昨天抓住放假的尾巴做了道题
2019 CISCN part_des
题目描述:
Round n part_encode-> 0x92d915250119e12b
Key map -> 0xe0be661032d5f0b676f82095e4d67623628fe6d376363183aed373a60167af537b46abc2af53d97485591f5bd94b944a3f49d94897ea1f699d1cdc291f2d9d4a5c705f2cad89e938dbacaca15e10d8aeaed90236f0be2e954a8cf0bea6112e84
是加密了n轮的密码
key变成二进制后长度是768,刚好是48的16倍,那么就是一个DES了
解密:
from Crypto.Util.number import long_to_bytes
IP = [
58,50,42,34,26,18,10,2,60,52,44,36,28,20,12,4,
62,54,46,38,30,22,14,6,64,56,48,40,32,24,16,8,
57,49,41,33,25,17,9,1,59,51,43,35,27,19,11,3,
61,53,45,37,29,21,13,5,63,55,47,39,31,23,15,7
]
IP_re = [
40,8,48,16,56,24,64,32,39,7,47,15,55,23,63,31,
38,6,46,14,54,22,62,30,37,5,45,13,53,21,61,29,
36,4,44,12,52,20,60,28,35,3,43,11,51,19,59,27,
34,2,42,10,50,18,58,26,33,1,41,9,49,17,57,25
]
Pbox = [
16,7,20,21,29,12,28,17,1,15,23,26,5,18,31,10,
2,8,24,14,32,27,3,9,19,13,30,6,22,11,4,25
]
E = [
32,1,2,3,4,5,4,5,6,7,8,9,
8,9,10,11,12,13,12,13,14,15,16,17,
16,17,18,19,20,21,20,21,22,23,24,25,
24,25,26,27,28,29,28,29,30,31,32,1
]
PC1 = [
57,49,41,33,25,17,9,1,58,50,42,34,26,18,
10,2,59,51,43,35,27,19,11,3,60,52,44,36,
63,55,47,39,31,23,15,7,62,54,46,38,30,22,
14,6,61,53,45,37,29,21,13,5,28,20,12,4
]
PC2 = [
14,17,11,24,1,5,3,28,15,6,21,10,
23,19,12,4,26,8,16,7,27,20,13,2,
41,52,31,37,47,55,30,40,51,45,33,48,
44,49,39,56,34,53,46,42,50,36,29,32
]
Sbox = [
[
[14,4,13,1,2,15,11,8,3,10,6,12,5,9,0,7],
[0,15,7,4,14,2,13,1,10,6,12,11,9,5,3,8],
[4,1,14,8,13,6,2,11,15,12,9,7,3,10,5,0],
[15,12,8,2,4,9,1,7,5,11,3,14,10,0,6,13],
],
[
[15,1,8,14,6,11,3,4,9,7,2,13,12,0,5,10],
[3,13,4,7,15,2,8,14,12,0,1,10,6,9,11,5],
[0,14,7,11,10,4,13,1,5,8,12,6,9,3,2,15],
[13,8,10,1,3,15,4,2,11,6,7,12,0,5,14,9],
],
[
[10,0,9,14,6,3,15,5,1,13,12,7,11,4,2,8],
[13,7,0,9,3,4,6,10,2,8,5,14,12,11,15,1],
[13,6,4,9,8,15,3,0,11,1,2,12,5,10,14,7],
[1,10,13,0,6,9,8,7,4,15,14,3,11,5,2,12],
],
[
[7,13,14,3,0,6,9,10,1,2,8,5,11,12,4,15],
[13,8,11,5,6,15,0,3,4,7,2,12,1,10,14,9],
[10,6,9,0,12,11,7,13,15,1,3,14,5,2,8,4],
[3,15,0,6,10,1,13,8,9,4,5,11,12,7,2,14],
],
[
[2,12,4,1,7,10,11,6,8,5,3,15,13,0,14,9],
[14,11,2,12,4,7,13,1,5,0,15,10,3,9,8,6],
[4,2,1,11,10,13,7,8,15,9,12,5,6,3,0,14],
[11,8,12,7,1,14,2,13,6,15,0,9,10,4,5,3],
],
[
[12,1,10,15,9,2,6,8,0,13,3,4,14,7,5,11],
[10,15,4,2,7,12,9,5,6,1,13,14,0,11,3,8],
[9,14,15,5,2,8,12,3,7,0,4,10,1,13,11,6],
[4,3,2,12,9,5,15,10,11,14,1,7,6,0,8,13],
],
[
[4,11,2,14,15,0,8,13,3,12,9,7,5,10,6,1],
[13,0,11,7,4,9,1,10,14,3,5,12,2,15,8,6],
