![]() An obvious deduction is that the **service will serve as some kind of oracle**. Since `message` is also read from a file, it is safe to assume that it doesn't change between each connection to the service. It is then **base64-encoded** and sent back to us. Then, a **certain message** is **encrypted using the decrypted AES key**. So basically, the code here waits for us to send an **AES key encrypted with gm** (*which we can now deduce means "Goldwasser-Micali"*), then it **decrypts it using the secret key** generated in ** gen.py**. Print 'Server listening on port %d' % PORT Server = ReusableTCPServer(('0.0.0.0', PORT), incoming) Req.sendall(base64.b64encode(encmessage) '\n')Ĭlass ReusableTCPServer(SocketServer.ForkingMixIn, SocketServer.TCPServer): Req.sendall('Each encrypted bit should be sent line by line in integer format.\n') Req.sendall('Please send us an encrypted 128 bit key for us to use.\n') Req.sendall('Welcome to the Goldwasser-Micali key exchange!\n') Each of the keys in the generated keypair (*pk and sk*) is then also written to a file.īecause the crux of the problem will most likely lie in ** gm.py** (*that's my experience speaking*), let's continue with ** server.py** so as to not get too deep in unnecessary considerations.Ĭlass incoming(SocketServer.BaseRequestHandler): The key is then encrypted with an `encrypt` function presumably defined in ** gm.py**, using the **public key** we have been provided, and then written to a file. In ** gen.py**, we can basically see how the files we were provided were generated the flag is encrypted using the `encrypt` function from ** aes.py**, and then written to a file. Nothing special happening here, these functions are pretty much wrappers to **encrypt** and **decrypt** with **AES in CFB mode** with a **random IV that is prepended to the ciphertext during encryption**.į.write('\n'.join()) Let's start with ** aes.py**:Ĭipher = AES.new(k, AES.MODE_CFB, c) ![]() Note: connect with netcat or an equivalent tool. We've also provided the relevant (/static/crypto/gmx/gmx.zip). All you have to do is decrypt this ( ), which was encrypted with this ( ). He even made a service running at ` :3000` here's the ( ). I thought it was very interesting, especially because it used an actual cryptosystem I had no knowledge of, and surprisingly validated by less than 30 teams among the almost 2000 that were participating.ĭefund created a nonconformist hybrid cryptosystem. **gmx** was a 160 point cryptography challenge in **Ångstrom CTF 2018**.
0 Comments
Leave a Reply. |