-
Notifications
You must be signed in to change notification settings - Fork 1
/
exercise_four.html
192 lines (182 loc) · 6.25 KB
/
exercise_four.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
<!DOCTYPE html>
<html>
<head>
<title>Crypto Exercises</title>
<link rel="stylesheet" href="./cryptoexercises-stylesheet.css" />
<script src="./sjcl/sjcl.js"></script>
<script src="./functions.js"></script>
</head>
<body onload="loadProblem()">
<!----------------------------------------------------------------------------->
<header>
<table class="headerTable" cellspacing="0">
<tr>
<td class="left">
<img class="bannerImage" src="./LLCipher_logo.png" alt="Llcipher logo" />
</td>
<td class="middle">
<p>Cryptography Challenges</p>
</td>
<td class="right">
<img class="lincolnLogo" src="./lincoln_logo.png" alt="Lincoln logo" />
</td>
</tr>
</table>
</header>
<!----------------------------------------------------------------------------->
<nav>
<ul>
<li><a href="./index.html">Home</a></li>
</ul>
<br />
<ul>
<li class="title">Background</li>
<li><a href="./el_gamal_encryption.html">El Gamal Encryption</a>
<li><a href="./rsa_encryption.html">RSA Encryption</a>
</ul>
<br />
<ul>
<li class="title">Challenges</li>
<li><a href="./classical_crypto.html">Classical Crypto</a></li>
<li><a href="./exercise_one.html">RSA Challenge One</a></li>
<li><a href="./exercise_two.html">RSA Challenge Two</a></li>
<li><a href="./exercise_three.html">RSA Challenge Three</a></li>
<li><a href="./exercise_three_a.html">RSA Challenge Three (a)</a></li>
<li><a href="./exercise_four.html">RSA Challenge Four</a></li>
<li><a href="./exercise_five.html">El Gamal Challenge</a></li>
</ul>
<br />
<ul>
<li class="title">Other Stuff</li>
<li><a href="./references.html">References</a></li>
<li><a href="./credits.html">Credits</a></li>
</ul>
</nav>
<!----------------------------------------------------------------------------->
<article>
<table class="exerciseLayoutTable" cellspacing="0">
<tr>
<td class="exerciseDetails">
<h1>RSA Challenge Four: RSA Modulus Reuse Attack</h1>
<div class="exerciseDescription">
<p><b>The Problem:</b> Given an encryption key, a decryption key and a modulus, recover the decryption key corresponding to a different encryption key but the same modulus.</p>
</div>
<div class="problemStatement">
<p>
Your agent in Malland has a breakthrough and gets his hands on Malland's secret decryption exponent d.
Though Malland quickly discovers that there has been a breach in security and changes their decryption exponent d and encryption exponent e (to e<sub>new</sub>), they do not think to also change their modulus.
Use this information to discover their new decryption exponent d<sub>new</sub>.
</p>
<p>For this exercise, use the following values:</p>
<table class="exerciseValuesTable" cellspacing="0">
<tr class="headerRow">
<td class="name">Name</td>
<td class="value">Value</td>
</tr>
<tr class="oddRow">
<td class="name">Modulus #</td>
<td class="value"><div id="modulus"></div></td>
</tr>
<tr class="evenRow">
<td class="name">Old public exponent</td>
<td class="value"><div id="old_public_exp"></div></td>
</tr>
<tr class="oddRow">
<td class="name">Old private exponent</td>
<td class="value"><div id="old_private_exp"></div></td>
</tr>
<tr class="evenRow">
<td class="name">New public exponent</td>
<td class="value"><div id="new_public_exp"></div></td>
</tr>
</table>
<form class="new_exercise">
<table class="answerFormTable" cellspacing="0">
<tr>
<td>
<!--
# The size of this text area is probably much smaller, but may
# also vary from exercise to exercise. The right answer is
# probably to see if this value can be moved into CSS, and
# then change the class name based on the exercise.
-->
<label class="answer" for="exercise_answer">Your Answer:</label>
<textarea class="answer" name="exercise[answer]" id="exercise_answer" cols="100" rows="20">
</textarea>
</td>
</tr>
<tr>
<td>
<!--
# Save the answer hash
-->
<input value="" type="hidden" id="ans_hash" />
<input type="submit" name="commit" value="Check Your Answer" onclick="checkAnswer(); return false;" />
<div id="anscheck_result"></div>
</td>
</tr>
</table>
</form>
</div>
<!-- Create and check problems -->
<script>
function loadProblem() {
let rsa = genRSAWithPubExp(rsa_bits, 13);
let modulus = rsa[0];
let old_public_exp = rsa[1];
let old_private_exp = rsa[4];
let phin = (rsa[2]-1n) * (rsa[3]-1n)
document.getElementById('modulus').innerHTML = modulus;
document.getElementById('old_public_exp').innerHTML = old_public_exp;
document.getElementById('old_private_exp').innerHTML = old_private_exp;
let new_public_exp = getRandomBigIntLessThan(modulus);
let gcdres = extendedGCD(phin, new_public_exp);
while ((gcdres[0] != 1) || (new_public_exp == old_public_exp)) {
new_public_exp = getRandomBigIntLessThan(modulus);
gcdres = extendedGCD(phin, new_public_exp);
}
let new_private_exp = gcdres[2];
document.getElementById('new_public_exp').innerHTML = new_public_exp;
let answerhash = sjcl.hash.sha256.hash(String(new_private_exp));
document.getElementById('ans_hash').value = answerhash;
return false;
}
function checkAnswer() {
let ans = document.getElementById('exercise_answer').value;
let anshash = sjcl.hash.sha256.hash(ans);
let realanshash = document.getElementById('ans_hash').value;
if (anshash == realanshash) {
document.getElementById('anscheck_result').innerHTML = "Correct!";
}
else {
document.getElementById('anscheck_result').innerHTML = "Incorrect";
}
return false;
}
</script>
</td>
<!-- start tool panel -->
<td class="cryptoToolkit">
<iframe
src="./toolpanel.html"
frameborder="0"
scrolling="yes"
seamless="seamless"
style="display:block;
width:100%;
height:85vh;"
>
</iframe>
</td>
<!-- end tool panel -->
</tr>
</table>
</article>
<!----------------------------------------------------------------------------->
<footer>
<small>
© 2016, by Uri Blumenthal, Jeff Diewald, and Sophia Yakoubov, and 2024, by David Wilson and Nick Cunningham.
</small>
</footer>
</body>
</html>