## CSAW Quals 2018 – holywater

This was my favorite crypto challenge from this year's CSAW Quals (and probably my favorite crypto challenge that I've done in a while). On the surface, it's relatively standard: we have a flag encrypted with some cryptosystem (along with a Python implementation of this cryptosystem) and we have to decrypt it. The cryptosystem itself is… Continue reading CSAW Quals 2018 – holywater

## Google CTF 2018 – Tape

TapeThe description of this challenge is: “We’ve found this priceless, old magnetic tape in our archives. We dumped the contents, but the data is corrupted and we can’t read it. We only have this old tape reader tool, but source code was lost long ago. The program has only 944 bytes, so reversing it should… Continue reading Google CTF 2018 – Tape

## Google CTF 2018 – Better Zip

The legacy ZIP crypto is long broken, so we’ve fixed it In this challenge, we are provided with a Python script (better_zip.py) that generates an encrypted zip file from an input file and key, and want to decrypt flag.zip, which was generated with this script. The script has two main parts: a BetterZipCreator class that… Continue reading Google CTF 2018 – Better Zip

## Tokyo Westerns CTF 2017 – Liar’s Trap

On the surface, this challenge appears to be about secret sharing. The setup is simple: the flag is divided into \$latex N=100\$ pieces using Shamir's secret sharing scheme so that it can be recovered given any \$latex K=25\$ of these pieces (but is impossible to recover with any fewer). The server provides you with all… Continue reading Tokyo Westerns CTF 2017 – Liar’s Trap

## 33C3 CTF – Beeblebrox

This crypto challenge is a classic "fake-the-signature" crypto challenge, but with a somewhat unusual signature scheme that depends on the hardness of computing \$latex n\$th roots modulo a semiprime: There is a publicly known semiprime \$latex N = PQ\$, whose two prime factors \$latex P\$ and \$latex Q\$ are known only to the signer. There… Continue reading 33C3 CTF – Beeblebrox

## 33C3 CTF – Ichnixwisse

In this crypto challenge, we're given an implementation of a zero-knowledge proof system for 3-coloring a graph. We're also given a graph on 100 vertices with 4600 edges which is far from 3-colorable. Our goal is to fool the verifier on the server and prove to it that this graph is in fact 3-colorable (where… Continue reading 33C3 CTF – Ichnixwisse

## SharifCTF 7 – Lobotomized LSB Oracle

[Note: this is a follow up to the challenge LSB Oracle. It may be useful to view the writeup for that challenge first.] In LSB Oracle, we were given an oracle that would compute the least significant bit of decryptions of inputs we feed it. In Lobotomized LSB Oracle, we are given the same oracle,… Continue reading SharifCTF 7 – Lobotomized LSB Oracle