The document describes how to crack the RSA encryption used in the Netrek binary verification system. It explains the RSA algorithm, gives an example, and then describes how to factor the public key to obtain the private key. It provides code to factor the global key for a specific Netrek server, modify an RSA key generation program to use the known private factors, and generate custom key files that can be used to bypass the verification check.
To Compute GCD and LCM String Manipulation , Operations on string length, concatenation, reverse, counting, and copy of a string to another, Matrices, Matrix Addition, Subtraction, Multiplication, Transpose of n x m matrices, Inverse of a square matrix, Searching, Binary Search,GCD , LCM String Manipulation , Operations STRING,string length, concatenation, reverse, counting, copy of a string, Matrices, Matrix Addition, Subtraction, Multiplication, Transpose,n x m matrices, Inverse MATRIX,square matrix, Searching, Binary Search,C PROGRAM,C,PROGRAMMING,SIMPLE C, EXAMPLE C,LAB PROGRAMS,LAB, C EXERCISES,thiruvalluvar university,lab manual,c lab manual
This a collection of micro optimizations done for a course at vienna university of technology.
The code is available at: https://github.com/grill/micro-optimisations
zkStudy Club: Subquadratic SNARGs in the Random Oracle ModelAlex Pruden
Slides for Eylon Yogev's (Bar-Ilan University) presentation at ZKStudyClub, covering his new work (co-authored w/ Alessandro Chiesa of UC Berkeley) about SNARGs in the random oracle model of sub- quadratic complexity.
Link to the original paper: https://eprint.iacr.org/2021/281.pdf
This week, Luke Pearson (Polychain Capital) and Joshua Fitzgerald (Anoma) present their work on Plonkup, a protocol that combines Plookup and PLONK into a single, efficient protocol. The protocol relies on a new hash function, called Reinforced Concrete, written by Dmitry Khovratovich. The three of them will present their work together at this week's edition of zkStudyClub!
Slides:
---
To Follow the Zero Knowledge Podcast us at https://www.zeroknowledge.fm
To the listeners of Zero Knowledge Podcast, if you like what we do:
- Follow us on Twitter - @zeroknowledgefm
- Join us on Telegram - https://t.me/joinchat/TORo7aknkYNLHmCM
- Support our Gitcoin Grant - https://gitcoin.co/grants/329/zero-knowledge-podcast-2
- Support us on Patreon - https://www.patreon.com/zeroknowledge
Numerical Methods with Computer ProgrammingUtsav Patel
This report includes computer programming of some of the basic numerical methods. The programming language used is C++. Outputs of the programs are attached in the form of a screenshot. It can be helpful in the assignments on programming.
To Compute GCD and LCM String Manipulation , Operations on string length, concatenation, reverse, counting, and copy of a string to another, Matrices, Matrix Addition, Subtraction, Multiplication, Transpose of n x m matrices, Inverse of a square matrix, Searching, Binary Search,GCD , LCM String Manipulation , Operations STRING,string length, concatenation, reverse, counting, copy of a string, Matrices, Matrix Addition, Subtraction, Multiplication, Transpose,n x m matrices, Inverse MATRIX,square matrix, Searching, Binary Search,C PROGRAM,C,PROGRAMMING,SIMPLE C, EXAMPLE C,LAB PROGRAMS,LAB, C EXERCISES,thiruvalluvar university,lab manual,c lab manual
This a collection of micro optimizations done for a course at vienna university of technology.
The code is available at: https://github.com/grill/micro-optimisations
zkStudy Club: Subquadratic SNARGs in the Random Oracle ModelAlex Pruden
Slides for Eylon Yogev's (Bar-Ilan University) presentation at ZKStudyClub, covering his new work (co-authored w/ Alessandro Chiesa of UC Berkeley) about SNARGs in the random oracle model of sub- quadratic complexity.
Link to the original paper: https://eprint.iacr.org/2021/281.pdf
This week, Luke Pearson (Polychain Capital) and Joshua Fitzgerald (Anoma) present their work on Plonkup, a protocol that combines Plookup and PLONK into a single, efficient protocol. The protocol relies on a new hash function, called Reinforced Concrete, written by Dmitry Khovratovich. The three of them will present their work together at this week's edition of zkStudyClub!
