1

I have an encrypted file that I am trying to decode as part of an experiment. After working hard and long, I have been able to extract the private exponent from the public key since the modulus was small:

openssl rsa -pubin -inform PEM -text -noout < public_key.pem Public-Key: (64 bit) Modulus: 16513720463601767803 (0xe52c8544a915157b) Exponent: 65537

Now, I have:

 Factors: 3917781347 x 4215069449 
 Private exponent: 9440767265896423601

Now, to derive the plaintext, I need to raise each 64-bit block of ciphertext to the private exponent mod the modulus. I am trying to write a Python script that will do this for me in hex data form.

This is the code I have so far:

#!/usr/bin/python

 file = open('encrypted.hex', 'r')
 c = file.readline()
 d = 0x830457cf1ae460b1
 N = 0xe52c8544a915157b

 m = hex(pow(c, d, N)).rstrip("L")

 f = open('new.try', 'w')
 f.write(m)
 f.close()

I have used xxd to extract the hex data from the ciphertext file: xxd -p > encrypted.hex

This created a hex dump of the file called 'encrypted.hex'. The contents of this file begin like this:

7d4554292d7b9f980ed049cea0f968cf438b6fc312cf2028ce5ce2fe9f38
387b72a01bf6564f25884a2cacd187c2eeccd0cf78c2a74785f18d5e72b5
270ac3e45b6f7505347b38ec7684b1af206d73ea4a84cd59b50be56d7abf
74a569868406ab2b17846c9e448fe1392b21dac0b10fbb733536c99e598b
683be7400a1ad55c42faa171becd803b8b8f4a1fa512a33222ec042486c5
672f6200d4f00e2994b6d247a44edb6ce90795bde7ccda4433cf6fca8362
f87c68f9df6418c4f0b8fb9da39a1d173fea2b1466e646f01e2dc7fb0499
311d35ec75c15c5910b2d3e0c662de0b3b1716bab44faa2a36538bb44f6a
3c3abd37692cf95fa075b58485ad983533782d7bf51e10c0e3b18ccec972

...and so on. The tool 'xxd' created the hexdump and inserted line breaks I think.

So, 'c' is the ciphertext, 'd' is the private exponent, 'N' is the modulus and 'm' is supposed to contain the plaintext hex bytes.

However, the script gives me this error:

  Traceback (most recent call last):
  File "final.py", line 8, in <module>
   m = hex(pow(c, d, N)).rstrip("L")
  TypeError: unsupported operand type(s) for pow(): 'str', 'long', 'long'

Could anyone correct my Python script so that it is able to decipher the ciphertext as desired?

Artjom B.
  • 61,146
  • 24
  • 125
  • 222
learnerX
  • 1,022
  • 1
  • 18
  • 44

1 Answers1

3

Assuming that c is a hex string with a multiple of 16 characters, you can split it every 16 characters (64-bit) and then convert this hex chunk into an int to run your textbook RSA on it. Since your hex file has line breaks, you first need to remove those line breaks. You can read the whole file like with file.read() instead of file.readline().

Final code

n = 16
c = c.replace('\n', '').replace('\r', '')
m = [hex(pow(int(c[i:i+n], 16), d, N)).rstrip("L") for i in range(0, len(c), n)]

f = open('new.try', 'w')
f.write(''.join(m))
f.close()
Community
  • 1
  • 1
Artjom B.
  • 61,146
  • 24
  • 125
  • 222
  • Obligatory Doomsday notice: Textbook RSA is horribly broken and a proper padding scheme such as OAEP must be used. Keys smaller than 2048-bit are not recommended for anything serious. – Artjom B. Apr 05 '15 at 20:52
  • The file containing the ciphertext is too large, and contains line breaks (\n). So, readline only read one line I think, because I see only one line as the plaintext output. How can I read the whole ciphertext file, removing the newline (\n) characters? – learnerX Apr 05 '15 at 21:02
  • Done! This hexdump that you see above in the edit, has been taken using tool 'xxd -p'. It inserted line breaks in there I think. This hexdump is from .enc (encrypted) file that I need to decrypt in chunks of 64 bits. – learnerX Apr 05 '15 at 21:10