ASIS Quals 2017 – Secured OTP server – 268 points

Description:

Connect to OTP generator server, and try to find one OTP.
This is secure than first server 🙂

nc 66.172.33.77 12431

Untitled

Here is the [E]ncryption fuction

This challenge is similar to the “a fine OTP server“ challenge. The otp is the concatenation of template_phrase and 18-bytes passphrase and the encrypted OTP are compute as:

$c_1 \equiv otp_1^{3} \;mod\;n$ (1)

$c_2 \equiv otp_2^{3} \;mod\;n$

but now, the template_phrase is longer. So, the otp cubed now larger than the modulus n and we can’t compute the otp as the cube root of the encrypted OTP.

The server use 2048-bits key with the public exponent is 3. We can use openssl or python to extract the key.

Untitled

Let take a look at the equation:

$(a+b)^{3}=a^{3}+3a^{2}b+3ab^{2}+b^{3}$ (2)

Let the otp0 is the otp with the 18-null-bytes-passphrase, otherwise, otp0 is the concatenation of template_phrase and 18-bytes “\x00”, then we have the difference between otp0 and otp1 is the passphrase.

$otp_1=otp_0+passphrase_1$ (3)

Combine equations (1), (2) and (3), let a = otp0, b = passphrase1, we have:

$c_1\equiv otp_1^{3}\; mod\;n$
$c_1\equiv (otp_0+passphrase_0)^{3}\;mod\;n$
$c_1\equiv opt_0^{3}+3otp_0^{2}*passphrase_1+3otp_0*passphrase_1^{2}+passphrase_1^{3}\;mod\;n$

We can easily compute the encrypted of otp0:

$c_0\equiv otp_0^{3}\;mod\;n$

then :

$c_1\equiv c_0+3otp_0^{2}*passphrase_1+3otp_0*passphrase_1^{2}+passphrase_1^{3}\;mod\;n$

$c_1-c_0\equiv 3otp_0^{2}*passphrase_1+3otp_0*passphrase_1^{2}+passphrase_1^{3}\;mod\;n$

Now, we have the right-side of the equation is smaller than the modulus then we can tranform that congruence equation into polynomial equation:

$c_1-c_0 = 3otp_0^{2}*passphrase_1+3otp_0*passphrase_1^{2}+passphrase_1^{3}$

Now, we can easily compute the passphrase1 by solving the cubic equation.

Untitled

Submit the OTP and get the flag 😀

Untitled

That ‘s all and the flag is “ASIS{gj____Finally_y0u_have_found_This_is_Franklin-Reiter’s_attack_CongratZ_ZZzZ!_!!!}”.

	Hi trong ASIS Quals 2017 – unsecu…
	bomotodo trong ASIS Quals 2017 – unsecu…
	Hi trong ASIS Quals 2017 – unsecu…
	ASIS Quals 2017… trong ASIS Quals 2017 – A fine…
	bomotodo trong SVATTT vòng loại – OTP c…

Chia sẻ:

Bình luận về bài viết này Hủy trả lời