rsa

平台 Crypto 已通过

题目作者: harry

一　　血: ‌‌‌‌‌H3rmesk1t

一血奖励: 2金币

解　　决: 950

提　　示:

描　　述: flag{}

附　　件: 下载

站长题解:

import gmpy2 import libnum n = 460657813884289609896372056585544172485318117026246263899744329237492701820627219556007788200590119136173895989001382151536006853823326382892363143604314518686388786002989248800814861248595075326277099645338694977097459168530898776007293695728101976069423971696524237755227187061418202849911479124793990722597 # http://factordb.com/ 分解 n p = 15991846970993213322072626901560749932686325766403404864023341810735319249066370916090640926219079368845510444031400322229147771682961132420481897362843199 q = 28805791771260259486856902729020438686670354441296247148207862836064657849735343618207098163901787287368569768472521344635567334299356760080507454640207003 e = 354611102441307572056572181827925899198345350228753730931089393275463916544456626894245415096107834465778409532373187125318554614722599301791528916212839368121066035541008808261534500586023652767712271625785204280964688004680328300124849680477105302519377370092578107827116821391826210972320377614967547827619 enc = 38230991316229399651823567590692301060044620412191737764632384680546256228451518238842965221394711848337832459443844446889468362154188214840736744657885858943810177675871991111466653158257191139605699916347308294995664530280816850482740530602254559123759121106338359220242637775919026933563326069449424391192 T = (p - 1) * (q - 1) d = gmpy2.invert(e, T) m = pow(enc, d, n) print(libnum.n2s(int(m)).decode())

roy1119 @ 2024-04-07 23:21:23 👍1

用factordb在线分解出p,q，套公式，得到flag{Wien3r_4tt@ck_1s_3AsY}

18991179563 @ 2024-05-07 23:21:23 👍0

你好求的m值是38230991316229399651823567590692....这个吗他怎么转换为字符串呀

xiaobai007 @ 2023-08-07 23:21:23 👍0

factordb分解出p,q，脚本如下： import gmpy2 as gmpy2 import libnum p = q = n = e = c = T = (p - 1) * (q - 1) d = gmpy2.invert(e, T) m = pow(c, d, n) print(libnum.n2s(int(m)))

jennychary @ 2023-08-07 23:21:23 👍1

维纳攻击 wiener attack

llluyan @ 2023-06-07 23:21:23 👍1

n超过300位，yafu分解不出来，factordb.com直接查询n即可

aWxvdmVjdGY @ 2023-06-07 23:21:23 👍0

低解密指数攻击（当d特别小的时候，e就特别大），使用脚本跑一下就好了

songsh @ 2023-06-07 23:21:23 👍1

直接在线大数分解出pq，pqnce都有，直接出结果

GitKit @ 2023-06-07 23:21:23 👍0

2022-09-11

袅簁 @ 2023-06-07 23:21:23 👍0

别看题解，坑币

EZXNPSPJHK @ 2022-06-07 23:21:23 👍0

N质因分解；通过分解后的数求L和N；求L和E的逆模，该逆模等于D；通过D和N解密。

kuaiting @ 2022-06-07 23:21:23 👍0

python solve.py -N 9668089326274971906358592360549603490994639752273505642653843732803366998533872540706628812659375651630007586061543087579440305718371750485145744730614015663308363346471766552826192

详情

rsa

去做题