AF-2DFB-RSA · Kriptanaliz / RSA

Weak RSA Key

DOWNLOADABLE RSA-encrypted message (n, e, c). The key generation is flawed: p and q are chosen very close. Factor n with Fermat factorization, compute d, decrypt the message. The backup decoy flag in the file is not the RSA solution.

Scenario

An intercepted RSA-encrypted message. The public key (n, e) and ciphertext (c) are given. In key generation the primes p and q are chosen very close; this is a classic RSA weakness. Fermat factorization, searching for an a near the square root of n, finds p and q in seconds. Then phi=(p-1)(q-1), d=e^-1 mod phi, m=c^d mod n yields the plaintext. Skill: real cryptanalysis (close-prime detection + factorization). The file has a 'backup' decoy flag but it is not the RSA solution; reporting it breaks soundness.

Anti-forensics techniques

Weak RSA: close primes
Breaking via Fermat factorization
Decoy backup flag (red herring)

Provided artifacts

RSA parameters and ciphertext (n, e, c)

Sample questions

q1: The decrypted plaintext (flag)?
q2: Which weakness/method was used? (e.g. fermat / close primes)
trap1: Do NOT report the backup decoy flag (DFB{rsa_tuzak}) as the solution.

Soundness trap

The 'backup' flag in the file is easily visible but is not the RSA solution; presenting it is heavily penalized. The real flag is obtained only by factoring n and decrypting c.

Scoring

Cryptanalysis accuracy (factoring+decrypt) + decoy-flag resistance (soundness).

DOWNLOADABLE

Download and solve

Download artifact

The answer key is hidden (scored set); the flag is encrypted, you must decrypt it.