def dsa_signing(msg, x):
r = 0
s = 0
k = random.randint(1, q)
r = pow(g, k, p) % q
s = (chal39.invmod(k, q) * (int(H(msg), 16) + x * r)) % q
return r, s
def verify(msg, sign, pub_key):
r, s = sign
y = pub_key
w = chal39.invmod(s, q)
u1 = (int(H(msg), 16) * w) % q
u2 = (r * w) % q
v = ((pow(g, u1, p) * pow(y, u2, p)) % p) % q
return v == r
def attack(msg):
print "Attacking ..."
r = 548099063082341131477253921760299949438196259240
s = 857042759984254168557880549501802188789837994940
y = 0x84ad4719d044495496a3201c8ff484feb45b962e7302e56a392aee4abab3e4bdebf2955b4736012f21a08084056b19bcd7fee56048e004e44984e2f411788efdc837a0d2e5abb7b555039fd243ac01f0fb2ed1dec568280ce678e931868d23eb095fde9d3779191b8c0299d6e07bbb283e6633451e535c45513b2d33c99ea17
print "Test1 - ", 'd2d0714f014a9784047eaeccf956520045c45265' == H(msg)
h = 0xd2d0714f014a9784047eaeccf956520045c45265
for k in range(0, 2**16):
x = (((s * k) - h) % q * chal39.invmod(r, q)) % q
if verify_key(x, y):
print "Cracked :)"
return x
def crack_rsa():
msg = 42
k_0, c_0 = MITM_return(msg)
k_1, c_1 = MITM_return(msg)
k_2, c_2 = MITM_return(msg)
n_0 = k_0[1]
n_1 = k_1[1]
n_2 = k_2[1]
m_s_0 = n_1 * n_2
m_s_1 = n_0 * n_2
m_s_2 = n_0 * n_1
N_012 = n_0 * n_1 * n_2
result = (c_0 * m_s_0 * chal39.invmod(m_s_0, n_0) +
c_1 * m_s_1 * chal39.invmod(m_s_1, n_1) +
c_2 * m_s_2 * chal39.invmod(m_s_2, n_2)) % N_012
data = result**(1. / 3)
print "Test Passed : ", msg == int(round(data))
if __name__ == "__main__":
x = random.randint(1, q)
#g = 0, therefore r = 0
print "------g=0-------"
g = 0
msg1 = "Hello, world"
msg2 = "Goodbye, world"
sign1 = dsa_signing(msg1, x)
sign2 = dsa_signing(msg2, x)
print "Sign1 : ", sign1
print "Sign2 : ", sign2
print "DSA Test#1 - ", verify(msg1, sign1, get_pub_key(x))
print "DSA Test#2 - ", verify(msg2, sign1, get_pub_key(x))
print "DSA Test#3 - ", verify(msg1, sign2, get_pub_key(x))
print "DSA Test#4 - ", verify(msg2, sign2, get_pub_key(x))
#g=p+1
print "------g=p+1-------"
g = p + 1
y = get_pub_key(x)
z = random.randint(1, 10)
print "z = ", z
r = pow(y, z, p) % q
s = r % q * chal39.invmod(z, q)
sign = r, s
print "Sign : ", sign
print "DSA Test#1 - ", verify(msg1, sign, get_pub_key(x))
print "DSA Test#2 - ", verify(msg2, sign, get_pub_key(x))
import json
import requests
import chal39
import random
org_plain_text = random.randint(0, 10000)
response = requests.get("http://localhost:9000/get_key")
pub_key_json = json.loads(response.content)
pub_key = [pub_key_json['e'], pub_key_json['n']]
cipher = chal39.rsa_encrypt(org_plain_text, pub_key)
dec_plain_text = requests.get("http://localhost:9000/rsa_decrypt?cipher=" +
str(cipher))
print "Server decryption test : ", dec_plain_text.status_code == 200 and org_plain_text == int(
dec_plain_text.content)
print "Server hash validation test : ", requests.get(
"http://localhost:9000/rsa_decrypt?cipher=" +
str(cipher)).status_code == 300
N = pub_key[1]
E = pub_key[0]
S = random.randint(2, N)
C1 = (pow(S, E, N) * cipher) % N
response = requests.get("http://localhost:9000/rsa_decrypt?cipher=" + str(C1))
if response.status_code == 200:
cracked_plain_text = (int(response.content) % N * chal39.invmod(S, N)) % N
print "Cracked Plain Text : ", cracked_plain_text
print "Attacker decryption test : ", cracked_plain_text == org_plain_text
def find_k(m1,m2,s1,s2,q): return ((m1-m2)%q * chal39.invmod(s1-s2,q))%q
y = 0x2d026f4bf30195ede3a088da85e398ef869611d0f68f0713d51c9c1a3a26c95105d915e2d8cdf26d056b86b8a7b85519b1c23cc3ecdc6062650462e3063bd179c2a6581519f674a61f1d89a1fff27171ebc1b93d4dc57bceb7ae2430f98a6a4d83d8279ee65d71c1203d2c96d65ebbf7cce9d32971c3de5084cce04a2e147821
q = 0xf4f47f05794b256174bba6e9b396a7707e563c5b
def same_value_in_list(r):
for i in range(len(r)):
for j in range(i+1,len(r)):
if r[i]==r[j]:
return i,j
def find_k(m1,m2,s1,s2,q):
return ((m1-m2)%q * chal39.invmod(s1-s2,q))%q
if __name__=="__main__":
file = open('44.txt','r').readlines()
msgs = []
r = []
s = []
m = []
for i in range(0,len(file)/4):
msgs.append(file[i*4].strip().split(':')[1])
s.append(file[i*4+1].strip().split(':')[1])
r.append(file[i*4+2].strip().split(':')[1])
m.append(file[i*4+3].strip().split(':')[1])
i,j = same_value_in_list(r)
print "Same value in list function test - ",r[i]==r[j]
k = find_k(int(m[i],16),int(m[j],16),int(s[i]),int(s[j]),q)
x = (((int(s[i])*k) - int(m[i],16))%q * chal39.invmod(int(r[i]),q))%q
print "Private key Cracked :)"
print "Key Check - ",hashlib.sha1(hex(x)[2:-1]).hexdigest()=="ca8f6f7c66fa362d40760d135b763eb8527d3d52"