085215905751416998530498897273488515673331323096071492631853386973676398633913071498355585116741080541512136813152153473182140213381363715447853626214946536184632334863858741264074651269934687636538474951679134631838434995054785142764005473538540096313051228255446005617623341207263724547355340055839
e=65537
c=38734255030727970140226787234825898789436456215317162782278917732505406055231757667143712692343007555074626177385398228678433448990347704807466654392217721526924467501395876402524959654461401540641392173558650127608595475995309452340613031386635847907167845630406086717759704494017466917178895481349400437398
q=gmpy2.gcd(pow((b-2021),2021,n)-a,n)
p=n//q
e=65537
phi=(p-1)*(q-1)
d=gmpy2.invert(e,phi)
m=pow(c,d,n)
print(long_to_bytes(m))
五五六六0524
关注
  • 2
    点赞
  • 5
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
PyCrypto密码学库源码解析(一)随机数和大素数生成
O_1CxH的博客
08-14 9672
密码技术实践——Python Crypto库源码解析(一) 随机数生成 本系列文章(Python Crypto库源码解析)主要讲解Python的密码学工具库Crypto的源码中各个技术实现的原理和细节。 本文((一) 随机数生成 )主要说明该库中的Util.number模块,也就是主要负责生成随机数/符合RSA要求的素数的模块。 如果学习过密码学原理相关课程的朋友可以跳过0.本文需要用到的背...
Python3中gmpy2常用的函数及功能
m0_74030040的博客
03-26 1538
Python3中gmpy2常用的函数及功能
每天一题crypto(5)--RSA基础
最新发布
2301_80284843的博客
04-27 214
rsa
[GKCTF 2021]RRRRsa
m0_57291352的博客
08-15 614
[GKCTF 2021]RRRRsa 题目 from Crypto.Util.number import * from gmpy2 import gcd flag = b'xxxxxxxxxxxxx' p = getPrime(512) q = getPrime(512) m = bytes_to_long(flag) n = p*q e = 65537 c = pow(m,e,n) print('c={}'.format(c)) p1 = getPrime(512) q1 = getPrime(512
gmpy2笔记转载
qq_45440710的博客
11-23 502
Encoding=UTF-8 import gmpy2 gmpy2.mpz(x) 初始化一个大整数x gmpy2.mpfr(x) 初始化一个高精度浮点数x C = gmpy2.powmod(M,e,n) 幂取模,结果是 C = (M^e) mod n d = gmpy2.invert(e,n) # 求逆元,de = 1 mod n gmpy2.is_prime(n) # 判断n是不是素数 gmpy...
gmpy2库的常用函数及其作用
Luiino的博客
05-06 9522
第一次做RSA题,去找题解,发现得用上gmpy2库,下好之后去了解了一下gmpy2库的常用函数 注:一般是用这个库来解决一些大整数之间的各种计算,下面的例子都是举的常规数 1、求两整数的最大公因数 import gmpy2 #求整数a、b的最大公因数 a = gmpy2.gcd(3,12) print(a) 输出:3 2、判断一个数是否为素数 import gmpy2 #判断一个数是否为素数 a = gmpy2.is_prime(5) print(a) 输出:True 3、判断一个数是否
Crypto
03-14
在IT行业中,"Crypto"通常指的是加密技术,它涉及到一系列用于保护数据安全的方法。加密是将明文(可读信息)转换为密文(不可读信息)的过程,以防止未经授权的访问。在JavaScript中,加密库和算法被广泛应用于网络...
IIS Crypto 3.2 下载
07-26
IIS Crypto 是一个免费工具,让管理员能够在 Windows Server 2008、2012、2016 和 2019 上启用或禁用协议、密码、哈希和密钥交换算法。一键禁用不安全的 SSL 3、TLS 1.0,开启TLS 1.2、TLS 1.3 非常方便
python3 Crypto和/crypto-1.4.1.dist-info
04-02
在进行安全相关的编程时,加密库是必不可少的工具,而 `Crypto` 模块就是Python3中的一个加密库,用于实现各种加密算法和密码学功能。然而,对于初学者或者不熟悉Windows环境的开发者来说,安装 `Crypto` 库可能会...
