National Cryptography Contest (Category II-A) Problem 05 (2016)
Recommended post: 【Cryptography】 Cryptography Table of Contents
1. Problem
2. Solution
1. Problem
Investigator Mr. X received intelligence that terrorist suspect Mr. Y would obtain secret account information from a terrorist organization in order to raise funds to be used for terrorism, and collected network packets generated at the PC room used by terrorist Mr. Y. The collected packets contain information and secret orders that suspect Mr. Y secretly exchanged with other terrorists. Find the secret account number from the collected packets!
Problem A. List the IP addresses presumed to belong to the terrorists.
Problem B. What orders and secret information did terrorist Mr. Y receive, and describe the process of finding them.
Problem C. Use the orders and secret information received by terrorist Mr. Y to find the secret account number, and describe the process.
Find secret information.pcapng
2. Solution
Before reading this solution, please refer to Solution to Problem 06.
First, in order to open the pcapng file, the well-known program Wireshark (ver. Wireshark-win64-2.0.4) was used. While examining the pcapng file, communication between 202.30.24.92 and 220.30.0.11 stood out. This was because it contained very familiar information such as newsletters, Naver, radiokorea.com, happylog.naver.com, and so on. From this, the conclusion obtained was that one of them was an IP for Naver or another social medium, and the other was the user himself. However, compared to 220.30.0.11, 202.30.24.92 had far more communication records, so it could be determined that 202.30.24.92 was the IP of the PC used by suspect Mr. Y.
Meanwhile, if Mr. Y exchanged some message with another terrorist, then surely the length of that message would stand out somewhat, considering that quite a lot of messages have the same length. Since it is displayed in the info field as Len = ##number##, I searched by Len. After examining the communication records one by one in that way, a very suspicious piece of information was found.
The above information was clearly information sent by suspect Mr. Y to another IP. But no matter how one thinks about it, the information “Please give me a private key!” could not be information used for logging into some site or something like that, and it could only have been information sent to someone else through some mail. Since the content of the message strongly smelled of terrorism, naturally the recipient 210.107.192.244 could be concluded to be the IP address of one of the terrorists. Now it was necessary to examine the reply to the user’s request asking for the private key. Then immediately afterward, the replies arriving at 36.310788(Time) and 36.311548(Time) contained the RSA private key.
