Skip to content
  • Register
    • Advertisement
    If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
    Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

    Bitcrypt decrypt.

    Welcome!

    It looks like you're new here. Sign in or register to get started.
    Sign In
    Register

    Comments

    • #2
      Khannie
      Registered Users, Registered Users 2 Posts: 37,485 Khannie
      ✭✭✭✭


      Can someone walk me through the mistake please?


    • #3
      Harold Weiss
      Closed Accounts Posts: 439 Harold Weiss
      ✭✭


      Khannie wrote: »
      Can someone walk me through the mistake please?

      The algorithm works like this.
      1. Search for specific files on disk
      2. For each file found, generate a random 16-byte value.
      3. Derive a 192-bit key from PBKDF2 using value from step 2.
      4. Encrypt file with key from step 3 using AES in CTR mode.
      5. Encrypt key from step 3 using RSA encryption (426-bit modulus).
      6. Store RSA public key + AES encrypted key from step 5 in header of file.

      The header for each encrypted file.
      <cfg++0><cfg--0>: size of raw data before the structure
      <AesRPass++><AesRPass-->: the encrypted AES key
      <IDPubKey++><IDPubKey-->: the base64-like encoded RSA public modulus

      The author then requires ransom and user is provided with private key to decrypt AES encrypted key and recover files. But since the RSA modulus is small enough, it can be factored to recover random primes P + Q that generated both public/private key pair.

      If you can crack the RSA-426 key, you can recover encrypted AES key and the files without paying ransom.

      If the modulus was larger, it wouldn't be feasible to crack.
      Sorry if that doesn't help it easier to understand. u.u


    • #4
      Khannie
      Registered Users, Registered Users 2 Posts: 37,485 Khannie
      ✭✭✭✭


      Harold Weiss wrote: »
      But since the RSA modulus is small enough, it can be factored to recover random primes P + Q that generated both public/private key pair.

      This is the bit that I missed first time around.


    • #5
      oscarBravo
      Technology & Internet Moderators Posts: 28,850 oscarBravo
      Mod ✭✭✭✭


      Khannie wrote: »
      Can someone walk me through the mistake please?
      The crypto was supposed to use a 1024-bit key (128 bytes), but instead was a 128-digit decimal number - only 426 bits. A 1024-bit key is computationally unfeasible to crack, but breaking a 426-bit key is comparatively trivial.


    • #6
      h57xiucj2z946q
      Closed Accounts Posts: 2,267 h57xiucj2z946q
      ✭✭✭


      Khannie wrote: »
      This is the bit that I missed first time around.

      I ran a challenge that involved RSA before, see the solution for more info on why it can be broke easily with a small modulus: http://www.boards.ie/vbulletin/showpost.php?p=72037728&postcount=49


    • Advertisement

    Welcome!

    It looks like you're new here. Sign in or register to get started.
    Sign In
    Register
    Advertisement