Rating: 5.0

tldr;
- partitioning oracle attack on AES-GCM
- create ciphertexts+tags that decrypt and verify under multiple keys
- use binary search to find the correct password

[writeup](https://jsur.in/posts/2021-07-19-google-ctf-2021-crypto-writeups#pythia)

Original writeup (https://jsur.in/posts/2021-07-19-google-ctf-2021-crypto-writeups#pythia).