Slides:
---
To Follow the Zero Knowledge Podcast us at https://www.zeroknowledge.fm
To the listeners of Zero Knowledge Podcast, if you like what we do:
- Follow us on Twitter - @zeroknowledgefm
- Join us on Telegram - https://t.me/joinchat/TORo7aknkYNLHmCM
- Support our Gitcoin Grant - https://gitcoin.co/grants/329/zero-knowledge-podcast-2
- Support us on Patreon - https://www.patreon.com/zeroknowledge
Numerical Methods with Computer ProgrammingUtsav Patel
This report includes computer programming of some of the basic numerical methods. The programming language used is C++. Outputs of the programs are attached in the form of a screenshot. It can be helpful in the assignments on programming.
Асинхронность и многопоточность в Яндекс.Такси — Дмитрий КуриловYandex
Интерактивный сервис должен управлять разнонаправленными потоками данных в реальном времени. При этом важно использовать ресурсы процессора максимально эффективно и минимизировать время доставки сообщения. Рассмотрим эти проблемы и способы их решения на примере разработки Яндекс.Такси.
New and delete are a thing of the past, with the new features in C++14 and beyond (such as smart pointers and move semantics) memory management is easier and safer. Learn how to use the new constructs of C++14 and beyond to create, move, and free objects in a safer and more efficient manner.
ZK Study Club: Sumcheck Arguments and Their ApplicationsAlex Pruden
Talk given at the ZK Study Club by Jonathan Bootle and Katerina Sotiraki about the universality of sumcheck arguments and their importance in zero-knowledge cryptography.
The python interpreter converts programs to bytecodes before beginning execution. Execution itself consist of looping over these bytecodes and performing specific operations over each one. This talk gives a very brief overview of the main classes of bytecodes.
This presentation was given as a lightning talk at the Boston Python Meetup group on July 24th, 2012.
Use C++ to Manipulate mozSettings in GeckoChih-Hsuan Kuo
If you want to manipulate mozSettings with JavaScript, you can reference to Settings API on MDN (https://developer.mozilla.org/en-US/docs/Web/API/Settings_API).
But if you want to manipulate it with C++, we can only reference to the codebase of Gecko. Now, let me show you some example.
Functional Reactive Programming with Kotlin on Android - Giorgio Natili - Cod...Codemotion
Reactive programming is a paradigm oriented around data flows and propagation of changes. Kotlin is a programming language intended to be a better Java, and it's designed to be usable and readable across large teams with skill and discipline variances. Despite its object-oriented building blocks, Kotlin fits well in the functional reactive programming landscape. In this essay, I will deep-dive into the most relevant aspects of FRP in Kotlin focusing on the advantages that everyone can get when using this approach to build an Android app.
In this session Max Kleiner shows four groups of the ML: Regression, Dimension Reduction, Clustering and Classification. ML recognizes patterns and laws in the learning data. Most ML projects allegedly fail due to lack of data consolidation and due to lack of hypothesis. On the basis of the well-known IRIS dataset the 4 groups with 4 algorithms each are gone through and this lack is avoided.
Como analisar planos de execução e estatísticas no PostgreSQL.
- Rastreamento de consultas lentas
- Uso do EXPLAIN
- Métodos de acesso
- Junções
- Parâmetros relevantes para o otimizador
A couple of basic applications of dynamic rewrite rules in Stratego: constant propagation, variable renaming, function inlining, common-subexpression elimination
Асинхронность и многопоточность в Яндекс.Такси — Дмитрий КуриловYandex
Интерактивный сервис должен управлять разнонаправленными потоками данных в реальном времени. При этом важно использовать ресурсы процессора максимально эффективно и минимизировать время доставки сообщения. Рассмотрим эти проблемы и способы их решения на примере разработки Яндекс.Такси.
New and delete are a thing of the past, with the new features in C++14 and beyond (such as smart pointers and move semantics) memory management is easier and safer. Learn how to use the new constructs of C++14 and beyond to create, move, and free objects in a safer and more efficient manner.
ZK Study Club: Sumcheck Arguments and Their ApplicationsAlex Pruden
Talk given at the ZK Study Club by Jonathan Bootle and Katerina Sotiraki about the universality of sumcheck arguments and their importance in zero-knowledge cryptography.
The python interpreter converts programs to bytecodes before beginning execution. Execution itself consist of looping over these bytecodes and performing specific operations over each one. This talk gives a very brief overview of the main classes of bytecodes.