Now let us convert the private key to HEX and interpret it. Before that, refer to here. Meanwhile, the character corresponding to 0x0a appears to separate the string into chunks of 64, except for the beginning and the end, so it seems like an instruction to read it in segments.
-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAsuz7gf8oCqm8SYLjaKUmxAhX33q1kVUafzeHqSwtuyATEzml
pf88TaRpZKQWO2i5cQVhO4KiGsTYUvOaxEuqUijOWLvl2gRcgH1Vzn9PBjh+nWuW
s2cEU3/+Fm2hm5fBrnAFnNlwxCu8jzEAakSaMmyVVB8n4XCxLKRGgXba9viyRhK6
9ICppG22tw4miEBYw6GT/uzsM1V3+oLrQaSw9OEAXAScbXDKD76ayJgYNLemI0K0
jH9O45BFuDjn0LfploOVLPz3/Dk5umdgTi/ZdPsuiDc4XxS5TuEDDHPRntvV9aNj
m75taXnHe1n8/jNzCFJ0pJlIn1u/7q3XbowOrwIDAQABAoIBAAJzoNadKm1K+ht/
waHzcV6KRrn3Mnm1UtGfbypwQogn3lsLFSv7HVZrBE6uuOdDfhcAXd604YfAXr50
PBCogMLzcDBjErk0ChhwnzZfJDQPnhyGFuCKbtK+FDs2cVpyb+L2Af2uNQ9bEhBc
OYc7PWmndzxZ2PAL3UGhVp37hPCRXfJyYh/NbVxl3//Pe6PG2P/QYCg0AAycvFsw
MaskRlZJXjrhUn8RIW0GgDIwWGG6f0nQY2JopTLt83TS07I0D/Bnbu0sn7JeFX48
dNbEVOVla9dNO6Dwfvr8F3d8wukJAuSS9TNzJ4NdciQdpRPPKT5nO1P7o5qq23/6
FH28dgECgYEA17QK/yZAIOGJSzgT1YCNeaWjlv7Jn0tgQkBDf1MNuTNdkhMuFqnb
/hDPLBm4TvM1Bw42t1WJQBnl0x+1LOIRE1vY/LTGonoooW7gLVP26rxuJ1UsWHEm
W+rGyIg2YoavS+uNCKwEq9AGBQr+N071vMioj/gFX4CIGE2bJwwlXoECgYEA1FoP
jZHxhWPk4He2n+wxOZVVOvuIJWQHLcRai3rdPt2I/C69CxHMiBpS3IbPFsatF93V
e4/lopRQQMV547CS1zyOR1WPmaToJ1AakCJeqKtYyo6ICzZOLIFx52TQ/bD/hHS/
wXLCmq5GSbDY3clmdoPyYTEl/P0OVUn1ekWfNS8CgYAibjW3Jobj+LwuioP3924d
tcfYCVFroN97k8ByaXJuVnmgIHmh2nkoI8y98FkQGRgkySsItpmS5s9dlNkZkfhB
y85mAAEY3EDyC72y3o0ySOOYWasbbuw9jcsvJTbxISiICNBZSwPv3OOpGGkdsPfe
q3TkjiVlaiHPJ0wVvoWUgQKBgGUCaf+HeoFe4RI9H6u2qDuh4ybpWvueNyP4ELHk
QbWTn4OFn/rR/p6HFv87SOqmmtONe+0Ip8zMC9ijlrVN2qtzbKJV+ra1EJESs2/4
SVqmFthTMDdVH55f/JR7CkaCmSiieExGkHcPivOmoaHuGUUqwnKk9FMA9H5xbck5
sN+VAoGAafWA7vQiwELhHYrFh/070gtaRhNXFwM9B9XLhnmlg5sRAfybLMcqkRB2
1m2mLsIZlhSmXc5WdyU6r87rT/1F6DN7I7PATrZbRdTlNi1uY3kV1QDvLYj8mQw8
oH79GlBSVyBbL0MJwrOy4+VtECo+WUTcflKuckRnVzpRPV1V0B4=
----END RSA PRIVATE KEY-----
308204A20201000282010100B2ECFB81FF280AA9BC4982E368A526C40857DF7AB591551A7F3787A92C2DBB20131339A5
A5FF3C4DA46964A4163B68B97105613B82A21AC4D852F39AC44BAA5228CE58BBE5DA045C807D55CE7F4F06387E9D6B96
B36704537FFE166DA19B97C1AE70059CD970C42BBC8F31006A449A326C95541F27E170B12CA4468176DAF6F8B24612BA
F480A9A46DB6B70E26884058C3A193FEECEC335577FA82EB41A4B0F4E1005C049C6D70CA0FBE9AC8981834B7A62342B4
8C7F4EE39045B838E7D0B7E99683952CFCF7FC3939BA67604E2FD974FB2E8837385F14B94EE1030C73D19EDBD5F5A363
