Skip to content
This repository was archived by the owner on Mar 24, 2022. It is now read-only.

Fix RSA LSBit Oracle attack to not mess up last bytes #9

Open
JesseEmond wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Fix RSA LSBit Oracle attack to not mess up last bytes #9

JesseEmond wants to merge 1 commit into from

Conversation

@JesseEmond
Copy link

@JesseEmond JesseEmond commented Jun 19, 2021

The previous approach of updating the upper/lower limits to be the
mid-point between them would truncate the result multiple times along
the way, leading to an incorrect last byte at the end. By keeping track
of numerators/denominators separately, we can get an accurate
decryption.

Learned about this approach from:
https://github.com/akalin/cryptopals-python3/blob/master/challenge46.py

Tested with exploit.py, where I am now able to recover a full flag, instead of getting incorrect last bytes.
Also tested lsbitoracle.py by creating a small script that calls it, where it also recovers the full flag now.

Fix LSBit-Oracle attack to not mess up last byte
f9c7d30 
The previous approach of updating the upper/lower limits to be the
mid-point between them would truncate the result multiple times along
the way, leading to an incorrect last byte at the end. By keeping track
of numerators/denominators separately, we can get an accurate
decryption.

Learned about this approach from:
https://github.com/akalin/cryptopals-python3/blob/master/challenge46.py
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@JesseEmond