This presentation was given as a lightning talk at the Boston Python Meetup group on July 24th, 2012.
Use C++ to Manipulate mozSettings in GeckoChih-Hsuan Kuo
If you want to manipulate mozSettings with JavaScript, you can reference to Settings API on MDN (https://developer.mozilla.org/en-US/docs/Web/API/Settings_API).
But if you want to manipulate it with C++, we can only reference to the codebase of Gecko. Now, let me show you some example.
Functional Reactive Programming with Kotlin on Android - Giorgio Natili - Cod...Codemotion
Reactive programming is a paradigm oriented around data flows and propagation of changes. Kotlin is a programming language intended to be a better Java, and it's designed to be usable and readable across large teams with skill and discipline variances. Despite its object-oriented building blocks, Kotlin fits well in the functional reactive programming landscape. In this essay, I will deep-dive into the most relevant aspects of FRP in Kotlin focusing on the advantages that everyone can get when using this approach to build an Android app.
In this session Max Kleiner shows four groups of the ML: Regression, Dimension Reduction, Clustering and Classification. ML recognizes patterns and laws in the learning data. Most ML projects allegedly fail due to lack of data consolidation and due to lack of hypothesis. On the basis of the well-known IRIS dataset the 4 groups with 4 algorithms each are gone through and this lack is avoided.
Como analisar planos de execução e estatísticas no PostgreSQL.
- Rastreamento de consultas lentas
- Uso do EXPLAIN
- Métodos de acesso
- Junções
- Parâmetros relevantes para o otimizador
A couple of basic applications of dynamic rewrite rules in Stratego: constant propagation, variable renaming, function inlining, common-subexpression elimination
HW 5-RSA/ascii2str.m
function str = ascii2str(ascii)
% Convert to string
str = char(ascii);
HW 5-RSA/bigmod.m
function remainder = bigmod (number, power, modulo)
% modulo function for large numbers, -> number^power(mod modulo)
% by bennyboss / 2005-06-24 / Matlab 7
% I used algorithm from this webpage:
% http://www.disappearing-inc.com/ciphers/rsa.html
% binary decomposition
binary(1,1) = 1;
col = 2;
while ( binary(1, col-1) <= power-binary(1, col-1) )
binary(1, col) = 2*binary(1, col-1);
col = col + 1;
end
% flip matrix
binary = fliplr(binary);
% extract binary decomposition from number
result = power;
cols = length(binary);
extracted_binary = zeros(1, cols);
index = zeros(1, cols);
for ( col=1 : cols )
if( result-binary(1, col) > 0 )
result = result - binary(1, col);
extracted_binary(1, col) = binary(1, col);
index(1, col) = col;
elseif ( result-binary(1, col) == 0 )
extracted_binary(1, col) = binary(1, col);
index(1, col) = col;
break;
end
end
% flip matrix
binary = fliplr(binary);
% doubling the powers by squaring the numbers
cols2 = length(extracted_binary);
rem_sqr = zeros(1, cols);
rem_sqr(1, 1) = mod(number^1, modulo);
if ( cols2 > 1 )
for ( col=2 : cols)
rem_sqr(1, col) = mod(rem_sqr(1, col-1)^2, modulo);
end
end
% flip matrix
rem_sqr = fliplr(rem_sqr);
% compute reminder
index = find(index);
remainder = rem_sqr(1, index(1, 1));
cols = length(index);
for (col=2 : cols)
remainder = mod(remainder*rem_sqr(1, index(1, col)), modulo);
end
HW 5-RSA/EGCP447-Lecture No 10.pdf
RSA Encryption
RSA = Rivest, Shamir, and Adelman (MIT), 1978
Underlying hard problem
– Number theory – determining prime factors of a given
(large) number
e.g., factoring of small #: 5 -) 5, 6 -) 2 *3
– Arithmetic modulo n
How secure is RSA?
– So far remains secure (after all these years...)
– Will somebody propose a quick algorithm to factor
large numbers?
– Will quantum computing break it? -) TBD
RSA Encryption
In RSA:
– P = E (D(P)) = D(E(P)) (order of D/E does not matter)
– More precisely: P = E(kE, D(kD, P)) = D(kD, E(kE, P))
Encryption: C = Pe mod n KE = e
– n is the key length
– Note, P is turned into an integer using a padding
scheme
– Given C, it is very difficult to find P without knowing
KD
Decryption: P = Cd mod n KD = d
We will look at this algorithm in detail next time
RSA Algorithm
1. Key Generation
– A key generation algorithm
2. RSA Function Evaluation
– A function F, that takes as an input a point x and a
key k and produces either an encrypted result or
plaintext, depending on the input and the key
Key Generation
The key generation algorithm is the most
complex part of RSA
The aim of the key generation algorithm is to
generate both th ...
Functional programming, though far from new, has gained much traction recently. Functional programming characteristics have started to appear in the PHP world, too. Microframeworks including Silex and Slim, middleware architectures (Stack) and even standards (PSR-7) rely on concepts such as lambdas, referential transparency and immutability, all of which come from functional programming.
I’ll give you a crash course in Erlang, a pragmatic functional language to make you feel familiar with the functional paradigm. By comparing code samples between Erlang and PHP, you’ll find out how and why you should employ functional programming in your PHP applications. You’ll see that functional programming is nothing to be scared of. On the contrary, understanding its concepts broadens your programming horizon and provides you with valuable solutions to your problems.
Как работает LLVM бэкенд в C#. Егор Богатов ➠ CoreHard Autumn 2019corehard_by
LLVM содержит огромное количество оптимизаций и подходит в качестве бэкенда для многих языков программирования. Но все немного усложняется для Managed языков и JIT сценариев. В этом докладе Егор расскажет о трудностях, с которыми столкнулись в C# при реализации LLVM бэкенда.
An approach for load-time hacking using LD_PRELOAD is presented.
We discuss a simple, yet intriguing, strategy for overcoming the limitations discussed in Part 1 (i.e., the first publication given in the reference) of reverse engineering and exploitation using LD_PRELOAD, a dynamic linking technique. In particular, we relax the need for exit(1) in the main function. The essence of the technique is that both the stack pointer (esp) and the base frame pointer (ebp) are carefully adjusted when the wrapper to the library function is called. The proposed solution allows us to safely return to libc after dynamically modifying the control flow in the wrapper to (library) functions.
How To Crack RSA Netrek Binary Verification System
1. Subject: How to crack Netrek RSA binary verification system
Date: September 19, 2004
From: J Corrales
-----------------------------------------------------
The RSA Algorithm
Select two primes p and q
Calculate n = p q
Calculate f(n) = (p-1)(q-1)
Select e such that 1 < e < f(n) and gcd(f(n),e) = 1
Calculate d = e^-1 mod f(n)
Public key KU = {e,n}
Private key KR = {d,n}
Example
Select two primes p=7 and q=17
Calculate n = p q = 119
Calculate f(n) = (p-1)(q-1) = 96
Select e such that 1 < e < f(n) and gcd(f(n),e) = 1, e.g., e = 5
Calculate d = e^-1 mod f(n), e.g., d = 77
Public key KU = {e,n} = {5,119}
Private key KR = {d,n} = {77,119}
Cracking RSA
Factor n, which is public, yielding p and q
Calculate f(n) = (p-1)(q-1)
Calculate d = e^-1 mod f(n) (e is public)
Private key KR = {d,n}
Note: you can check your calculation of d because d e = 1 mod f(n)
Cracking RSA (Example)
Factor 119, which is public, yielding 7 and 17
Calculate f(119) = (7-1)(17-1) = 96
Calculate 5^-1 = 77 mod 96
Private key KR = {77,119}
Plaintext M = 19
Ciphertext C = Me mod n = 195 mod 119 = 66
Plaintext M = Cd mod n = 6677 mod 119 = 19
-------------------------------------------
Netrek RSA Specifics:
Go to http://65.193.17.240:3530/ and select a key. Try:
key.brmh2.sun4:ct=BRM-Hadley:cr=hadley@uci.edu:
:cd=September 1994:ar=Sun4 / SunOS 4.1.2:cl=inl,standard2:
:cm=At cad.ics.uci.edu-/pub/netrek:
:gk=636a5977da5ce59948885d1003e983deabf405ed0cb952a5b42930523909f901:
:pk=0dfc24f1d19398586dafa37e985163290eb01f139c03f90affc5d458a7f6b800:
