目录
1.题目
题目给出三个文件,flag_cipher是二进制文件,直接打开是乱码
题面.txt:
CBC什么东西呀?不就是把上一轮加密的影响扩散到下一轮嘛
它写的CBC一点都不正宗
我这样写肯定也行的!
大概吧?MYOwnCBC.py:
#!/usr/bin/python2.7
# -*- coding: utf-8 -*-
from Crypto.Cipher import AES
from Crypto.Random import random
from Crypto.Util.number import long_to_bytes
def MyOwnCBC(key, plain):
if len(key)!=32:
return "error!"
cipher_txt = b""
cipher_arr = []
cipher = AES.new(key, AES.MODE_ECB, "")
plain = [plain[i:i+32] for i in range(0, len(plain), 32)]
print plain
cipher_arr.append(cipher.encrypt(plain[0]))
cipher_txt += cipher_arr[0]
for i in range(1, len(plain)):
cipher = AES.new(cipher_arr[i-1], AES.MODE_ECB, "")
cipher_arr.append(cipher.encrypt(plain[i]))
cipher_txt += cipher_arr[i]
return cipher_txt
key = random.getrandbits(256)
key = long_to_bytes(key)
s = ""
with open("flag.txt","r") as f:
s = f.read()
f.close()
with open("flag_cipher","wb") as f:
f.write(MyOwnCBC(key, s))
f.close()
2.分析
出题人使用了AES的ECB加密方式模拟CBC加密方式,只不过他在加密过程中又少了异或这一步,同时他是利用前一条密文来加密后面一条密文的,这个跟使用同一条key进行加密的ECB又有不同了,我们在破解的时候首先获取密文的前32个字节用作初始的key(原本的key已经找不到了),用这个key我们可以逆推回去解密出大部分的原文,虽然会丢掉前面几个字节。
3.解题
对密文进行解密:
from Crypto.Cipher import AES
cipher = open('flag_cipher', 'rb').read()
key = cipher[0:32]
#取前32个字节开始解密
print(key)
def re_CBC(key, cipher):
m = b''
cipher = [cipher[i:i+32] for i in range(0, len(cipher), 32)]
tmp = key
for i in range(1, len(cipher)):
aes_cipher = AES.new(tmp, AES.MODE_ECB)
m += aes_cipher.decrypt(cipher[i])
tmp = cipher[i]
return m
print(re_CBC(key, cipher).decode())
得到一篇文章:
mode of operation is an algorithm that uses a block cipher to provide an information service such as confidentiality or authenticity. A block cipher by itself is only suitable for the secure cryptographic transformation (encryption or decryption) of one fixed-length group of bits called a block. A mode of operation describes how to repeatedly apply a cipher's single-block operation to securely transform amounts of data larger than a block.
Most modes require a unique binary sequence, often called an initialization vector (IV), for each encryption operation. The IV has to be non-repeating and, for some modes, random as well. The initialization vector is used to ensure distinct ciphertexts are produced even when the same plaintext is encrypted multiple times independently with the same key. Block ciphers have one or more block size(s), but during transformation the block size is always fixed. Block cipher modes operate on whole blocks and require that the last part of the data be padded to a full block if it is smaller than the current block size. There are, however, modes that do not require padding because they effectively use a block cipher as a stream cipher.
Historically, encryption modes have been studied extensively in regard to their error propagation properties under various scenarios of data modification. Later development regarded integrity protection as an entirely separate cryptographic goal. Some modern modes of operation combine confidentiality and authenticity in an efficient way, and are known as authenticated encryption modes.
Ah you found it~ afctf{Don't_be_fooled_by_yourself}~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~得到flag:
afctf{Don't_be_fooled_by_yourself}
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
