Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Bitcrypt decrypt.

Comments

  • #2
    Khannie
    Registered Users, Registered Users 2 Posts: 37,485 ✭✭✭✭Khannie


    Can someone walk me through the mistake please?


  • #3
    Harold Weiss
    Closed Accounts Posts: 439 ✭✭Harold Weiss


    Khannie wrote: »
    Can someone walk me through the mistake please?

    The algorithm works like this.
    1. Search for specific files on disk
    2. For each file found, generate a random 16-byte value.
    3. Derive a 192-bit key from PBKDF2 using value from step 2.
    4. Encrypt file with key from step 3 using AES in CTR mode.
    5. Encrypt key from step 3 using RSA encryption (426-bit modulus).
    6. Store RSA public key + AES encrypted key from step 5 in header of file.

    The header for each encrypted file.
    <cfg++0><cfg--0>: size of raw data before the structure
    <AesRPass++><AesRPass-->: the encrypted AES key
    <IDPubKey++><IDPubKey-->: the base64-like encoded RSA public modulus

    The author then requires ransom and user is provided with private key to decrypt AES encrypted key and recover files. But since the RSA modulus is small enough, it can be factored to recover random primes P + Q that generated both public/private key pair.

    If you can crack the RSA-426 key, you can recover encrypted AES key and the files without paying ransom.

    If the modulus was larger, it wouldn't be feasible to crack.
    Sorry if that doesn't help it easier to understand. u.u


  • #4
    Khannie
    Registered Users, Registered Users 2 Posts: 37,485 ✭✭✭✭Khannie


    Harold Weiss wrote: »
    But since the RSA modulus is small enough, it can be factored to recover random primes P + Q that generated both public/private key pair.

    This is the bit that I missed first time around.


  • #5
    oscarBravo
    Technology & Internet Moderators Posts: 28,830 Mod ✭✭✭✭oscarBravo


    Khannie wrote: »
    Can someone walk me through the mistake please?
    The crypto was supposed to use a 1024-bit key (128 bytes), but instead was a 128-digit decimal number - only 426 bits. A 1024-bit key is computationally unfeasible to crack, but breaking a 426-bit key is comparatively trivial.


  • #6
    h57xiucj2z946q
    Closed Accounts Posts: 2,267 ✭✭✭h57xiucj2z946q


    Khannie wrote: »
    This is the bit that I missed first time around.

    I ran a challenge that involved RSA before, see the solution for more info on why it can be broke easily with a small modulus: http://www.boards.ie/vbulletin/showpost.php?p=72037728&postcount=49


  • Advertisement
Advertisement