Convert gk and pk to integers. Note gk and pk are little endian, so
they must be reversed and converted. I used java:
//be2i.java : converts gk and pk to plain integers
//
import java.math.BigInteger;
public class be2i {
static BigInteger GLOBAL_KEY = new
BigInteger(swapEndian("636a5977da5ce59948885d1003e983deabf405ed0cb952a5b42930523909f901"),
16);
static BigInteger PUBLIC_KEY = new
BigInteger(swapEndian("0dfc24f1d19398586dafa37e985163290eb01f139c03f90affc5d458a7f6b800"),
16);
static String swapEndian(String s)
{
char c[] = s.toCharArray();
StringBuffer buffer = new StringBuffer(c.length);
for(int i = c.length; (i -= 2) >= 0;)
{
buffer.append(c[i]);
buffer.append(c[i + 1]);
}
return buffer.toString();
}
public static void main(String args[]) {
System.out.println(GLOBAL_KEY.toString(10));
System.out.println(PUBLIC_KEY.toString(10));
}
}
E:be2i>javac -d . be2i.java
E:be2i>java be2i
892321428802586219001502719778378451271677716961403333724586529659410803299
326802201186638185587649392739171025726846542356328056267675213531974007821
Note:
gk=892321428802586219001502719778378451271677716961403333724586529659410803299
pk=326802201186638185587649392739171025726846542356328056267675213531974007821
Factor gk. Download PARI/GP http://pari.math.u-bordeaux.fr/ Install
it, then run it:
Reading GPRC: /cygdrive/c/Program Files/PARI/.gprc ...Done.
GP/PARI CALCULATOR Version 2.2.8 (development CHANGES-1.887)
i686 running cygwin (ix86 kernel) 32-bit version
compiled: Jan 13 2004, gcc-3.3.1 (cygming special)
(readline v4.3 enabled, extended help available)
Copyright (C) 2003 The PARI Group
PARI/GP is free software, covered by the GNU General Public License,
and
comes WITHOUT ANY WARRANTY WHATSOEVER.
2. Type ? for help, q to quit.
Type ?12 for how to get moral (and possibly technical) support.
realprecision = 28 significant digits
seriesprecision = 16 significant terms
format = g0.28
parisize = 4000000, primelimit = 500000
(19:29) gp > factorint(892321428802586219001502719778378451271677716961403333724586529659410803299)
*** Warning: MPQS: the factorization of this number will take
several hours.
%1 =
[6158427920916659824908651606478252183 1]
[144894352951973396937037531927458847253 1]
(21:29) gp >
Calculate d = e^-1 mod f(n) (e is public)
Download res-rsa-2.9.2
ftp://ftp.netrek.org/pub/netrek/rsa/res-rsa-2.9.2.tar.gz
Modify mkkey.c as follows:
/* mpz_set_ui(x, 0); */
/* mpz_set_ui(y, 0); */
/* mpz_set_ui(global, 0); */
mpz_set_str(x,"6158427920916659824908651606478252183", 0);
mpz_set_str(y, "144894352951973396937037531927458847253", 0);
mpz_set_str
(global, "892321428802586219001502719778378451271677716961403333724586529659410803299",
0);
mpz_set_str
(private, "326802201186638185587649392739171025726846542356328056267675213531974007821",
0);
/* mpz_set_ui(public, 0); */
mpz_set_ui(public, 0);
mpz_set_ui(xyminus1, 0);
/* here we find x and y, two large primes */
rand_raw(temp, HALF);
temp[0] |= 1; /* force odd */
/* raw_to_num(x, temp); */
while (!is_prime(x))
mpz_add(x, x, two);
check_positive(x);
assert(is_prime(x));
rand_raw(temp, HALF);
temp[0] |= 1; /* force odd */
/* raw_to_num(y, temp); */
while (!is_prime(y))
mpz_add(y, y, two);
check_positive(y);
assert(is_prime(y));
/* the private key is a large prime (it should be the larger than
* x & y) */
rand_raw(temp, HALF + 1);
temp[0] |= 1; /* force odd */
//raw_to_num(private, temp);
// while (!is_prime(private))
// mpz_add(private, private, two);
check_positive(private);
//assert(is_prime(private));
Note rest of mkkeys.c is unchanged.
