Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 8 years ago.
Improve this question
I got this question in a local hacking event, but I couldn't solve it.
Problem Statement ----
Continuing their snooping habit, NSA kept bugging Alice's communication. Resorting to the age old RSA encryption, Alice used 128-bit RSA encryption to exchange messages. Alice shares her public key as
$0xffffffa95256a837568a41c265f4fe27110814aae19f144762d5cc0bcb931807$
and her public key exponent $\phi(n)$ as $0x11$ with Warden.
However, NSA, with its enormous resource, cracked this 128 bit encryption super easily. Seeing your work on the previous ciphers, NSA decided to offer you a job in their Cryptography group. As a final test, NSA shared this public key which they intercepted from Alice and Warden's conversation. They also gave away the private key that they computed from their message exchange.
$Public$ $Key -
(0xffffffa95256a837568a41c265f4fe27110814aae19f144762d5cc0bcb931807,
0x11)$
$Private$ $Key -
(0xffffffa95256a837568a41c265f4fe27110814aae19f144762d5cc0bcb931807,$
$0xc3c3c3817b3335577e69b9d0e48e2bc1fdf71f1f4f73a38a7d628d39739bbaf1)$
What are the values of $p$ and $q$? (the prime numbers used in key generation)
Related
Closed. This question is not about programming or software development. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 5 months ago.
Improve this question
i have two strings
9d14be68d71e15449d7ace056905429e28e319949eace8521c6114da6223208b37b32e50c045da86eccae39e2034ec14
3081d302010104205f20ff52fe5b542b2901408a1cbd4fb19b33b105a6f7e9e2bb36c64bae1e3fcaa08185308182020101302c06072a8648ce3d0101022100fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f300604010004010704210279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798022100fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141020101a12403220002000be91168a24103962a0a5e899a1ee557c52105770607b4b746e9f5da45427d
The first one is encrypted version of the second and the password is:
this sucks
So i want to find out the type of encryption that was used and how.
I will then use python to decrypt it as to experience cryptography on my own.
The above encryption was done by Bitcoin core app.
Some research say that the app uses AES CBC to encrypt the wallet data so extracted the data before and after encryption for this experiment.
How was the string encrypted?
Please bear with me i am still learning encryption.
There is no way of knowing. Maybe take a look at ciphertext indistinguishability.
Your best chance is to brute force the cypher with your python script. Keep in mind that there are a lot of well-known encryption algorithms (AES, 3DES, ...), key lengths, encryption modes (CBC, CFB, ...) and padding options so this might not be even possible due to high number of combinations.
Also, there is another problem. You password this sucks is shorter than the key size encryption algorithms use. For example, AES requires keys to be either 128, 192 or 256 bits of length so you need to make your password of that length. There is no way of knowing what key stretching technique (PBKDF2, bcrypt, scrypt, ...) or what hashing algorithm (SHA256, SHA512, ...) was used to achieve adequate key size.
This task is not impossible but highly improbable.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 2 years ago.
Improve this question
hey can someone answer these 3 questions please
Why middle block of 3DES is decryption rather than encryption? 2. Suppose an error occurs in a block of ciphertext during transmission from the sender to
receiver. What effect will be observed on the recovered plaintext at the receiver? 3. Inclusion of salt in UNIX password scheme is the difficulty of guessing password by 4096. However, the salt value is stored in pain-text as same entry as ciphertext. The salt value is known to attacker and need not be guessed. Then why is it asserted that salt increases security?
It's decryption with a different key to the first encryption.
Decrypting with the wrong key will further convolute the output.
3DES is a feistel cipher structure, encryption and decryption are symmetrical.
The reason triple DES is of the form EDE is for one reason, and one reason only: to make it compatible with single DES - thanks to #James Polk
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 4 years ago.
Improve this question
as the question says, i would like to know if it is important to generate a strong key in order to encrypt connection.
Let's assume i'm using AES Symmetric Key Encryption Algorithm.
What changes can i achieve by using a key such as: "helloworld" or some particular hash value evaluated from some process?
The fact is that, using pseudo random generator is a good key generation process. But what if i simply used a static key without exchanging it to the outside communication channel? How can an attacker find my key?
Thanks
The key creation is very important. There are two approaches, one is a random key generated by a cryptographically secure pseudo random number generator CSPRNG and the other derived from text.
When using text as a key the brute force approach is to try text from lists of frequently used passwords such as SecLists. The approach against this is to use a derivation method that is slow in order to make such a brute force infeasible. One common method is the Password Based Key Derivation 2 PBKDF2 also noes as RFC2898, another newer method is Argon2. In both cases a general goal is to choose a work factor such that about 100ms of CPU time is required.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 5 years ago.
Improve this question
So yeah, different modulus(n), same exponent(e), different encrypted messages(C). Can I do anything with that to find the original messages(M) ? Thank you !
Sure. You can factor the modulus, altho for real world RSA keys, that's not gonna be very practical.
More seriously, 99% of all RSA keys use 65537 as the exponent. If a common public exponent were a weakness 99% of all RSA applications would be vulnerable.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 years ago.
Improve this question
What is the IV in encryption used for?
Is this a valid example for encryption with IV? (Pseudocode)
Encryption->xor data with key, prepend IV to output
Decryption->just remove IV and xor the rest with same key
The IV (Initialization Vector) is designed to be random for each message so that two identical messages encrypted with the same key are not the same thus leaking information. The IV does not need to be secret so it can just prefix the encrypted message.
The point is that the IV causes the entire encrypted message to be different, adding it to the message is just one common way to make it available for decryption.
Consider the case where Alice sends Bob a message every day of where they will meet, either the mall or the post office. With the same key and IV eavesdropping Eve after noticing where they meet but not knowing which location can tell just be looking at the encrypted message without need to decrypt it. It could be "attack at dawn" or "attack at dusk".
The key can be pre-shared once and reused securely for many messages just by using a different random IV for each message.