9BBE6D6979C77B59FCFE3373085274A499489F5BBFEEADD76E8C0EAF0203010001028201000273A0D69D2A6D4AFA1B7F
C1A1F3715E8A46B9F73279B552D19F6F2A70428827DE5B0B152BFB1D566B044EAEB8E7437E17005DDEB4E187C05EBE74
3C10A880C2F370306312B9340A18709F365F24340F9E1C8616E08A6ED2BE143B36715A726FE2F601FDAE350F5B12105C
39873B3D69A7773C59D8F00BDD41A1569DFB84F0915DF272621FCD6D5C65DFFFCF7BA3C6D8FFD0602834000C9CBC5B30
31AB244656495E3AE1527F11216D068032305861BA7F49D0636268A532EDF374D2D3B2340FF0676EED2C9FB25E157E3C
74D6C454E5656BD74D3BA0F07EFAFC17777CC2E90902E492F5337327835D72241DA513CF293E673B53FBA39AAADB7FFA
147DBC760102818100D7B40AFF264020E1894B3813D5808D79A5A396FEC99F4B604240437F530DB9335D92132E16A9DB
FE10CF2C19B84EF335070E36B755894019E5D31FB52CE211135BD8FCB4C6A27A28A16EE02D53F6EABC6E27552C587126
5BEAC6C888366286AF4BEB8D08AC04ABD006050AFE374EF5BCC8A88FF8055F8088184D9B270C255E8102818100D45A0F
8D91F18563E4E077B69FEC313995553AFB882564072DC45A8B7ADD3EDD88FC2EBD0B11CC881A52DC86CF16C6AD17DDD5
7B8FE5A2945040C579E3B092D73C8E47558F99A4E827501A90225EA8AB58CA8E880B364E2C8171E764D0FDB0FF8474BF
C172C29AAE4649B0D8DDC9667683F2613125FCFD0E5549F57A459F352F028180226E35B72686E3F8BC2E8A83F7F76E1D
B5C7D809516BA0DF7B93C07269726E5679A02079A1DA792823CCBDF05910191824C92B08B69992E6CF5D94D91991F841
CBCE66000118DC40F20BBDB2DE8D3248E39859AB1B6EEC3D8DCB2F2536F121288808D0594B03EFDCE3A918691DB0F7DE
AB74E48E25656A21CF274C15BE859481028180650269FF877A815EE1123D1FABB6A83BA1E326E95AFB9E3723F810B1E4
41B5939F83859FFAD1FE9E8716FF3B48EAA69AD38D7BED08A7CCCC0BD8A396B54DDAAB736CA255FAB6B5109112B36FF8
495AA616D8533037551F9E5FFC947B0A46829928A2784C4690770F8AF3A6A1A1EE19452AC272A4F45300F47E716DC939
B0DF9502818069F580EEF422C042E11D8AC587FD3BD20B5A46135717033D07D5CB8679A5839B1101FC9B2CC72A911076
D66DA62EC2199614A65DCE5677253AAFCEEB4FFD45E8337B23B3C04EB65B45D4E5362D6E637915D500EF2D88FC990C3C
A07EFD1A505257205B2F4309C2B3B2E3E56D102A3E5944DC7E52AE724467573A513D5D55D01E
30 82 04 A2 ; header
ㅣ 02 01 ; separator: 0x02 = integer, 0x01 = 1 byte long
ㅣ 00 ; algorithm version: version zero
ㅣ 02 82 01 01 ; separator: 0x02 = integer, 0x0101 = 257 bytes long
ㅣ ㅣ ; modulus: 257 bytes
ㅣ ㅣ 00 B2 EC FB 81 FF 28 0A A9 BC 49 82 E3 68 A5 26 C4 08 57 DF 7A B5 91 55 1A 7F 37 87 A9 2C 2D BB
ㅣ ㅣ 20 13 13 39 A5 A5 FF 3C 4D A4 69 64 A4 16 3B 68 B9 71 05 61 3B 82 A2 1A C4 D8 52 F3 9A C4 4B AA
ㅣ ㅣ 52 28 CE 58 BB E5 DA 04 5C 80 7D 55 CE 7F 4F 06 38 7E 9D 6B 96 B3 67 04 53 7F FE 16 6D A1 9B 97
ㅣ ㅣ C1 AE 70 05 9C D9 70 C4 2B BC 8F 31 00 6A 44 9A 32 6C 95 54 1F 27 E1 70 B1 2C A4 46 81 76 DA F6
ㅣ ㅣ F8 B2 46 12 BA F4 80 A9 A4 6D B6 B7 0E 26 88 40 58 C3 A1 93 FE EC EC 33 55 77 FA 82 EB 41 A4 B0
