cyber-security-resources/capture_the_flag/challenges/heavy_computation/encrypt.py

46 lines
1.4 KiB
Python
Raw Permalink Normal View History

2020-05-11 01:56:21 -04:00
from Crypto.Util.number import bytes_to_long, long_to_bytes
from Crypto.Cipher import AES
from Crypto.Util.Padding import pad
from secret import password, flag
from hashlib import sha256
NB_ITERATIONS = 10871177237854734092489348927
e = 65538
#Old N : N = 16725961734830292192130856503318846470372809633859943564170796604233648911148664645199314305393113642834320744397102098813353759076302959550707448148205851497665038807780166936471173111197092391395808381534728287101705
N = 14968794114523720195251887716913440457986979987674770429103169854116498198112478103466085455257317270930523061714030307370028304505577267672733143013124254253285088080041831478700041394909740024011681885623055622400205
def derive_key(password):
start = bytes_to_long(password)
#Making sure I am safe from offline bruteforce attack
for i in range(NB_ITERATIONS):
start = start ** e
start %= N
#We are never too cautious let's make it harder
key = 1
for i in range(NB_ITERATIONS):
key = key ** e
key %= N
key *= start
key %= N
return sha256(long_to_bytes(key)).digest()
assert(len(password) == 2)
assert(password.decode().isprintable())
key = derive_key(password)
IV = b"random_and_safe!"
cipher = AES.new(key, AES.MODE_CBC,IV)
enc = cipher.encrypt(pad(flag,16))
with open("flag.enc","wb") as output_file:
output_file.write(enc)