Tags: crypto
Rating:
# keyexchange - Crypto (120 pts)
## Description
> Diffie-Hellman is secure right
remote endpoint: `nc keyexchange.wolvctf.io 1337`
### Provided files
`challenge.py` Python script for the remote endpoint \[[download](https://ctfnote.shinmai.wtf:31337/files/downloadFile?id=2kz0OlOFaPFXYPN)\]
`Dockerfile` Docker configuration for the remote endpont \[[download](https://ctfnote.shinmai.wtf:31337/files/downloadFile?id=gEuNR09Iii3kvBe)\]
## Ideas and observations
1. we get `pow(s, a, n)`
2. we are prompted for `b` and an XOR key is constructed with `pow(pow(s, a, n), b, n)`
3. the flag is padded with null bytes to the length of the key, XORed and we get the a hex digest
## Notes
1. If we pass 1 as `b`, the key becomes `pow(pow(s, a, n), 1, n)` or `pow(s, a, n) % n` or `pow(s, a, n)`.
2. We know `pow(s, a, n)`.
## Solution
1. receive `pow(s, a, n)` from server
2. provide 1 as the value for `b`
3. receive the hex digest of the cipher text from server
4. unhexlify ciphertext, XOR with `pow(s, a, n)`
5. get flag
### Solution script
```python=
from pwn import *
from Crypto.Util.strxor import strxor
r = remote('keyexchange.wolvctf.io', 1337)
r.recvline()
pow_san = r.recvlineS()
r.recvuntil(b'> ')
r.sendline(b'1')
enc_flag = bytes.fromhex(r.recvlineS())
key = (int(pow_san)).to_bytes(64, 'big')
flag = strxor(enc_flag, key)
print(flag)
```
This gets us the flag: `wctf{m4th_1s_h4rd_but_tru5t_th3_pr0c3ss}`