cherry:/home/bd/netrek/mkkey/res-rsa-2.9.2$ diff mkkey.c mkkey-mine.c
1103,1106c1119,1129
< mpz_set_ui(x, 0);
< mpz_set_ui(y, 0);
< mpz_set_ui(global, 0);
< mpz_set_ui(private, 0);
---
> /* mpz_set_ui(x, 0); */
> /* mpz_set_ui(y, 0); */
> /* mpz_set_ui(global, 0); */
>
> mpz_set_str(x,"6158427920916659824908651606478252183", 0);
> mpz_set_str(y, "144894352951973396937037531927458847253", 0);
> mpz_set_str
> (global, "892321428802586219001502719778378451271677716961403333724586529659410803299", 0);
> mpz_set_str
> (private, "326802201186638185587649392739171025726846542356328056267675213531974007821", 0);
> /* mpz_set_ui(public, 0); */
1114c1137
< raw_to_num(x, temp);
---
> /* raw_to_num(x, temp); */
1124c1147
< raw_to_num(y, temp);
---
> /* raw_to_num(y, temp); */
1137c1160
< raw_to_num(private, temp);
---
> //raw_to_num(private, temp);
1139,1140c1162,1163
< while (!is_prime(private))
< mpz_add(private, private, two);
---
> // while (!is_prime(private))
> // mpz_add(private, private, two);
3. 1143c1166
< assert(is_prime(private));
---
> //assert(is_prime(private));
cherry:/home/bd/netrek/mkkey/res-rsa-2.9.2$ make
gcc -O2 -c mkkey.c
gcc -O2 -o mkkey mkkey.o -lgmp
cherry:/home/bd/netrek/mkkey/res-rsa-2.9.2$ ./mkkey foo foo foo foo
foo
mkkey version [RES-RSA 2.9.2: Mar. 13, 2000][GMP]
Source basename: "rsa_box"
Number of shells: 3
Number of steps between swaps: 2
Number of files: 5
Ratio of computation in files to main file: 0.8
Making new key, hold on....
Testing key .................................................. key
seems OK
Writing...
240 bits left, 5 files left, 37 bits in rsa_box_0.c
202 bits left, 4 files left, 7 bits in main file
194 bits left, 4 files left, 42 bits in rsa_box_1.c
151 bits left, 3 files left, 11 bits in main file
139 bits left, 3 files left, 29 bits in rsa_box_2.c
109 bits left, 2 files left, 10 bits in main file
98 bits left, 2 files left, 32 bits in rsa_box_3.c
65 bits left, 1 files left, 13 bits in main file
51 bits left, 1 files left, 39 bits in rsa_box_4.c
cherry:/home/bd/netrek/mkkey/res-rsa-2.9.2$ cat foo.secret
foo:ct=foo:cr=foo:
:cd=September 2004:ar=foo:
:cm=foo:
:gk=636a5977da5ce59948885d1003e983deabf405ed0cb952a5b42930523909f901:
:pk=057505d6c5b0b5ccd0f7819a7670da469e000000000000000000000000000000:
:sk=0dfc24f1d19398586dafa37e985163290eb01f139c03f90affc5d458a7f6b800:
Note pk and sk are reversed. Edit foo.secret to correct the order to:
foo:ct=foo:cr=foo:
:cd=September 2004:ar=foo:
:cm=foo:
:gk=636a5977da5ce59948885d1003e983deabf405ed0cb952a5b42930523909f901:
:pk=0dfc24f1d19398586dafa37e985163290eb01f139c03f90affc5d458a7f6b800:
:sk=057505d6c5b0b5ccd0f7819a7670da469e000000000000000000000000000000:
Rerun mkkey with the edited secret key file:
cherry:/home/bd/netrek/mkkey/res-rsa-2.9.2$ ./mkkey -k foo.secret
mkkey version [RES-RSA 2.9.2: Mar. 13, 2000][GMP]
Source basename: "rsa_box"
Number of shells: 3
Number of steps between swaps: 2
Number of files: 5
Ratio of computation in files to main file: 0.8
Reading key from keycap file "foo.secret"...
Testing key .................................................. key
seems OK
Writing...