[1,4,11,13,12,3,7,14,10,15,6,8,0,5,9,2],
[6,11,13,8,1,4,10,7,9,5,0,15,14,2,3,12],
],
[
[13,2,8,4,6,15,11,1,10,9,3,14,5,0,12,7],
[1,15,13,8,10,3,7,4,12,5,6,11,0,14,9,2],
[7,11,4,1,9,12,14,2,0,6,10,13,15,3,5,8],
[2,1,14,7,4,10,8,13,15,12,9,0,3,5,6,11],
]
]
part_decode='1001001011011001000101010010010100000001000110011110000100101011'
Key=['111000001011111001100110000100000011001011010101', '111100001011011001110110111110000010000010010101', '111001001101011001110110001000110110001010001111', '111001101101001101110110001101100011000110000011', '101011101101001101110011101001100000000101100111', '101011110101001101111011010001101010101111000010', '101011110101001111011001011101001000010101011001', '000111110101101111011001010010111001010001001010', '001111110100100111011001010010001001011111101010', '000111110110100110011101000111001101110000101001', '000111110010110110011101010010100101110001110000', '010111110010110010101101100010011110100100111000', '110110111010110010101100101000010101111000010000', '110110001010111010101110110110010000001000110110', '111100001011111000101110100101010100101010001100', '111100001011111010100110000100010010111010000100']
rounds=16
def DES(L,R,key):
R0=L
EPre=''
XORre=''
Sre=''
Pre=''
for i in range(len(E)):
EPre+=R0[E[i]-1]
EPre=bin(int(EPre,2))
key=bin(int(key,2))
XORre=str(bin(eval(EPre)^eval(key)))
XORre=XORre[2:].zfill(48)
#S盒置换:
for j in range(8):
column=''
row=''
s=XORre[6*j:6*(j+1)]
row=int(s[0]+s[-1],2)
column=int(s[1:-1],2)
re=str(bin(Sbox[j][row][column]))
Sre+=re[2:].zfill(4)
#P盒置换
for k in range(len(Pbox)):
Pre+=Sre[Pbox[k]-1]
Pre=bin(int(Pre,2))
R=bin(int(R,2))
L0=str(bin(eval(Pre)^eval(R)))
L0=L0[2:].zfill(32)
R0=L
return L0,R0
while rounds>=0:
L=part_decode[:32]
R=part_decode[32:]
oriplain=''
for i in range(rounds):
key=Key[rounds-i-1]
L,R=DES(L,R,key)
subplain=L+R
for i in range(len(IP_re)):
oriplain+=subplain[IP_re[i]-1]
print(rounds,long_to_bytes(int(oriplain,2)))
rounds-=1
跑出来是这个样子的:
16 b'\x84\x1e\x8a\x17^#Q\x83'
15 b'\x8a\x1eD\x9a0\x94\x18/'
14 b't-\xcfE\xcfx\x90\xa7'
13 b'y0ur9Ood'
12 b'\xb5p^\xdb\xe9=\xb9\x88'
11 b')\xc1`r\xfb\xd5\xfb\x9d'
10 b'\xc2o\xe3\xaah\x0e\xe1f'
9 b'\x93\xc0\xa4Zz\xa2\xbb\x13'
8 b'\xf2\x1b ;\xf0\xdc\xa4\xdf'
7 b'\xd7\xcd\x0e9\xd2\x185S'
6 b'Bh\xa4~$)\x1e\xa3'
5 b'5\xa3!P\n\xf4\xcb\xe2'
4 b'&L\x1b\x9c\x85tT\xae'
3 b'l\xc7!\x97\x08@\x1c\xe9'
2 b'l\xa71?I}3{'
1 b'/\xd4\x0f5\xe8B!\xb1'
0 b'\xbfB\x052t\x0b\x18X'
得到flag{y0ur9Ood}
其实只要知道DES的原理就很简单了