ㅣ ㅣ F4 E1 00 5C 04 9C 6D 70 CA 0F BE 9A C8 98 18 34 B7 A6 23 42 B4 8C 7F 4E E3 90 45 B8 38 E7 D0 B7
ㅣ ㅣ E9 96 83 95 2C FC F7 FC 39 39 BA 67 60 4E 2F D9 74 FB 2E 88 37 38 5F 14 B9 4E E1 03 0C 73 D1 9E
ㅣ ㅣ DB D5 F5 A3 63 9B BE 6D 69 79 C7 7B 59 FC FE 33 73 08 52 74 A4 99 48 9F 5B BF EE AD D7 6E 8C 0E
ㅣ ㅣ AF
ㅣ 02 03 ; separator: 0x02 = integer, 0x03 = 3 bytes long
ㅣ ㅣ 01 00 01 ; public exponent (3 bytes): 65537(F4)
ㅣ 02 82 01 00 ; separator: 0x02 = integer, 0x0100 = 256 bytes long
ㅣ ㅣ ; private exponent: 256 bytes
ㅣ ㅣ 02 73 A0 D6 9D 2A 6D 4A FA 1B 7F C1 A1 F3 71 5E 8A 46 B9 F7 32 79 B5 52 D1 9F 6F 2A 70 42 88 27
ㅣ ㅣ DE 5B 0B 15 2B FB 1D 56 6B 04 4E AE B8 E7 43 7E 17 00 5D DE B4 E1 87 C0 5E BE 74 3C 10 A8 80 C2
ㅣ ㅣ F3 70 30 63 12 B9 34 0A 18 70 9F 36 5F 24 34 0F 9E 1C 86 16 E0 8A 6E D2 BE 14 3B 36 71 5A 72 6F
ㅣ ㅣ E2 F6 01 FD AE 35 0F 5B 12 10 5C 39 87 3B 3D 69 A7 77 3C 59 D8 F0 0B DD 41 A1 56 9D FB 84 F0 91
ㅣ ㅣ 5D F2 72 62 1F CD 6D 5C 65 DF FF CF 7B A3 C6 D8 FF D0 60 28 34 00 0C 9C BC 5B 30 31 AB 24 46 56
ㅣ ㅣ 49 5E 3A E1 52 7F 11 21 6D 06 80 32 30 58 61 BA 7F 49 D0 63 62 68 A5 32 ED F3 74 D2 D3 B2 34 0F
ㅣ ㅣ F0 67 6E ED 2C 9F B2 5E 15 7E 3C 74 D6 C4 54 E5 65 6B D7 4D 3B A0 F0 7E FA FC 17 77 7C C2 E9 09
ㅣ ㅣ 02 E4 92 F5 33 73 27 83 5D 72 24 1D A5 13 CF 29 3E 67 3B 53 FB A3 9A AA DB 7F FA 14 7D BC 76 01
ㅣ 02 81 81 ; separator: 0x02 = integer, 0x81 = 129 bytes
ㅣ ㅣ ; prime1: 129 bytes
ㅣ ㅣ 00 D7 B4 0A FF 26 40 20 E1 89 4B 38 13 D5 80 8D 79 A5 A3 96 FE C9 9F 4B 60 42 40 43 7F 53 0D B9
ㅣ ㅣ 33 5D 92 13 2E 16 A9 DB FE 10 CF 2C 19 B8 4E F3 35 07 0E 36 B7 55 89 40 19 E5 D3 1F B5 2C E2 11
ㅣ ㅣ 13 5B D8 FC B4 C6 A2 7A 28 A1 6E E0 2D 53 F6 EA BC 6E 27 55 2C 58 71 26 5B EA C6 C8 88 36 62 86
ㅣ ㅣ AF 4B EB 8D 08 AC 04 AB D0 06 05 0A FE 37 4E F5 BC C8 A8 8F F8 05 5F 80 88 18 4D 9B 27 0C 25 5E
ㅣ ㅣ 81
ㅣ 02 81 81 ; separator: 0x02 = integer, 0x81 = 129 bytes
ㅣ ㅣ ; prime2: 129 bytes
ㅣ ㅣ 00 D4 5A 0F 8D 91 F1 85 63 E4 E0 77 B6 9F EC 31 39 95 55 3A FB 88 25 64 07 2D C4 5A 8B 7A DD 3E
ㅣ ㅣ DD 88 FC 2E BD 0B 11 CC 88 1A 52 DC 86 CF 16 C6 AD 17 DD D5 7B 8F E5 A2 94 50 40 C5 79 E3 B0 92
ㅣ ㅣ D7 3C 8E 47 55 8F 99 A4 E8 27 50 1A 90 22 5E A8 AB 58 CA 8E 88 0B 36 4E 2C 81 71 E7 64 D0 FD B0
ㅣ ㅣ FF 84 74 BF C1 72 C2 9A AE 46 49 B0 D8 DD C9 66 76 83 F2 61 31 25 FC FD 0E 55 49 F5 7A 45 9F 35
ㅣ ㅣ 2F
ㅣ 02 81 80 ; separator: 0x02 = integer, 0x80 = 128 bytes
ㅣ ㅣ ; exponent1: 128 bytes
ㅣ ㅣ 22 6E 35 B7 26 86 E3 F8 BC 2E 8A 83 F7 F7 6E 1D B5 C7 D8 09 51 6B A0 DF 7B 93 C0 72 69 72 6E 56
ㅣ ㅣ 79 A0 20 79 A1 DA 79 28 23 CC BD F0 59 10 19 18 24 C9 2B 08 B6 99 92 E6 CF 5D 94 D9 19 91 F8 41
ㅣ ㅣ CB CE 66 00 01 18 DC 40 F2 0B BD B2 DE 8D 32 48 E3 98 59 AB 1B 6E EC 3D 8D CB 2F 25 36 F1 21 28