128 bits left, 5 files left, 19 bits in rsa_box_0.c
108 bits left, 4 files left, 6 bits in main file
101 bits left, 4 files left, 20 bits in rsa_box_1.c
80 bits left, 3 files left, 5 bits in main file
74 bits left, 3 files left, 15 bits in rsa_box_2.c
58 bits left, 2 files left, 6 bits in main file
51 bits left, 2 files left, 21 bits in rsa_box_3.c
29 bits left, 1 files left, 5 bits in main file
23 bits left, 1 files left, 14 bits in rsa_box_4.c
cherry:/home/bd/netrek/mkkey/res-rsa-2.9.2$ ls -aFl rsa_box_?.c
-rw-r--r-- 1 bd bd 3856 Sep 19 20:02 rsa_box_0.c
-rw-r--r-- 1 bd bd 4093 Sep 19 20:02 rsa_box_1.c
-rw-r--r-- 1 bd bd 3222 Sep 19 20:02 rsa_box_2.c
-rw-r--r-- 1 bd bd 4368 Sep 19 20:02 rsa_box_3.c
-rw-r--r-- 1 bd bd 3130 Sep 19 20:02 rsa_box_4.c
cherry:/home/bd/netrek/mkkey/res-rsa-2.9.2$
Copy rsa_box_?.c files into your own custom client source directory,
compile, and login to any public netrek server, including INL server
of your choice.
![Subject: How to crack Netrek RSA binary verification system
Date: September 19, 2004
From: J Corrales
-----------------------------------------------------
The RSA Algorithm
Select two primes p and q
Calculate n = p q
Calculate f(n) = (p-1)(q-1)
Select e such that 1 < e < f(n) and gcd(f(n),e) = 1
Calculate d = e^-1 mod f(n)
Public key KU = {e,n}
Private key KR = {d,n}
Example
Select two primes p=7 and q=17
Calculate n = p q = 119
Calculate f(n) = (p-1)(q-1) = 96
Select e such that 1 < e < f(n) and gcd(f(n),e) = 1, e.g., e = 5
Calculate d = e^-1 mod f(n), e.g., d = 77
Public key KU = {e,n} = {5,119}
Private key KR = {d,n} = {77,119}
Cracking RSA
Factor n, which is public, yielding p and q
Calculate f(n) = (p-1)(q-1)
Calculate d = e^-1 mod f(n) (e is public)
Private key KR = {d,n}
Note: you can check your calculation of d because d e = 1 mod f(n)
Cracking RSA (Example)
Factor 119, which is public, yielding 7 and 17
Calculate f(119) = (7-1)(17-1) = 96
Calculate 5^-1 = 77 mod 96
Private key KR = {77,119}
Plaintext M = 19
Ciphertext C = Me mod n = 195 mod 119 = 66
Plaintext M = Cd mod n = 6677 mod 119 = 19
-------------------------------------------
Netrek RSA Specifics:
Go to http://65.193.17.240:3530/ and select a key. Try:
key.brmh2.sun4:ct=BRM-Hadley:cr=hadley@uci.edu:
:cd=September 1994:ar=Sun4 / SunOS 4.1.2:cl=inl,standard2:
:cm=At cad.ics.uci.edu-/pub/netrek:
:gk=636a5977da5ce59948885d1003e983deabf405ed0cb952a5b42930523909f901:
:pk=0dfc24f1d19398586dafa37e985163290eb01f139c03f90affc5d458a7f6b800:
Convert gk and pk to integers. Note gk and pk are little endian, so
they must be reversed and converted. I used java:
//be2i.java : converts gk and pk to plain integers
//
import java.math.BigInteger;
public class be2i {
static BigInteger GLOBAL_KEY = new
BigInteger(swapEndian("636a5977da5ce59948885d1003e983deabf405ed0cb952a5b42930523909f901"),
16);
static BigInteger PUBLIC_KEY = new
BigInteger(swapEndian("0dfc24f1d19398586dafa37e985163290eb01f139c03f90affc5d458a7f6b800"),
16);
static String swapEndian(String s)
{
char c[] = s.toCharArray();
StringBuffer buffer = new StringBuffer(c.length);
for(int i = c.length; (i -= 2) >= 0;)
{
buffer.append(c[i]);
buffer.append(c[i + 1]);
}
return buffer.toString();
}
public static void main(String args[]) {
System.out.println(GLOBAL_KEY.toString(10));
System.out.println(PUBLIC_KEY.toString(10));
}
}
E:be2i>javac -d . be2i.java
E:be2i>java be2i
892321428802586219001502719778378451271677716961403333724586529659410803299
326802201186638185587649392739171025726846542356328056267675213531974007821
Note:
gk=892321428802586219001502719778378451271677716961403333724586529659410803299
pk=326802201186638185587649392739171025726846542356328056267675213531974007821
Factor gk. Download PARI/GP http://pari.math.u-bordeaux.fr/ Install
it, then run it:
Reading GPRC: /cygdrive/c/Program Files/PARI/.gprc ...Done.
