Show page

Differences

This shows you the differences between two versions of the page.

--- isc:labs:02 [2023/10/15 23:17]
florin.stancu
+++ isc:labs:02 [2025/10/13 14:09] (current)
david.gherghita [6. [10p] Feedback]
@@ Line 3: / Line 3: @@
 ===== Objectives =====
   * Basic Cryptography
-  * Block Cipher Modes
+  * Symmetric Cryptography: AES
-  * RSA
+    * Block Cipher Modes
+  * Asymmetric Cryptography: RSA
 ===== Resources =====
@@ Line 19: / Line 20: @@
 ===== Overview =====
+Cryptography refers to the technique of securing information and communications through use of codes, especially to prevent unauthorised access.
+There are two main types:
+  * Symmetric
+  * Asymmetric
 ==== Symmetric Key Encryption ====
@@ Line 118: / Line 125: @@
 ===== Exercises =====
-=== 0. [5p]  AES ECB (Warmup) ===
+=== 01. [5p] AES ECB (Warmup) ===
  It is recommended NOT to encrypt more than one block with AES in ECB mode, but in order to understand why, an image with the following header was encrypted. The encrypted photo cand be found {{isc:labs:isc-lab02-encrypted.zip|here (.zip)}}. Is it possible to figure out what the initial image was?
@@ Line 143: / Line 150: @@
 </solution>
-=== 1. [20p] AES ===
+=== 02. [20p] AES ===
  {{:isc:labs:isc-lab02-secret.zip|This file (compressed as .zip)}} was encrypted using the following code. Can you decrypt it?
-<code>
+<code python>
 from Crypto.Cipher import AES
 from Crypto import Random
@@ Line 183: / Line 190: @@
 <solution -hidden>
-<code>
+<code python>
 from Crypto.Cipher import AES
@@ Line 189: / Line 196: @@
 BLOCK_SIZE = 32
-PADDING = '#'
+PADDING = b'#'
-iv = "\x00" * 16
+iv = b'\x00' * 16
 def decrypt(key, iv, data):
@@ Line 197: / Line 204: @@
     return data
-with open('secret.enc', 'rb') as f:
+with open('isc-lab02-secret.enc', 'rb') as f:
     data = f.read()
 extr_key = data[:32]
 extr_data = data[32:]
-f_dec = open("decr.jpg", 'wb')
+f_dec = open('plain.jgp', 'wb')
 f_dec.write(decrypt(extr_key, iv, extr_data).rstrip(PADDING))
 f_dec.close()
@@ Line 209: / Line 216: @@
 </solution>
-=== 2. [20p] RSA - Known factorisation ===
+=== 03. [20p] RSA - Known factorisation ===
 In order to decrypt the ciphertext, you need to factorize n into p and q, compute phi and find d.
@@ Line 223: / Line 230: @@
 </code>
   * **Note**: the result is a decimal number, you need to convert it to an ASCII text using the snippet below:
-    <code>
+    <code python>
 print(hex(message)[2:].decode("hex"))  # python 2
 print(bytearray.fromhex(hex(message)[2:]))  # python 3
@@ Line 232: / Line 239: @@
 <solution -hidden>
-<code>
+<code python>
-#!/usr/bin/env python
 import gmpy2
-c = 48150432592505707552503950434421170873397025541574547497460326222962564730297
+c = 28822365203577929536184039125870638440692316100772583657817939349051546473185
 n = 70736025239265239976315088690174594021646654881626421461009089480870633400973
 e = 3
@@ Line 242: / Line 249: @@
 q = 238324208831434331628131715304428889871
-phi = (p-1)*(q-1)
+phi = (p - 1) * (q - 1)
 d = gmpy2.invert(e, phi)
 pt = pow(c, d, n)
-print( "plaintext: " + hex(pt)[2:].decode("hex"))
+print( "plaintext: " + bytearray.fromhex(hex(pt)[2:]).decode('utf-8'))
 </code>
 </solution>
-==== 03 [15p] Is this even OTP? ====
+==== 04. [15p] Is this even OTP? ====
   * Someone applied [[https://en.wikipedia.org/wiki/One-time_pad|one time pad]] on {{:isc:labs:isc-lab02-otp.txt|this text}}.
@@ Line 256: / Line 264: @@
     * **Hint:** bruteforce
-==== 04 [20p] Many Time Pad ====
+<solution -hidden>
+<code python>
+# Key = 1e: i_guess_it_kinda_is_otp
+from itertools import cycle
+c = 'wAyk{mmAwjAuwpzAwmAqjn'
+for i in range(0,256):
+    print("".join([chr(x[0] ^ ord(x[1])) for x in zip(cycle([i]), c)]))
+</code>
+</solution>
+==== 05. [20p] Many Time Pad ====
   * This time, {{:isc:labs:isc-lab02-many_time_pad.zip|he did use a proper key}}. Unfortunately for him, he used it for multiple encryptions.
@@ Line 262: / Line 285: @@
     * **Hint:** take a close look at the folder for this task.
-==== 05 [20p] We want Jokes instead of Nukes  ====
+<solution -hidden>
+<code>
+ALEXCTF{HERE_GOES_THE_KEY}
+</code>
+</solution>
+==== 06. [20p] We want Jokes instead of Nukes  ====
   * {{:isc:labs:isc-lab02-oracle.zip|Donald has gone completely crazy}}. To prevent world chaos, you kidnapped him. Right before the kidnapping he tried to send one encrypted message to his wife Melania. Luckily you intercepted the message. Donald admits that he used AES256-CBC encryption - a block cipher operating with a block length of 16 bytes.
@@ Line 272: / Line 303: @@
 <note important>
-If this looks cringy to you, wait until you see the assignments ;))
+If you find this cringe, just wait until you see the assignments! ;)
 </note>
-==== 6. [10p] Feedback ====
+<solution -hidden>
+<code python>
+original_iv = bytes.fromhex('7ec00bc6fd663984c1b6c6fd95ceeef1')
+original_plaintext = b'FIRE_NUKES_MELA!'
+new_plaintext = b'SEND_NUDES_MELA!'
+xor_result = bytes(a ^ b for a, b in zip(original_plaintext, new_plaintext))
+new_iv_bytes = bytes(a ^ b for a, b in zip(original_iv, xor_result))
+print("New IV in hexadecimal:", new_iv_bytes.hex())
+</code>
+</solution>
+==== 07. Feedback ====
 Please take a minute to fill in the [[https://docs.google.com/forms/d/e/1FAIpQLSeMrKoWY6UKe1N_BASUARA-HixTuvSfrEnx_FKstT-RW464NQ/viewform |feedback form]] for this lab.

isc/labs/02.1697401033.txt.gz · Last modified: 2023/10/15 23:17 by florin.stancu

Show page Old revisions

Media Manager Back to top

Differences

Lectures

Labs

Support