ㅣ ㅣ 88 08 D0 59 4B 03 EF DC E3 A9 18 69 1D B0 F7 DE AB 74 E4 8E 25 65 6A 21 CF 27 4C 15 BE 85 94 81
ㅣ 02 81 80 ; separator: 0x02 = integer, 0x80 = 128 bytes
ㅣ ㅣ ; exponent2: 128 bytes
ㅣ ㅣ 65 02 69 FF 87 7A 81 5E E1 12 3D 1F AB B6 A8 3B A1 E3 26 E9 5A FB 9E 37 23 F8 10 B1 E4 41 B5 93
ㅣ ㅣ 9F 83 85 9F FA D1 FE 9E 87 16 FF 3B 48 EA A6 9A D3 8D 7B ED 08 A7 CC CC 0B D8 A3 96 B5 4D DA AB
ㅣ ㅣ 73 6C A2 55 FA B6 B5 10 91 12 B3 6F F8 49 5A A6 16 D8 53 30 37 55 1F 9E 5F FC 94 7B 0A 46 82 99
ㅣ ㅣ 28 A2 78 4C 46 90 77 0F 8A F3 A6 A1 A1 EE 19 45 2A C2 72 A4 F4 53 00 F4 7E 71 6D C9 39 B0 DF 95
ㅣ 02 81 80 ; separator: 0x02 = integer, 0x80 = 128 bytes
ㅣ ㅣ ; coefficient: 128 bytes
ㅣ ㅣ 69 F5 80 EE F4 22 C0 42 E1 1D 8A C5 87 FD 3B D2 0B 5A 46 13 57 17 03 3D 07 D5 CB 86 79 A5 83 9B
ㅣ ㅣ 11 01 FC 9B 2C C7 2A 91 10 76 D6 6D A6 2E C2 19 96 14 A6 5D CE 56 77 25 3A AF CE EB 4F FD 45 E8
ㅣ ㅣ 33 7B 23 B3 C0 4E B6 5B 45 D4 E5 36 2D 6E 63 79 15 D5 00 EF 2D 88 FC 99 0C 3C A0 7E FD 1A 50 52
ㅣ ㅣ 57 20 5B 2F 43 09 C2 B3 B2 E3 E5 6D 10 2A 3E 59 44 DC 7E 52 AE 72 44 67 57 3A 51 3D 5D 55 D0 1E
Now the question becomes which message should be decrypted with RSA. In order to find the message to decrypt, it is necessary to clarify the meaning of the protocols a bit more clearly.
- TCP (Transmission Control Protocol): high data reliability, data flow control, acknowledgment present
Used in email, etc.
- UDP (User Datagram Protocol): constant data communication speed, data errors present, no acknowledgment
Used in streaming, etc.
- SSL/TLS (Secure Secret Layer): Site Authentication, Data privacy, Data integrity
Used in electronic commerce, etc.
A rough process of SSL
There were also several other protocols besides these. Then which protocol should be examined to find orders from the other terrorists? First of all, there are reasons why protocols other than the above three cannot each be the orders. (For reference, what is referred to as protocol here means what is displayed in Wireshark; in reality, a protocol such as HTML also corresponds to TCP.)
a) ARP, BJNP, SSL, STP, VRRP: all are barely around 60 bytes, so there is almost no information.
b) BROWSER, CDP, DCERPC, NBNS, SNMP, SSDP: the information has patterns. It cannot be ciphertext.
c) DB-LSP-DISC, DHCP, DHCPv6, DTP, EPM, ICMPv6, IGMPv6, IPv6, LLMNR, PNRP, SMB, SMB2, SRVLOC: there is no direct communication record with the user (202.30.24.92).
d) DNS: communicates only with 202.30.0.11. Social media.
e) HTTP/XML: clearly web-related protocols.
f) QUIC: communicates only with a specific IP (216.58.197.163). It is unlikely that they would stay in contact with only one specific IP for a long time.
