Skip to content

Instantly share code, notes, and snippets.

@idarthjedi

idarthjedi/common_modulus.py

Forked from apogiatzis/common_modulus.py
Last active December 16, 2022 04:33
Show Gist options
  • Save idarthjedi/1ab9c9ccd4803dbc40c801fbc5f2488f to your computer and use it in GitHub Desktop.
Save idarthjedi/1ab9c9ccd4803dbc40c801fbc5f2488f to your computer and use it in GitHub Desktop.
Download ZIP
RSA Common modulus attack
Raw
common_modulus.py
import argparse
import math
from binascii import unhexlify
def egcd(a, b):
if a == 0:
return b, 0, 1
else:
g, y, x = egcd(b % a, a)
return g, x - (b // a) * y, y
def modinv(a, m):
return pow(a, -1, m)
def attack(c1, c2, e1, e2, N):
if math.gcd(e1, e2) != 1:
raise ValueError("Exponents e1 and e2 must be coprime")
s1 = modinv(e1, e2)
s2 = (math.gcd(e1, e2) - e1 * s1) // e2
temp = modinv(c2, N)
m1 = pow(c1, s1, N)
m2 = pow(temp, -s2, N)
return (m1 * m2) % N
def main():
args = parser.parse_args()
print('[+] Started attack...')
try:
message = attack(args.ct1, args.ct2, args.e1, args.e2, args.modulus)
print('[+] Attack finished!')
print('\nPlaintext message:\n%s' % unhexlify(hex(message)[2:]))
# format(message, 'x').decode('hex'))
except Exception as e:
print('[+] Attack failed!')
print(e.message)
if __name__ == "__main__":
parser = argparse.ArgumentParser(description='RSA Common modulus attack')
required_named = parser.add_argument_group('required named arguments')
required_named.add_argument('-n', '--modulus', help='Common modulus', type=int, required=True)
required_named.add_argument('-e1', '--e1', help='First exponent', type=int, required=True)
required_named.add_argument('-e2', '--e2', help='Second exponent', type=int, required=True)
required_named.add_argument('-ct1', '--ct1', help='First ciphertext', type=int, required=True)
required_named.add_argument('-ct2', '--ct2', help='Second ciphertext', type=int, required=True)
main()
@idarthjedi
Copy link
Author

I ran into some problems on line 35, format(message, 'x') returns a string and str object has no attribute decode in python3, my solution is:

from binascii import unhexlify
unhexlify(hex(message)[2:])

BTW, my python version is 3.9.7 and my test message is 8114814712001183532010470067837

Not sure how I missed this a year ago, but I updated - but haven't tested yet (I always ran from an import). Commented out previous. Thanks!

@idarthjedi
Copy link
Author

idarthjedi commented Dec 15, 2022
edited
Loading

how do you run with values?

Either import the file and use the functions in your code, or run from the command line and pass in the parameters. 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment