strength

PLAID CTF Crypto Challenge: 110 pts

Challenge Description:

"We've captured the flag encrypted several times... do you think you can recover it?"

The challenge presented the user with a set of {N : e : c}. Each set represented a different RSA public key encryption of the same message, the flag.

Material:

- captured public key and cipher text file

Solution:

The solution to this challenege was pretty simple, a.k.a. python brute force works well. :]
(Python scripts for solution linked at the bottom.)

1) Vulnerability in poorly chosen RSA *exponent e*
2) Find the exponents which are off by *1* so they cancel out 
3) You can compute the message from the two cooresponding ciphertexts

C1 = M1^(e) mod(N)

C2 = M1^(e+1) mod(N)

compute the modular inverse of the two vuln e's => {a,b}

C1^(-a)*C2^(b) = M1^(-e)*M1^(e+1) mod(N)

modular_inv(C1, N)*C2 = M1^(1) mod(N)

Steps to flag:

Flag:

Scripts:

SOLVER