Show page

Differences

This shows you the differences between two versions of the page.

--- isc:labs:02 [2023/10/15 21:00]
florin.stancu
+++ isc:labs:02 [2025/10/13 14:09] (current)
david.gherghita [6. [10p] Feedback]
@@ Line 3: / Line 3: @@
 ===== Objectives =====
   * Basic Cryptography
-  * Block Cipher Modes
+  * Symmetric Cryptography: AES
-  * RSA
+    * Block Cipher Modes
+  * Asymmetric Cryptography: RSA
 ===== Resources =====
@@ Line 19: / Line 20: @@
 ===== Overview =====
+Cryptography refers to the technique of securing information and communications through use of codes, especially to prevent unauthorised access.
+There are two main types:
+  * Symmetric
+  * Asymmetric
 ==== Symmetric Key Encryption ====
@@ Line 118: / Line 125: @@
 ===== Exercises =====
-=== 0. [5p]  AES ECB (Warmup) ===
+=== 01. [5p] AES ECB (Warmup) ===
  It is recommended NOT to encrypt more than one block with AES in ECB mode, but in order to understand why, an image with the following header was encrypted. The encrypted photo cand be found {{isc:labs:isc-lab02-encrypted.zip|here (.zip)}}. Is it possible to figure out what the initial image was?
@@ Line 143: / Line 150: @@
 </solution>
-=== 1. [20p] AES ===
+=== 02. [20p] AES ===
  {{:isc:labs:isc-lab02-secret.zip|This file (compressed as .zip)}} was encrypted using the following code. Can you decrypt it?
-<code>
+<code python>
 from Crypto.Cipher import AES
 from Crypto import Random
@@ Line 175: / Line 181: @@
 f_out.write(enc)
 f_out.close()
+</code>
+<note info>
+You might need to install ''pycryptodome'':<code>
+pip3 install pycryptodome
 </code>
+</note>
 <solution -hidden>
-<code>
+<code python>
 from Crypto.Cipher import AES
@@ Line 185: / Line 196: @@
 BLOCK_SIZE = 32
-PADDING = '#'
+PADDING = b'#'
-iv = "\x00" * 16
+iv = b'\x00' * 16
 def decrypt(key, iv, data):
@@ Line 193: / Line 204: @@
     return data
-with open('secret.enc', 'rb') as f:
+with open('isc-lab02-secret.enc', 'rb') as f:
     data = f.read()
 extr_key = data[:32]
 extr_data = data[32:]
-f_dec = open("decr.jpg", 'wb')
+f_dec = open('plain.jgp', 'wb')
 f_dec.write(decrypt(extr_key, iv, extr_data).rstrip(PADDING))
 f_dec.close()
@@ Line 205: / Line 216: @@
 </solution>
-=== 2. [20p] RSA - Known factorisation ===
+=== 03. [20p] RSA - Known factorisation ===
 In order to decrypt the ciphertext, you need to factorize n into p and q, compute phi and find d.
@@ Line 219: / Line 230: @@
 </code>
   * **Note**: the result is a decimal number, you need to convert it to an ASCII text using the snippet below:
-    <code>
+    <code python>
 print(hex(message)[2:].decode("hex"))  # python 2
 print(bytearray.fromhex(hex(message)[2:]))  # python 3
@@ Line 228: / Line 239: @@
 <solution -hidden>
-<code>
+<code python>
-#!/usr/bin/env python
 import gmpy2
-c = 48150432592505707552503950434421170873397025541574547497460326222962564730297
+c = 28822365203577929536184039125870638440692316100772583657817939349051546473185
 n = 70736025239265239976315088690174594021646654881626421461009089480870633400973
 e = 3
@@ Line 238: / Line 249: @@
 q = 238324208831434331628131715304428889871
-phi = (p-1)*(q-1)
+phi = (p - 1) * (q - 1)
 d = gmpy2.invert(e, phi)
 pt = pow(c, d, n)
-print( "plaintext: " + hex(pt)[2:].decode("hex"))
+print( "plaintext: " + bytearray.fromhex(hex(pt)[2:]).decode('utf-8'))
 </code>
 </solution>
-<note warning>Please download {{:isc:labs:isc-lab02-crypto-extra.zip|Task Archive}} for the following tasks. </note>
+==== 04. [15p] Is this even OTP? ====
-==== 03 [15p] Is this even OTP? ====
   * Someone applied [[https://en.wikipedia.org/wiki/One-time_pad|one time pad]] on {{:isc:labs:isc-lab02-otp.txt|this text}}.
@@ Line 254: / Line 264: @@
     * **Hint:** bruteforce
-==== 04 [20p] Many Time Pad ====
+<solution -hidden>
+<code python>
+# Key = 1e: i_guess_it_kinda_is_otp
+from itertools import cycle
+c = 'wAyk{mmAwjAuwpzAwmAqjn'
+for i in range(0,256):
+    print("".join([chr(x[0] ^ ord(x[1])) for x in zip(cycle([i]), c)]))
+</code>
+</solution>
+==== 05. [20p] Many Time Pad ====
   * This time, {{:isc:labs:isc-lab02-many_time_pad.zip|he did use a proper key}}. Unfortunately for him, he used it for multiple encryptions.
@@ Line 260: / Line 285: @@
     * **Hint:** take a close look at the folder for this task.
-==== 05 [20p] We want Jokes instead of Nukes  ====
+<solution -hidden>
+<code>
+ALEXCTF{HERE_GOES_THE_KEY}
+</code>
+</solution>
+==== 06. [20p] We want Jokes instead of Nukes  ====
   * {{:isc:labs:isc-lab02-oracle.zip|Donald has gone completely crazy}}. To prevent world chaos, you kidnapped him. Right before the kidnapping he tried to send one encrypted message to his wife Melania. Luckily you intercepted the message. Donald admits that he used AES256-CBC encryption - a block cipher operating with a block length of 16 bytes.
@@ Line 269: / Line 302: @@
     * **Hint 3:** Run the given oracle with the altered IV (hex encoded) to check that the message was modified correctly.
-<note warning>
+<note important>
-If this looks cringy to you, wait until you see the assignments ;))
+If you find this cringe, just wait until you see the assignments! ;)
 </note>
-==== 6. [10p] Feedback ====
+<solution -hidden>
+<code python>
-Please take a minute to fill in the [[https://docs.google.com/forms/d/e/1FAIpQLSeMrKoWY6UKe1N_BASUARA-HixTuvSfrEnx_FKstT-RW464NQ/viewform |feedback form]] for this lab.
+original_iv = bytes.fromhex('7ec00bc6fd663984c1b6c6fd95ceeef1')
+original_plaintext = b'FIRE_NUKES_MELA!'
+new_plaintext = b'SEND_NUDES_MELA!'
+xor_result = bytes(a ^ b for a, b in zip(original_plaintext, new_plaintext))
+new_iv_bytes = bytes(a ^ b for a, b in zip(original_iv, xor_result))
+print("New IV in hexadecimal:", new_iv_bytes.hex())
+</code>
+</solution>
+==== 07. Feedback ====
+Please take a minute to fill in the [[https://docs.google.com/forms/d/e/1FAIpQLSeMrKoWY6UKe1N_BASUARA-HixTuvSfrEnx_FKstT-RW464NQ/viewform |feedback form]] for this lab.

isc/labs/02.1697392819.txt.gz · Last modified: 2023/10/15 21:00 by florin.stancu

Show page Old revisions

Media Manager Back to top

Differences

Lectures

Labs

Support