NCS Competition 2021 Writeup
  • HHousen National Cyber Scholarship Competition 2021 Writeup
  • Forensics
    • FE02 - 100pts
    • FE03 - 100pts
    • FH01 - 500pts
    • FE04 - 100pts
    • FM01 - 250pts
    • FM02 - 250pts
    • FM03 - 250pts
    • FE01 - 100pts
  • Crypto
    • CM01 - 250pts
    • CM02 - 250pts
    • CX01 - 1000pts
    • CH01 - 500pts
    • CH02 - 500pts
  • Binary
    • BM01 - 250pts
    • BM02 - 250pts
    • BM03 - 250pts
    • BX01 - 1000pts
    • BX02 - 100pts
    • BE01 - 100pts
    • BE02 - 100pts
    • BH01 - 500pts
  • Networking
    • NM01 - 250pts
    • NE01 - 100pts
  • Web
    • WX01 - 1000pts
    • WE01 - 100pts
    • WE02 - 100pts
    • WH01 - 500pts
    • WH02 - 500pts
    • WM01 - 250pts
    • WM02 - 250pts
    • WM03 - 250pts
    • WM04 - 250pts
    • WM05 - 250pts
  • Challenge Name
Powered by GitBook
On this page
  • Briefing
  • Solution
  • Flag

Was this helpful?

Edit on Git
  1. Crypto

CH01 - 500pts

PreviousCX01 - 1000ptsNextCH02 - 500pts

Last updated 4 years ago

Was this helpful?

Briefing

Download the files and find a way to retrieve the encrypted data. Contents: 1.pub, 2.pub, m1.enc, m2.enc

Challenge Files:

Solution

  1. Searching for "rsa two messages different exponents" finds which links to which mentions a "common modulus attack."

  2. states: "A Common Modulus attack can be used to recover the plaintext when the same message is encrypted to two RSA keys that use the same modulus. This algorithm works if and only if message sends with the same modulus and relatively prime encryption exponents." You can learn more by reading this article .

  3. Searching for a Python script to conduct this attack finds .

  4. We can run this tool using python3 rsa-cm.py -c1 ch01/m1.enc -c2 ch01/m2.enc -k1 ch01/1.pub -k2 ch01/2.pub to get the flag: Flag: shaRinGisCaRinG-010.

Flag

shaRinGisCaRinG-010

ch01.zip
this Crypto StackExchange answer
this other Crypto StackExchange answer
Mathematical Attacks on RSA Cryptosystem
RSA Attacks: Common Modulus
HexPandaa/RSA-Common-Modulus-Attack