Hackzone
Published in

Hackzone

HackZone IX CTF: Likkrid’s Crypto writeups

BabeRSA [10 Solves-449 Points]

“keys” function:

  • Generates 2 1024-bits prime numbers p, q and calculates modulus = p * q
  • Generates 3 random numbers (b, rand1, rand2) and calculates:
figure 1.1
  • Based on Fermat’s little theorem we have:
figure 1.2
  • Generates another 2 random numbers, modulo the “modulus”, rand_b1 and rand_b2 and return private and public keys.

“encrypt” function:

  • This function simply returns two parts of the ciphertext:
figure 1.3

“decrypt” function:

  • You can solve this problem with a one liner due to parameters “over-sharing” in the public key (sharing is caring 👀😝)
  • Based on figure 1.3, it is quite obvious that solving the system of 2 linear congruences will provide the plaintext:
figure 1.4: Solving for x retrieves the flag

Solutions:

  • Based on figure 1.3 we have:
figure 1.5
  • Based on figure 1.2 we have:
figure 1.6

That was mainly it for the first challenge, fairly easy but still a highly valuable one. Kudos to those who smashed this challenge with the cheesy solution 🧀

My ECC For Dummies [3 Solves-498 Points]

figure 2.1: MV-ElGamal
figure 2.2

Okay why does the author take us in this direction and how can we efficiently use the m2 value to recover the whole flag?

figure 2.3
figure 2.4
  • In our case, we have the m2 so we can to solve the cubic root modulo <p> and we should recover the first part of the flag associated with one of the roots.
  • I decided to use sage for this specific use-case because it felt easier to me!! We ended up solving modular square root for pow(2,20)
figure 2.5
  • Hopefully this was of any help for you if you had fun participating in HackZone IX, struggled to solve one of this crypto challenges or just seeking a hint to dive deeper into the details. You can find challenges source code and solvers here.

If you made it this far, thank you for your interest in this humble Crypto writeup. Looking forward to hearing from you about topics/ideas/feedback regarding this post. Feel free to reach out if you found any other/unintended solutions and as usual stay safe and hack carefully 🧡🧡

--

--

Après son succès incontestable lors de ses éditions précédentes, HackZone, l’événement annuel de sécurité informatique, d’une durée de 24 heures, revient cette année dans une 8ème édition sous le thème de “ Cyber attaks & IOT “ pour assurer un rendez-vous incontournable avec les

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store