Therefore, the terrorists’ IPs must be one of TCP, TLSv1.2, or UDP. Then let us examine TLSv1.2 first. SSL/TLS first begins with the client asking the server whether it has reached the correct server. After that, the server sends a certificate to the client, and the client likewise sends a certificate to the server. Then the server sends the public key of the asymmetric key pair to the client. After that, it encrypts the symmetric session key with the private key and sends it. Then the client decrypts the session key with the public key so that the server and client share the same symmetric key. Now the two encrypt messages with this symmetric key and exchange them. This is the identity of the “encrypted handshake message.”
After filtering the protocol as ssl and searching for the “client hello” message, the client was always 202.30.24.92. Then this contradicts the earlier request for the RSA private key. This is because there is never a moment when the client needs the RSA private key. In fact, after creating a pem file with the given RSA private key and having Wireshark decrypt with it, the encrypted information within ssl was not decrypted. Therefore TLSv1.2 is not appropriate. (For reference, the following is the method for how Wireshark was made to decrypt it.)
-
Download OpenSSL-Win64 and open the cmd window.
-
cd C:\OpenSSL-Win64\bin
-
set RANDFILE=C:\OpenSSL-Win64\bin.rnd (process (2) may not be necessary)
-
openssl.exe
-
genrsa -des3 -out MyKey.pem 2048 (as 2048 bits, same as the modulus of the given RSA key)
-
Enter and re-enter the passphrase
-
rsa -in MyKey.pem -out MyKey2.pem (remove the passphrase)
-
Enter the passphrase from 5)
-
quit
-
ren MyKey.pem MyKey.txt
-
Open MyKey.txt and appropriately copy the given RSA private key into it.
-
ren MyKey.txt MyKey.pem
-
rsa -noout -text -in MyKey.pem (if it succeeds, it was done correctly.)
-
Edit - Preferences… - Protocols - SSL - RSA keys list - Edit…
-
Enter the IP address, Post, Protocol (= ssl) appropriately, and insert the pem file into Key File
Since there were too many TCP packets, I looked for an appropriate candidate among UDP. The one that communicated directly with 202.30.24.92, whose message information was meaningless, and which did not communicate too much with 202.30.24.92, had exactly one candidate. (Here the last condition reflects the special condition of being a terrorist.)
There was communication with 124.56.121.71 exactly once, and in that process it could be seen that they exchanged PEM information with each other. Of course, PEM information was also found in the HTTP protocol, but at that time it was information to reflect a resource. But this time it was displayed only as data, and in UDP only this was displayed as PEM information. Therefore this information indicates something. Therefore 124.56.121.71 is also one of the terrorists’ IPs.
Now it is necessary to investigate TCP. Since there are a great many communication records for TCP, I first filtered for TCP and then sorted by length in ascending order. And clearly since the modulus is 256 bytes, the communication record must be more than 256 bytes. And the communication record with 202.30.24.92 should not be too numerous, and the actual tcp segment data should be similar to 256 bytes. Finally, no recognizable information should remain. (e.g. www, http, com…) Using these criteria, if additional IPs are sought, the following IPs can be suspected.
59.18.44.109
5.45.62.62
77.234.41.35
Due to time constraints, it did not proceed beyond this. In fact, the message size should be exactly 256 bytes, but none of them were. So quite a lot of trial and error will be necessary, and there may have been a mistake in the earlier process of excluding TLSv1.2. However, the information obtained from UDP must be valuable information connected to some account number, and if some information to decrypt is found in TCP, then the following algorithm may be applied.
