• 日期: 2027-01-18 16:12:21
  • 标签: 常规

This challenge presents a scenario where a flag has been encrypted using elliptic curve cryptography. The code snippet reveals the public parameters and ciphertexts, but the flag itself remains concealed. The task is to decipher the encryption process to extract the original flag.

Here's the provided code:

from Crypto.Util.number import *
from secret import flag
flag=bytes_to_long(flag)
a =getPrime(256)
b =getPrime(256)
p =getPrime(256)
m1=int(str(flag)[:5])-4585
m2=int(str(flag)[5:])
#EllipticCurve([a1, a2, a3, a4, a6]) -- y^2+(a1)xy+(a3)y=x^3+(a2)x^2+(a4)x+(a6)
E = EllipticCurve(GF(p), [a, b])
X=E.lift_x(m1)
Y=7*X
m = E.random_point()
G = E.random_point()
k = getPrime(256)
K = k * G
r = getPrime(256)
c1 = m + r * K
c2 = r * G
w2=m[0]*m2
print(f"p = {p}")
print(f"a = {a}")
print(f"b = {b}")
print(f"k = {k}")
print(f"E = {E}")
print(f'Y = {Y}')
print(f"c1 = {c1}")
print(f"c2 = {c2}")
print(f"w2 = {w2}")
'''
p = 71397796933602469825964946338224836258949974632540581233301840806613437378503
a = 106105288190268015217241182934677375171023341761047638573248022053052499733117
b = 76170541771321874396004434442157725545076211607587599314450304327736999807927
k = 58155941823118858940343657716409231510854647214870891375273032214774400828217
E = Elliptic Curve defined by y^2 = x^3 + 34707491256665545391276236596452538912073367128507057339946181246439062354614*x + 4772744837719404570039488103932889286126236975047018081148463521123562429424 over Finite Field of size 71397796933602469825964946338224836258949974632540581233301840806613437378503
Y = (33237936857741483513705672980652927705102229733798436323453609986072499230366 : 52619411226266177137991318059937693955038910547834999771526408984808553907338 : 1)
c1 = (37414446283406201193977113266234367761786780230360175925999700345196415953455 : 17037724145039910971426670298726906655653040365428438334942732090559637519851 : 1)
c2 = (60560423732267272277570046154733119097475794979191838027420415113112056962844 : 54372226143125971429691267751299496959531971082475860532181772357190222938465 : 1)
w2 = 16315249811700998894876359855091105114973337718373913477026230968747515636405
'''

To solve this, you'll need to use the provided information to work backward and recover the original flag.  Here are the key steps:

1. **Understand the Encryption:** The code uses elliptic curve cryptography (ECC) to encrypt the flag. ECC relies on the properties of elliptic curves over finite fields.  You'll need to be familiar with the basics of ECC to understand the encryption process.

2. **Analyze the Code:** Carefully examine the code to identify the key operations performed during encryption. Note the roles of `a`, `b`, `p`, `k`, `G`, `m`, and `r`. These elements are critical to understanding the encryption and decryption procedures.

3. **Reverse Engineer the Encryption:**  Since the code reveals the encrypted values and public parameters, you can reverse engineer the process to uncover the flag. The provided `w2` value is crucial for this task. Use the information to determine the original flag value.

4. **Implementation:** Implement the decryption logic in Python, leveraging the necessary cryptographic libraries (e.g., `Crypto`). 

Here's a general approach to solving the challenge:

* **Create an Elliptic Curve:**  Use the provided values for `p`, `a`, and `b` to define the Elliptic Curve `E` using the `EllipticCurve` function.

* **Compute the Point `K`:** Calculate the point `K` by multiplying the public generator `G` by the private key `k`.

* **Decrypt `c1`:**  You need to determine the point `m` to obtain the first part of the flag. You know `c1`, `K`, and `r`.  Use the ECC properties to calculate `m` from these values.

* **Decrypt `c2`:**  You've already obtained `r` from the previous step.  Decrypt `c2` by dividing `c2` by `r`.

* **Calculate the Original Flag:**  Combine the obtained values of `m` and `m2` to reconstruct the flag.

Remember, this is a general outline.  You'll need to implement the decryption logic in Python, leveraging the provided parameters and equations involved in ECC cryptography.  Once you have the necessary Python code, you can execute it to recover the original flag.

**Important Notes:**

* This solution may require a strong understanding of ECC.  If you are new to ECC, it is essential to learn the fundamentals before tackling this challenge.
* The provided code may contain hints or additional information that can help you in the decryption process. Examine the code carefully for any clues.

Let me know if you need further guidance or have specific questions about ECC or the decryption process. I'm here to help you along the way!
ECC_mini Crypto Challenge: Recovering the Flag

原文地址: https://www.cveoy.top/t/topic/mzfb 著作权归作者所有。请勿转载和采集!

免费AI点我,无需注册和登录