-
Notifications
You must be signed in to change notification settings - Fork 19
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
5 changed files
with
49 additions
and
7 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,3 +1,11 @@ | ||
| In this challenge you will decrypt a secret encrypted with a one-time pad. | ||
| In this challenge you will decrypt a secret encrypted with a [one-time pad](https://en.wikipedia.org/wiki/One-time_pad). | ||
| Although simple, this is the most secure encryption mechanism, if a) you can securely transfer the key and b) you only ever use the pad _once_. | ||
| It's also the most simple encryption mechanism: you simply _XOR_ the bits of the plaintext with the bits of the key one by one! | ||
|
|
||
| This challenge encrypts the flag with a one-time pad and then gives you the key. | ||
| Luckily, a one-time pad is a _symmetric_ cryptosystem: that is, you use the same key to encrypt and to decrypt, so you have everything you need to decrypt the flag! | ||
|
|
||
| ---- | ||
| **Fun fact:** the One-time Pad is the _only_ cryptosystem that humanity has been able to _prove_ is perfectly secure. | ||
| If you securely transfer the key, and you only use it for one message, it cannot be cracked even by attackers with infinite computational power! | ||
| We have not been able to make this proof for any other cryptosystem. |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| So, One Time Pads fail when you reuse them. | ||
| This is suboptimal: given how careful one has to be when transferring keys, it would be better if the key could be used for more than just a single message! | ||
|
|
||
| Enter: the [Advanced Encryption Standard](https://en.wikipedia.org/wiki/Advanced_Encryption_Standard), AES. | ||
| AES is relatively new: coming on the scene in 2001. | ||
| Like a One-time Pad, AES is _also_ symmetric: the same key is used to encrypt and decrypt. | ||
| Unlike a One-time Pad, AES maintains security for multiple messages encrypted with the same key. | ||
|
|
||
| In this challenge you will decrypt a secret encrypted with Advanced Encryption Standard (AES). | ||
| AES is what is called a "block cipher", encrypting one plaintext "block" of 16 bytes (128 bits) at a time. | ||
| So `AAAABBBBCCCCDDDD` would be a single block of plaintext that would be encrypted into a single block of ciphertext. | ||
|
|
||
| AES _must_ operate on complete blocks. | ||
| If the plaintext is _shorter_ than a block (e.g., `AAAABBBB`), it will be _padded_ to the block size, and the padded plaintext will be encrypted. | ||
|
|
||
| Different AES "modes" define what to do when the plaintext is longer than one block. | ||
| In this challenge, we are using the simplest mode: "[Electronic CodeBook (ECB)](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Electronic_codebook_(ECB))". | ||
| In ECB, each block is encrypted separately with the same key and simply concatenated together. | ||
| So if you are encrypting something like `AAAABBBBCCCCDDDDEEEEFFFFGGGGHHHH`, it will be split into two plaintext blocks (`AAAABBBBCCCCDDDD` and `EEEEFFFFGGGGHHHH`), encrypted separately (resulting, let's imagine, in `UVSDFGIWEHFBFFCA` and `LKXBFVYASLJDEWEU`), then concatenated (resulting the ciphertext `UVSDFGIWEHFBFFCALKXBFVYASLJDEWEU`). | ||
|
|
||
| This challenge will give you the AES-encrypted flag and the key used to encrypt it. | ||
| Decrypt the flag and score! |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,15 @@ | ||
| #!/opt/pwn.college/python | ||
|
|
||
| import base64 | ||
| from Crypto.Cipher import AES | ||
| from Crypto.Util.Padding import pad | ||
| from Crypto.Random import get_random_bytes | ||
|
|
||
| flag = open("/flag", "rb").read() | ||
|
|
||
| key = get_random_bytes(16) | ||
| cipher = AES.new(key=key, mode=AES.MODE_ECB) | ||
| ciphertext = cipher.encrypt(pad(flag, cipher.block_size)) | ||
|
|
||
| print(f"aes key: {base64.b64encode(key).decode()}") | ||
| print(f"secret ciphertext: {base64.b64encode(ciphertext).decode()}") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters