CTF: Cracking a Faulty Signature
Do you have a cybersecurity mind? Well, one of the key skills is the ability to solve complex problems. One way to do this, is to undertake a CTF (Capture The Flag) exercise.
Here’s a challenge for you …
Bob creates a signature for a message to Alice, but there is a fault in the creation of the signature. The message is “hello” and the signature is 33561470437852350800490296761035292196715158781566678427933645057899269717707506647931331164413297433452052757522476505043933758201648524587067912327069386833529595693294784445885069514609509940138677177002837616414260865324998574585955604784961293369461236228238076243170840123022488381745254995816247017490. Bob’s public key modulus is 94136336122929214497645947944239488252265637517769497863995725490749118151338146906097108857799005345920509263235470705894384169684628344131600231570414799978836997446701647934689166024214620156488862336056183901241288511987984235432767088697131078894390476645020437264124880061155505393367858836280160054199. Can you discover Bob’s private key?
[Ans: p = 898…, q = 104..]
Now, let’s crack it.
RSA signature fault
In a brilliant paper published at USENIX 2022, Sullivan et al [1] show that real-life RSA signatures can be cracked for their private key — if the signature contains…
