diff --git a/cryptography/level-3/.config b/cryptography/level-3/.config deleted file mode 100644 index 00750ed..0000000 --- a/cryptography/level-3/.config +++ /dev/null @@ -1 +0,0 @@ -3 diff --git a/cryptography/level-3/DESCRIPTION.md b/cryptography/level-3/DESCRIPTION.md new file mode 100644 index 0000000..740b649 --- /dev/null +++ b/cryptography/level-3/DESCRIPTION.md @@ -0,0 +1,8 @@ +The previous challenge gave you the one time pad to decrypt the ciphertext. +If you did not know the one time pad, and it was only ever used for one message, the previous challenge would be unsolvable! +In this level, we'll explore what happens if the latter condition is violated. +You don't get the key this time, but we'll let you encrypt as many messages as you want. +Can you decrypt the flag? + +---- +**Hint:** understand deeply about how XOR works, and consider that it is a distributative, commutative, and associative operation... diff --git a/cryptography/level-3/run b/cryptography/level-3/run deleted file mode 120000 index 84ba55b..0000000 --- a/cryptography/level-3/run +++ /dev/null @@ -1 +0,0 @@ -../run \ No newline at end of file diff --git a/cryptography/level-3/run b/cryptography/level-3/run new file mode 100644 index 0000000..fe3b19d --- /dev/null +++ b/cryptography/level-3/run @@ -0,0 +1,16 @@ +#!/opt/pwn.college/python + +import base64 +from Crypto.Random import get_random_bytes +from Crypto.Util.strxor import strxor + +flag = open("/flag", "rb").read() + +key = get_random_bytes(256) +ciphertext = strxor(flag, key[:len(flag)]) +print(f"secret ciphertext: {base64.b64encode(ciphertext).decode()}") + +while True: + plaintext = base64.b64decode(input("plaintext (b64): ")) + ciphertext = strxor(plaintext, key[:len(plaintext)]) + print(f"ciphertext: {base64.b64encode(ciphertext).decode()}") diff --git a/cryptography/module.yml b/cryptography/module.yml index f8ac7f8..33fbb46 100644 --- a/cryptography/module.yml +++ b/cryptography/module.yml @@ -6,8 +6,7 @@ challenges: - id: level-2 name: One Time Pad - id: level-3 - name: level3 - description: Decrypt a secret encrypted with a one-time pad, where the key is reused for arbitrary data + name: Many Time Pad - id: level-4 name: level4 description: Decrypt a secret encrypted with AES using the ECB mode of operation