2023Ciscn初赛WriteUp
2023Ciscn初赛WriteUp
基于国密SM2算法的密钥密文分发
SM2 密钥在线生成工具 (const.net.cn)生成密钥,发送公钥
allkey接口返回服务器端pubkey明文,privatekey密文以及randomString密文
search接口可以直接拿到randomstring明文也就是C
用C作为密钥用SM4_CBC解密privatekey
quantum拿密文,用上面解出的privatekey解出明文,然后check通过
可信度量
传统艺能非预期:grep -ra “flag{” / 2>/dev/null
Sign_in_passwd
一共两行,第一行base64密文,用第二行URLdecode后作为base64换表,解出flag
BB84
exp:
f = open('info.csv', 'r')
l0 = [int(i) for i in f.readline().split(',')[1:]]
l1 = [int(i) for i in f.readline().split(',')[1:]]
l2 = [int(i) for i in f.readline().split(',')[1:]]
l3 = [int(i) for i in f.readline().split(',')[1:]]
l4 = [int(i) for i in f.readline().split(',')[1:]]
k = ''
for i in range(3000):
if l1[i] + l2[i] + l3[i] + l4[i] == 1:
if (l0[i] == 1 or l0[i] == 2) and (l1[i] != 1 and l2[i] != 1):
continue
elif (l0[i] == 3 or l0[i] == 4) and (l3[i] != 1 and l4[i] != 1):
continue
elif l0[i] == 1 or l0[i] == 3:
k += '0'
elif l0[i] == 2 or l0[i] == 4:
k += '1'
else:
exit(0)
print(k)
m = len(k)
print(len(k))
a = 1709
b = 2003
x = 17
k1 = ''
for i in range(336):
k1 += k[x]
x = (x*a+b)%m
print(k1)
k1 = int(k1,2)
print(k1)
c =
m = k1^c
from Crypto.Util.number import *
print(long_to_bytes(m))
badKey1
定位到唯一有可能会出问题的代码:
if Integer(n).gcd(d) != 1:
raise ValueError("RSA private exponent is not coprime to modulus")
# Modulus must be product of 2 primes
考虑使\(d=k_1*p\)
\(e*d=k_2(p-1)(q-1)+1\)
\(ek_1p=k_2(p-1)(q-1)+1\)
可得\(p*[(q-1)*k_2-k_1*e]=(q-1)*k_2-1\)
对上式模e可得 \((q-1)*k_2-1 \equiv p*(q-1)*k_2 \pmod{e}\)
exp:
e = 65537
while True:
q = getPrime(512)
for k2 in range(e):
x = (q-1)*k2
x %= e
if x == 0:
continue
if ((q-1)*k2-1) % x == 0:
p = ((q-1)*k2-1)//x
if isPrime(p) and p.bit_length()==512:
print(p,q)
break