RSA合集
目录
工具:
简单模板1
RSA
RSA4
[NCTF2019]babyRSA 未完
[ACTF新生赛2020]crypto-rsa3
[NCTF2019]childRSA
[BJDCTF2020]easyrsa z是啥
[BJDCTF2020]RSA 另一种解法还没看呢
工具:
1、在线大数分解 有网络时可用,或者使用在线网站也可以
2、
3、yafu-1.34 无法使用网络时的工具 速度慢,适用于n比较小的情况
简单模板1
import gmpy2
p=
q=
n=p*q
e=
c=
phin=(p-1)*(q-1)
d=gmpy2.invert(e,phin)m=pow(c,d,n)
print(m)
print(hex(m)[2:])
print(bytes.fromhex(hex(m)[2:]))RSA
[WUSTCTF2020]babyrsa
基本操作
Dangerous RSA
#n: 0x52d483c27cd806550fbe0e37a61af2e7cf5e0efb723dfc81174c918a27627779b21fa3c851e9e94188eaee3d5cd6f752406a43fbecb53e80836ff1e185d3ccd7782ea846c2e91a7b0808986666e0bdadbfb7bdd65670a589a4d2478e9adcafe97c6ee23614bcb2ecc23580f4d2e3cc1ecfec25c50da4bc754dde6c8bfd8d1fc16956c74d8e9196046a01dc9f3024e11461c294f29d7421140732fedacac97b8fe50999117d27943c953f18c4ff4f8c258d839764078d4b6ef6e8591e0ff5563b31a39e6374d0d41c8c46921c25e5904a817ef8e39e5c9b71225a83269693e0b7e3218fc5e5a1e8412ba16e588b3d6ac536dce39fcdfce81eec79979ea6872793L
#e: 0x3
#c:0x10652cdfaa6b63f6d7bd1109da08181e500e5643f5b240a9024bfa84d5f2cac9310562978347bb232d63e7289283871efab83d84ff5a7b64a94a79d34cfbd4ef121723ba1f663e514f83f6f01492b4e13e1bb4296d96ea5a353d3bf2edd2f449c03c4a3e995237985a596908adc741f32365
so,how to get the message?
C=M^e % n (C密文,M明文)
k*n+C=M^e,e=3,求M,直接开方
from gmpy2 import iroot
import libnum
n = 0x52d483c27cd806550fbe0e37a61af2e7cf5e0efb723dfc81174c918a27627779b21fa3c851e9e94188eaee3d5cd6f752406a43fbecb53e80836ff1e185d3ccd7782ea846c2e91a7b0808986666e0bdadbfb7bdd65670a589a4d2478e9adcafe97c6ee23614bcb2ecc23580f4d2e3cc1ecfec25c50da4bc754dde6c8bfd8d1fc16956c74d8e9196046a01dc9f3024e11461c294f29d7421140732fedacac97b8fe50999117d27943c953f18c4ff4f8c258d839764078d4b6ef6e8591e0ff5563b31a39e6374d0d41c8c46921c25e5904a817ef8e39e5c9b71225a83269693e0b7e3218fc5e5a1e8412ba16e588b3d6ac536dce39fcdfce81eec79979ea6872793
c = 0x10652cdfaa6b63f6d7bd1109da08181e500e5643f5b240a9024bfa84d5f2cac9310562978347bb232d63e7289283871efab83d84ff5a7b64a94a79d34cfbd4ef121723ba1f663e514f83f6f01492b4e13e1bb4296d96ea5a353d3bf2edd2f449c03c4a3e995237985a596908adc741f32365
k = 0
while 1:res=iroot(c+k*n,3)if(res[1]==True):print(libnum.n2s(res[0]))breakk=k+1
[HDCTF2019]bbbbbbrsa
from base64 import b64encode as b32encode
from gmpy2 import invert,gcd,iroot
from Crypto.Util.number import *
from binascii import a2b_hex,b2a_hex
import randomflag = "******************************"nbit = 128p = getPrime(nbit)
q = getPrime(nbit)
n = p*qprint p
print nphi = (p-1)*(q-1)e = random.randint(50000,70000)while True:if gcd(e,phi) == 1:break;else:e -= 1;c = pow(int(b2a_hex(flag),16),e,n)print b32encode(str(c))[::-1]# 2373740699529364991763589324200093466206785561836101840381622237225512234632import gmpy2
import libnum
from Crypto.Util.number import *
p=177077389675257695042507998165006460849
q=211330365658290458913359957704294614589
n=p*q
phin=(p-1)*(q-1)
c=2373740699529364991763589324200093466206785561836101840381622237225512234632
for e in range(50000,70000):if(gmpy2.gcd(e,phin)==1):d=gmpy2.invert(e,phin)m=pow(c,d,n)flag = long_to_bytes(m)print(flag)
RSA4 低加密指数广播攻击
知识点:低加密指数广播攻击
本文来自互联网用户投稿,文章观点仅代表作者本人,不代表本站立场,不承担相关法律责任。如若转载,请注明出处。 如若内容造成侵权/违法违规/事实不符,请点击【内容举报】进行投诉反馈!