Unlocking the Secrets of RSA Encryption: A Beginner’s Guide with WaniCTF2024
The Mysterious Message
Alex sat at his desk, eyes glued to his computer screen. The WaniCTF2024 challenge had just gone live, and competitors from around the world were diving into the cryptic puzzles. Alex had been preparing for this moment for months, honing his skills in cryptography, steganography, network security and web application security. Today’s challenge: decrypt a mysterious message using RSA encryption.
He opened the challenge description and found a seemingly simple note:
Along with the note was a zip file named cry-beginners-rsa.zip. Alex quickly extracted the zip file and found two files: chall.py and output.txt.
Opening chall.py, he discovered the following code:
from Crypto.Util.number import *
p = getPrime(64)
q = getPrime(64)
r = getPrime(64)
s = getPrime(64)
a = getPrime(64)
n = p*q*r*s*a
e = 0x10001
FLAG = b'FLAG{This_is_a_fake_flag}'
m = bytes_to_long(FLAG)
enc = pow(m, e, n)
print(f'n = {n}')
print(f'e = {e}')
print(f'enc = {enc}')In output.txt, the values were:
n = 317903423385943473062528814030345176720578295695512495346444822768171649361480819163749494400347
e = 65537
enc = 127075137729897107295787718796341877071536678034322988535029776806418266591167534816788125330265A Brief Introduction to RSA Encryption
To understand how to decode the message, Alex reviewed the basics of RSA encryption. RSA relies on the mathematical properties of prime numbers. Here’s a simplified overview:
https://en.wikipedia.org/wiki/RSA_(cryptosystem)
Key Generation:
Select two large prime numbers, p and q.
Compute n = pq. This n forms part of the public key.
Calculate the totient ϕ(n) = (p−1)(q−1).
Choose an encryption key e such that 1 < e < ϕ(n) and e is coprime to ϕ(n).
Determine the decryption key d using ed ≡ 1 (mod ϕ(n)).
Encryption:
The sender converts the plaintext message into an integer m such that 0 ≤ m < n.
The ciphertext c is then computed as c ≡ m^e (mod n).
Decryption:
The receiver computes m ≡ c^d (mod n) to retrieve the original message.Cracking the Code
Alice’s mind raced as he set up his coding environment. He needed to factorize the large number n to retrieve the primes p,q,r,s and a. He initially tried using an online tool, factordb.com, but soon found himself stuck. The complexity of factorizing such a large number overwhelmed him, and time was ticking.
Feeling the pressure, Alex decided to seek help from a renowned figure in the ethical hackers community known as “Crypto God” Cisco. He reached out to Cisco with a detailed explanation of his problem. Within moments, Cisco responded with the much-needed prime factors of n:
p = 9953162929836910171
q = 11771834931016130837
r = 12109985960354612149
s = 13079524394617385153
a = 17129880600534041513Armed with this crucial information, Alex wrote a Python script to perform the decryption:
#!/usr/bin/env python
from Crypto.Util.number import inverse, long_to_bytes
n = 317903423385943473062528814030345176720578295695512495346444822768171649361480819163749494400347
e = 65537
c = 127075137729897107295787718796341877071536678034322988535029776806418266591167534816788125330265
p = 9953162929836910171
q = 11771834931016130837
r = 12109985960354612149
s = 13079524394617385153
a = 17129880600534041513
phi = (p-1)*(q-1)*(r-1)*(s-1)*(a-1)
d = inverse(e, phi)
m = pow(c, d, n)
cipher = long_to_bytes(m)
print(cipher)He ran the script and within seconds, the original message revealed itself:
b'FLAG{S0_3a5y_1254!!}'A smile spread across Alex’s face. The hours of studying RSA had paid off, and he was ready to tackle the next challenge in WaniCTF2024, with a silent thank you to Cisco for the timely assistance.
Conclusion
The journey of decrypting the RSA encrypted message in WaniCTF2024 not only tested Alex’s skills but also deepened his understanding of one of the most crucial encryption methods in modern cybersecurity. Whether you’re a seasoned professional or a curious beginner, the principles of RSA are fundamental to grasp in the realm of cryptography.