crypto
03-28
crypto
CTF-Crypto-RSA整理
Love&Share
10-28 1万+
rsa基本参数 N:大整数N,我们称之为模数(modulus) p 和 q :大整数N的两个因子(factor) e 和 d:互为模反数的两个指数(exponent) c 和 m:分别是密文和明文 {N,e}称为公钥,{N,d}称为私钥 加密过程: c=m^e mod n c=pow(m,e,n) 解密过程: m=c^d mod n m=pow(c,d,n) 求解私钥d: d = gmpy2.invert(e, (p-1)*(q-1)) 一般来说,n,e是公开的,但是由于n一般是两
[UIUCTF 2023] crypto
weixin_52640415的博客
07-04 384
B^k == 1 mod p , Pohlig–Hellman法求子域值
gmpy2
、moddemod
12-25 2666
写在前面的话 文章的环境是在ArchLinux下,python版本为最新3.8,如果是windows可能安装过程会遇到很多问题,可以在网上找找解决方法! pipenv install gmpy2 pipenv install libnum 默认安装libnum安装了gmpy2,所以可直接安装libnum! gmpy2 gmpy2是一个C编码的Python扩展模块,它支持多精度算术。gmpy模块仅支持GMP多重精度库。gmpy2增加了对MPFR和MPC库的支持。gmpy2还更新了API和命名约定,使其更加
[XNUCA2018]Warmup(考点:流量包文件提取,RSA共模攻击)
MikeCoke的博客
02-18 610
题目: from Crypto.Util.number import bytes_to_long, getPrime from random import randint from gmpy2 import powmod import sys p = getPrime(1024) q = getPrime(1024) N = p*q Phi = (p-1)*(q-1) with open("flag", 'r') as fr: flag = bytes_to_long(fr.read().strip(
2022鹏城杯CTF---Crypto
Luiino的博客
09-18 2210
第一部分,e与phi_n不互素,gcd(e,phi_n) == 4,此时e对phi_n没有逆元,但gcd(e//t,phi_n) == 1。mod n,由上面的for循环可以知道M与初始m的关系:M = m * (p-q-1)!对n进行分解,得到p、q,小的是q。记print(pow(m,e,n))里的m为M,故有c2 =第三部分, 看到M = 2022 * m * 1011 * p,又n = p*q,且c =记两输出结果分别为c1、c2,由print(pow(2,e,n))可以得到:c1 =
中英文排序
热门推荐
小菜张的博客
04-09 7万+
https://www.jianshu.com/p/f03fd3995e8b var arr4 =["a北京","b啊蒋介石的",'武汉', '北京', '暧昧', '天津',"a行行行","是的","cs是否","b阿斯蒂芬","陛下","啊破"]; //先按照中文排序,这样相同字母,中文的就在前面。 var resultArray = arr4.sort((param1, param2)=>{ return param1.localeCompare(param2,"zh")
Android OrangePi 4G IOT(二) - MTK更换调试串口
iTom1900
05-14 2841
一、OrangePi 4G IOT简介 香橙派Orange Pi 4G-IOT是一款开源的单板电脑,新一代的arm开发板,它可以运行Android6.0、Lunix等操作系统。香橙派Orange Pi 4G-IOT使用MTK系列MT6737 CPU,同时拥有1GB DDR3 内存。
ISCC 2017 部分解题记录 By Assassin
Assassin
06-04 4564
Basic 50 Wheel Cipher 加密表: 1: < ZWAXJGDLUBVIQHKYPNTCRMOSFE < 2: < KPBELNACZDTRXMJQOYHGVSFUWI < 3: < BDMAIZVRNSJUWFHTEQGYXPLOCK < 4: < RPLNDVHGFCUKTEBSXQYIZMJWAO < 5: < IHFRLABEUOTSGJVDKCPMNZQWXY
nodejs crypto
07-28
Node.js 中的 crypto 是一个内置模块,用于提供加密和解密功能。它支持各种加密算法和操作,包括哈希函数、对称加密和非对称加密。你可以使用 crypto 模块来实现数据的加密、解密、签名和验证等操作。 要使用 ...

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值