# Written in C
main(){
int i, j = 0, temp, temp1, temp2, temp3, temp4;
bignum modulus, private_key, public_key, message;
bignum note1, note2, note3, note4, note5;
// note1 would be decrypted message
// note2 is "0"
// note3, note4, note5 is just note
initialize_bignum(&modulus);
initialize_bignum(&private_key);
initialize_bignum(&public_key);
initialize_bignum(&message);
int_to_bignum(0, ¬e2);
char* Modulus=
"00B2ECFB81FF280AA9BC4982E368A526C40857DF7AB591551A7F3787A92C2DBB"\
"20131339A5A5FF3C4DA46964A4163B68B97105613B82A21AC4D852F39AC44BAA"\
"5228CE58BBE5DA045C807D55CE7F4F06387E9D6B96B36704537FFE166DA19B97"\
"C1AE70059CD970C42BBC8F31006A449A326C95541F27E170B12CA4468176DAF6"\
"F8B24612BAF480A9A46DB6B70E26884058C3A193FEECEC335577FA82EB41A4B0"\
"F4E1005C049C6D70CA0FBE9AC8981834B7A62342B48C7F4EE39045B838E7D0B7"\
"E99683952CFCF7FC3939BA67604E2FD974FB2E8837385F14B94EE1030C73D19E"\
"DBD5F5A3639BBE6D6979C77B59FCFE3373085274A499489F5BBFEEADD76E8C0E"\
"AF";
char *Private_key=
"0273A0D69D2A6D4AFA1B7FC1A1F3715E8A46B9F73279B552D19F6F2A70428827"\
"DE5B0B152BFB1D566B044EAEB8E7437E17005DDEB4E187C05EBE743C10A880C2"\
"F370306312B9340A18709F365F24340F9E1C8616E08A6ED2BE143B36715A726F"\
"E2F601FDAE350F5B12105C39873B3D69A7773C59D8F00BDD41A1569DFB84F091"\
"5DF272621FCD6D5C65DFFFCF7BA3C6D8FFD0602834000C9CBC5B3031AB244656"\
"495E3AE1527F11216D068032305861BA7F49D0636268A532EDF374D2D3B2340F"\
"F0676EED2C9FB25E157E3C74D6C454E5656BD74D3BA0F07EFAFC17777CC2E909"\
"02E492F5337327835D72241DA513CF293E673B53FBA39AAADB7FFA147DBC7601";
char *Public_key=
"010001";
char *Message=
"123456789";
for(i = 0; i < 514; i ++){
if(Modulus[513 - i] >= '0' && Modulus[513 - i] <= '9')
modulus.digits[i] = Modulus[513 - i] - '0';
else modulus.digits[i] = Modulus[513 - i] - 'A' + 10;
}
modulus.lastdigit = 513;
zero_justify(&modulus);
for(i = 0; i < 512; i ++){
if(Private_key[511 - i] >= '0' && Private_key[511 - i] <= '9')
private_key.digits[i] = Private_key[511 - i] - '0';
else private_key.digits[i] = Private_key[511 - i] - 'A' + 10;
}
private_key.lastdigit = 511;
zero_justify(&private_key);
for(i = 0; i < 6; i ++){
if(Public_key[5 - i] >= '0' && Public_key[5 - i] <= '9')
public_key.digits[i] = Public_key[5 - i] - '0';
else public_key.digits[i] = Public_key[5 - i] - 'A' + 10;
}
public_key.lastdigit = 5;
zero_justify(&public_key);
for(i = 0; i < 9; i ++){
if(Message[8 - i] >= '0' && Message[8 - i] <= '9')
message.digits[i] = Message[8 - i] - '0';
else message.digits[i] = Message[8 - i] - 'A' + 10;
}
message.lastdigit = 8;
zero_justify(&message);
/* print_bignum(&message);
int_to_bignum(1, ¬e1);
for(i = 0; i <= public_key.lastdigit; i ++){
// printf("%d\n", ++j);
temp = public_key.digits[i];
temp1 = temp % 2; temp /= 2;
temp2 = temp % 2; temp /= 2;
temp3 = temp % 2; temp /= 2;
temp4 = temp % 2;
if(temp1){ // note1 = note1 * message mod modulus
multiply_bignum(¬e1, &message, ¬e3);
divide_bignum(¬e3, &modulus, ¬e4);
multiply_bignum(¬e4, &modulus, ¬e5);
