diff options
Diffstat (limited to 'docs/writeups/2023/lactf/crypto/one-more-time-pad.txt')
-rw-r--r-- | docs/writeups/2023/lactf/crypto/one-more-time-pad.txt | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/docs/writeups/2023/lactf/crypto/one-more-time-pad.txt b/docs/writeups/2023/lactf/crypto/one-more-time-pad.txt new file mode 100644 index 0000000..5c190af --- /dev/null +++ b/docs/writeups/2023/lactf/crypto/one-more-time-pad.txt @@ -0,0 +1,55 @@ +I heard the onetime pad is perfectly secure so I used it to send an important +message to a friend, but now a UCLA competition is asking for the key? I threw +that out a long time ago! Can you help me recover it? + + + + +The problem description implies a weakness through key reuse, however we can +easily recover the key because we are given both a plaintext and corresponding +ciphertext for a simple XOR cipher. + +The key is made up of the flag data, which is shorter than the actual message, +so it is repeated using Python itertools.cycle to pad it out. + +``` +from itertools import cycle +pt = b"Long ago, the four nations lived together in harmony ..." + +key = cycle(b"lactf{??????????????}") + +ct = "" + +for i in range(len(pt)): + b = (pt[i] ^ next(key)) + ct += f'{b:02x}' +print("ct =", ct) + +#ct = 200e0d13461a055b4e592b0054543902462d1000042b045f1c407f18581b56194c150c13030f0a5110593606111c3e1f5e305e174571431e +``` + +To get the flag, we ran this algorithm in reverse: + +``` +#!/usr/bin/env python3 + +ct = ( + b"\x20\x0e\x0d\x13\x46\x1a\x05\x5b\x4e\x59\x2b\x00\x54\x54\x39\x02" + b"\x46\x2d\x10\x00\x04\x2b\x04\x5f\x1c\x40\x7f\x18\x58\x1b\x56\x19" + b"\x4c\x15\x0c\x13\x03\x0f\x0a\x51\x10\x59\x36\x06\x11\x1c\x3e\x1f" + b"\x5e\x30\x5e\x17\x45\x71\x43\x1e" ) + +pt = b"Long ago, the four nations lived together in harmony ..." +key = "" + +for i in range(len(pt)): + b = (pt[i] ^ ct[i]) + key += chr(b) + +print(key) +``` + +Because the key was cycled, we see repeated characters in the output, but the +full flag is there. + +lactf{b4by_h1t_m3_0ne_m0r3_t1m3}lactf{b4by_h1t_m3_0ne_m0 |