def challenge_46():
print()
# Get message, create RSA keypair, generate ciphertext
message = base64.b64decode('VGhhdCdzIHdoeSBJIGZvdW5kIHlvdSBkb24ndCBwbGF5IGFyb3VuZCB3aXRoIHRoZSBGdW5reSBDb2xkIE1lZGluYQ==')
pub, priv = set5.set_up_rsa(e=3, keysize=1024)
ciphertext = set5.encrypt_rsa(set5.bytes_to_int(message), pub)
# Set up our Oracle
oracle = lambda x: rsa_oracle_plaintext_even(x, priv)
# Verify the keypair works
assert set5.int_to_bytes(set5.encrypt_rsa(ciphertext, priv)) == message
# Set initial lower and upper bound, as well as intermediate ciphertext
lower_bound, upper_bound = 0, pub[1]
ciphertext_ = ciphertext
# Perform the below until the lower and upper bound converge
while upper_bound != lower_bound:
# Multiply plaintext by multiplying ciphertext by 2**`e` mod `N`
ciphertext_ = (ciphertext_ * set5.modexp(2, pub[0], pub[1])) % pub[1]
# If the oracle says True, update the upper bound; if False, update the lower bound
if oracle(ciphertext_):
upper_bound = floor(upper_bound + lower_bound, 2)
else:
lower_bound = floor(upper_bound + lower_bound, 2)
# Create 'Holywood style' output
intermediate_result = str(set5.int_to_bytes(upper_bound))[:os.get_terminal_size().columns - 1]
fill = " " * (os.get_terminal_size().columns - 1 - len(intermediate_result))
print(colorama.Cursor.UP(1) + intermediate_result + fill)
# Print final outputs
print(colorama.Cursor.UP(1) + "Result: {}".format(set5.int_to_bytes(upper_bound)))
print("Original: {}".format(message))
def challenge_48():
# Set up new RSA instance, this time with bigger key length
pub, priv = set5.set_up_rsa(e=3, keysize=768)
# Prepare message
message = pad_PKCS(b'I don\'t know, Marge. Trying is the first step towards failure - Homer Simpson', k=(pub[1].bit_length() + 7) // 8)
# Get ciphertext using generated RSA instance
ciphertext = set5.encrypt_rsa(set5.bytes_to_int(message), pub)
# Set up our Oracle
oracle = lambda x: rsa_oracle_02(x, priv)
assert oracle(ciphertext)
# Perform the actual attack: set up bleichenbacher98 instance
bb98 = bleichenbacher98(ciphertext, pub, oracle)
# Run the attack
found_message = bb98.solve()
print("Found message:", found_message)
# Verify the found message equals our original plaintext
assert_true(found_message == message)
def challenge_47():
# Set up new RSA instance
pub, priv = set5.set_up_rsa(e=3, keysize=256)
# Prepare message
message = pad_PKCS(b'kick it, CC', k=(pub[1].bit_length() + 7) // 8)
# Get ciphertext using generated RSA instance
ciphertext = set5.encrypt_rsa(set5.bytes_to_int(message), pub)
# Set up our Oracle
oracle = lambda x: rsa_oracle_02(x, priv)
assert oracle(ciphertext)
# Perform the actual attack: set up bleichenbacher98 instance
bb98 = bleichenbacher98(ciphertext, pub, oracle)
# Run the attack
found_message = bb98.solve()
print("Found message:", found_message)
# Verify the found message equals our original plaintext
assert_true(found_message == message)
def __init__(self):
# Generate public, private key pair
self.public, self.__private__ = set5.set_up_rsa(e=3, keysize=1024)