subtract_bignum(¬e3, ¬e5, ¬e1);
}
multiply_bignum(&message, &message, ¬e3);
divide_bignum(¬e3, &modulus, ¬e4);
multiply_bignum(¬e4, &modulus, ¬e5);
subtract_bignum(¬e3, ¬e5, &message);
if(temp2){ // note1 = note1 * message mod modulus
multiply_bignum(¬e1, &message, ¬e3);
divide_bignum(¬e3, &modulus, ¬e4);
multiply_bignum(¬e4, &modulus, ¬e5);
subtract_bignum(¬e3, ¬e5, ¬e1);
}
multiply_bignum(&message, &message, ¬e3);
divide_bignum(¬e3, &modulus, ¬e4);
multiply_bignum(¬e4, &modulus, ¬e5);
subtract_bignum(¬e3, ¬e5, &message);
if(temp3){ // note1 = note1 * message mod modulus
multiply_bignum(¬e1, &message, ¬e3);
divide_bignum(¬e3, &modulus, ¬e4);
multiply_bignum(¬e4, &modulus, ¬e5);
subtract_bignum(¬e3, ¬e5, ¬e1);
}
multiply_bignum(&message, &message, ¬e3);
divide_bignum(¬e3, &modulus, ¬e4);
multiply_bignum(¬e4, &modulus, ¬e5);
subtract_bignum(¬e3, ¬e5, &message);
if(temp4){ // note1 = note1 * message mod modulus
multiply_bignum(¬e1, &message, ¬e3);
divide_bignum(¬e3, &modulus, ¬e4);
multiply_bignum(¬e4, &modulus, ¬e5);
subtract_bignum(¬e3, ¬e5, ¬e1);
}
multiply_bignum(&message, &message, ¬e3);
divide_bignum(¬e3, &modulus, ¬e4);
multiply_bignum(¬e4, &modulus, ¬e5);
subtract_bignum(¬e3, ¬e5, &message);
}
add_bignum(¬e1, ¬e2, &message);
print_bignum(&message);
*/
int_to_bignum(1, ¬e1);
j = 0;
for(i = 0; i <= private_key.lastdigit; i ++){
// printf("%d\n", ++j);
temp = private_key.digits[i];
temp1 = temp % 2; temp /= 2;
temp2 = temp % 2; temp /= 2;
temp3 = temp % 2; temp /= 2;
temp4 = temp % 2;
if(temp1){ // note1 = note1 * message mod modulus
multiply_bignum(¬e1, &message, ¬e3);
divide_bignum(¬e3, &modulus, ¬e4);
multiply_bignum(¬e4, &modulus, ¬e5);
subtract_bignum(¬e3, ¬e5, ¬e1);
}
multiply_bignum(&message, &message, ¬e3);
divide_bignum(¬e3, &modulus, ¬e4);
multiply_bignum(¬e4, &modulus, ¬e5);
subtract_bignum(¬e3, ¬e5, &message);
if(temp2){ // note1 = note1 * message mod modulus
multiply_bignum(¬e1, &message, ¬e3);
divide_bignum(¬e3, &modulus, ¬e4);
multiply_bignum(¬e4, &modulus, ¬e5);
subtract_bignum(¬e3, ¬e5, ¬e1);
}
multiply_bignum(&message, &message, ¬e3);
divide_bignum(¬e3, &modulus, ¬e4);
multiply_bignum(¬e4, &modulus, ¬e5);
subtract_bignum(¬e3, ¬e5, &message);
if(temp3){ // note1 = note1 * message mod modulus
multiply_bignum(¬e1, &message, ¬e3);
divide_bignum(¬e3, &modulus, ¬e4);
multiply_bignum(¬e4, &modulus, ¬e5);
subtract_bignum(¬e3, ¬e5, ¬e1);
}
multiply_bignum(&message, &message, ¬e3);
divide_bignum(¬e3, &modulus, ¬e4);
multiply_bignum(¬e4, &modulus, ¬e5);
subtract_bignum(¬e3, ¬e5, &message);
if(temp4){ // note1 = note1 * message mod modulus
multiply_bignum(¬e1, &message, ¬e3);
divide_bignum(¬e3, &modulus, ¬e4);
multiply_bignum(¬e4, &modulus, ¬e5);
subtract_bignum(¬e3, ¬e5, ¬e1);
}
multiply_bignum(&message, &message, ¬e3);
divide_bignum(¬e3, &modulus, ¬e4);
multiply_bignum(¬e4, &modulus, ¬e5);
subtract_bignum(¬e3, ¬e5, &message);
}
print_bignum(¬e1);
system("pause");
}
Input: 2016.08.17 10:29