Path to a crypto master, the engineer way
Published on
Table of Contents
Who knew I’d be writing a crypto writeup.
The Beginning
The challenge provides a SageMath bit of code, as well as a cipher text.
def encrypt(msg, f):
return ''.join(chr(f.substitute(c)) for c in msg)
P.<x> = PolynomialRing(ZZ)
f = 13*x^2 + 3*x + 7
FLAG = open('./flag.txt', 'rb').read().strip()
enc = encrypt(FLAG, f)
print(enc)
That’s some messy looking cipher text…
Understanding the sage
Thankfully the SageMath here is nice and short. All that we need to know, is that each character of the flag is thrown into the encryption function f
. So to reverse it, we just do the opposite.
Since the values were obtained by substituting each character into 13*x^2 + 3*x + 7
, to get x back, we solve 13*x^2 + 3*x + 7 = <encrypted num>
.
Neat-ify the cipher text
Those bytes looked a little unpleasant to me, so I decided to turn them into their appropriate unicode values.
txt = open("output.txt").read()
nums = []
for chr in txt:
nums.append(ord(chr))
print(nums)
nums = [60323, 94187, 58565, 91987, 63917, 197053, 172277, 140927, 30103, 178315, 151963, 130307, 19897, 181373, 33973, 117617, 178315, 172277, 33973, 130307, 117617, 169297, 30103, 175283, 117617, 31367, 33973, 203507, 10]
Now that’s much better. Now to simply reverse the values and …
Oh no
An unnatural call
I then felt a disturbance in the air. My computer was absorbed by a bright, blinding light. When my senses recovered I saw this: I guess I have no choice now. The call of engineers can not be ignored.
An unholy solve
Matlab thankfully has a very simple way of solving quadratic equations. Using the root()
function, in addition to rounding, I summoned the following code:
nums = [60323, 94187, 58565, 91987, 63917, 197053, 172277, 140927, 30103, 178315, 151963, 130307, 19897, 181373, 33973, 117617, 178315, 172277, 33973, 130307, 117617, 169297, 30103, 175283, 117617, 31367, 33973, 203507, 10];
results = "";
for i = 1:length(nums)
results(i) = char(round(max(roots([13 3 (7-nums(i))]))));
end
sprintf("%s",results)
And just like that, the blinding light disappeared, and a flag emerged…
DUCTF{sh0uld'v3_us3d_r0t_13}
What have I done…