Get the flag. bcs.7z $ nc bcs.chal.ctf.westerns.tokyo 3971 Summary: recovering AES key from partial subkey leaks.

Sep

05

## Tokyo Westerns/MMA CTF 2016 – Pinhole Attack (Crypto 500)

Decrypt the cipher text with a pinhole. $ nc cry1.chal.ctf.westerns.tokyo 23464 pinhole.7z Summary: attacking RSA using decryption oracle leaking 2 consecutive bits in the middle.

May

03

## Google CTF – Woodman (Crypto 100)

How honest are you? Running here Summary: breaking a weak PRNG

May

01

## Google CTF – Spotted Wobbegong (Crypto 100)

Are you able to defeat 1024-bit RSA? public.pem Summary: breaking RSA with PCKS v1.5 padding and exponent 3.

May

01

## Google CTF – Jekyll (Crypto)

Can you access the admin page? You can look at the crypto here. source.py Summary: finding a preimage for a simple 64-bit ARX-based hash.

May

01

## Google CTF – Wolf Spider (Crypto 125)

Continuing on from Eucalypt Forest – can you break Message Authentication in Wolf Spider wolf.py Summary: forging signatures by exploiting CBC padding oracle and hash length extenstion

Apr

24

## PlaidCTF 2016 – sexec (Crypto 300)

If you need to securely grant execution privileges, what better way to do it than sexec? This is running on sexec.pwning.xxx:9999 sexec.tar.gz Summary: attacking a small instance of Ring-LWE based cryptosystem with Babai’s Nearest Vector algorithm.

Apr

18

## PlaidCTF 2016 – Radioactive (Crypto 275)

We just got this fancy new cryptographic device and it seems to work greatâ€¦ for the most part. But sometimes the values it gives me are wrong. Maybe you could take a look for me. radioactive.tar.bz2 Summary: fault attack on RSA signature (not RSA-CRT)

Mar

14

## 0CTF 2016 Quals – Equation (Crypto 2 pts)

Here is a RSA private key with its upper part masked. Can your recover the private key and decrypt the file? equation.zip Summary: recovering RSA key from part of the private key.

Mar

13

## 0CTF 2016 Quals – RSA? (Crypto 2 pts)

It seems easy, right? rsa.zip Tip: openssl rsautl -encrypt -in FLAG -inkey public.pem -pubin -out flag.enc Summary: factoring 300-bit modulus into 3 primes, extracting cube roots.

Sep

07

## MMA CTF 2015 – Motto Mijikai Address (Crypto/Web 100+300)

Login as admin and get the flag1. mmaddress.7z Summary: breaking HMAC-CRC512

May

27

## CONFidence CTF 2015 – RSA2 (Crypto 500)

Find the flag data Summary: cube attack + recover python’s MersenneTwister state + leak 320/520 LSBs of one of the primes

May

04

## VolgaCTF Quals 2015 – CPKC (Crypto 400) writeup

cpkc A home-brewed cryptosystem, should be easy to break. Its keyspace seems to be rather large though… challenge.tar Summary: LLL-based attack on NTRUEncrypt-like cryptosystem.