GP/PARI CALCULATOR Version 2.2.8 (development CHANGES-1.887)
i686 running cygwin (ix86 kernel) 32-bit version
compiled: Jan 13 2004, gcc-3.3.1 (cygming special)
(readline v4.3 enabled, extended help available)
Copyright (C) 2003 The PARI Group
PARI/GP is free software, covered by the GNU General Public License,
and
comes WITHOUT ANY WARRANTY WHATSOEVER.](https://image.slidesharecdn.com/45dba361-9560-4b85-b2db-4b0ddcf92ab7-161211154030/85/How-To-Crack-RSA-Netrek-Binary-Verification-System-1-320.jpg)
![Type ? for help, q to quit.
Type ?12 for how to get moral (and possibly technical) support.
realprecision = 28 significant digits
seriesprecision = 16 significant terms
format = g0.28
parisize = 4000000, primelimit = 500000
(19:29) gp > factorint(892321428802586219001502719778378451271677716961403333724586529659410803299)
*** Warning: MPQS: the factorization of this number will take
several hours.
%1 =
[6158427920916659824908651606478252183 1]
[144894352951973396937037531927458847253 1]
(21:29) gp >
Calculate d = e^-1 mod f(n) (e is public)
Download res-rsa-2.9.2
ftp://ftp.netrek.org/pub/netrek/rsa/res-rsa-2.9.2.tar.gz
Modify mkkey.c as follows:
/* mpz_set_ui(x, 0); */
/* mpz_set_ui(y, 0); */
/* mpz_set_ui(global, 0); */
mpz_set_str(x,"6158427920916659824908651606478252183", 0);
mpz_set_str(y, "144894352951973396937037531927458847253", 0);
mpz_set_str
(global, "892321428802586219001502719778378451271677716961403333724586529659410803299",
0);
mpz_set_str
(private, "326802201186638185587649392739171025726846542356328056267675213531974007821",
0);
/* mpz_set_ui(public, 0); */
mpz_set_ui(public, 0);
mpz_set_ui(xyminus1, 0);
/* here we find x and y, two large primes */
rand_raw(temp, HALF);
temp[0] |= 1; /* force odd */
/* raw_to_num(x, temp); */
while (!is_prime(x))
mpz_add(x, x, two);
check_positive(x);
assert(is_prime(x));
rand_raw(temp, HALF);
temp[0] |= 1; /* force odd */
/* raw_to_num(y, temp); */
while (!is_prime(y))
mpz_add(y, y, two);
check_positive(y);
assert(is_prime(y));
/* the private key is a large prime (it should be the larger than
* x & y) */
rand_raw(temp, HALF + 1);
temp[0] |= 1; /* force odd */
//raw_to_num(private, temp);
// while (!is_prime(private))
// mpz_add(private, private, two);
check_positive(private);
//assert(is_prime(private));
Note rest of mkkeys.c is unchanged.
cherry:/home/bd/netrek/mkkey/res-rsa-2.9.2$ diff mkkey.c mkkey-mine.c
1103,1106c1119,1129
< mpz_set_ui(x, 0);
< mpz_set_ui(y, 0);
< mpz_set_ui(global, 0);
< mpz_set_ui(private, 0);
---
> /* mpz_set_ui(x, 0); */
> /* mpz_set_ui(y, 0); */
> /* mpz_set_ui(global, 0); */
>
> mpz_set_str(x,"6158427920916659824908651606478252183", 0);
> mpz_set_str(y, "144894352951973396937037531927458847253", 0);
> mpz_set_str
> (global, "892321428802586219001502719778378451271677716961403333724586529659410803299", 0);
> mpz_set_str
> (private, "326802201186638185587649392739171025726846542356328056267675213531974007821", 0);
> /* mpz_set_ui(public, 0); */
1114c1137
< raw_to_num(x, temp);
---
> /* raw_to_num(x, temp); */
1124c1147
< raw_to_num(y, temp);
---
> /* raw_to_num(y, temp); */
1137c1160
< raw_to_num(private, temp);
---
> //raw_to_num(private, temp);
1139,1140c1162,1163
< while (!is_prime(private))
< mpz_add(private, private, two);
---
> // while (!is_prime(private))
> // mpz_add(private, private, two);](data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7)