rsa加密攻击源程序 C语言 This tool is supposed to help crack

文件名称: rsa加密攻击源程序

所属分类: 互联网

开发工具:

文件大小: 37kb

下载次数: 0

上传时间: 2011-08-14

提供者: piec*****

下载 (37kb)

不能下载？报告错误

详细说明： rsa加密攻击源程序 C语言 This tool is supposed to help crackers who are cracking targets protected by RSA and who aren't attackable by the classic method of factoring i.e who'se modulus is > 400 bits. .How to use *********** It's very easy to use it once you know the when the attacks apply.So here are the explanations: 1.Common Modulus Attack: not really an attack but more of a tool, its purpose is to find the factors of the modulus given the public AND secret key, i.e E and D So entering N,D,E you find P,Q so that N = P * Q. I included it in this 'toolkitt' as i got asked many times by other crackers if you can find the factors of N given D and E is possible. The answer is yes. The algo which i used can be found here: http://math.usask.ca/~wurtz/crypt/attacks_rsa/node1.html 2. Weger Attack: this attack applies when the factors of N are close one another i.e the diference |P - Q| is small in comparison to P and Q. So if let's say P and Q have the same bitsize s than for the RSA key to be susceptible to this attack then |P-Q| bitsize must be smaller then (s/2) E.g. P bitsize=256 bits Q bitsize=256 bits |P-Q| bitsize is 100bits then they key generated with this primes is attackble. When testing a RSA key for this attack if you don't get any result after at most 5mins then the attack don't work. BTW: you can try this attack on Amenesia Basis#1 Crackme that presents an RSA key with exactly this weakness. 3. Wiener Attack: this attack applies when the private key is D < (1/3)*N^(1/4) and if P < Q < 2P (which is true most of the times.). So if you have an s bit modulus and if the bitsize of the private key is < (s/4) bits than you can succesfully recover. The attack can be improved, but i'm lazy so i only did the easier version :). 4. Low Exponent Attack: If E=3 and the message is short enough and not padded then there's a possibility that M^E < N so the modular reductions don't take place so computing M having the ciphertext is just a matter of computing the E'th root from the cipher text. As input you must provide N and the ciphertext BTW: you can try this attack on Amenesia Basis#2 Crackme that presents an RSA key with exactly this weakness. .Bugs ****** Send them to bLaCk@reteam.org or correct them yourself, i gave you the source right? :) .Future plans ************* - add threads for Weger attack - add Cycling attack - i need to find more info about how to efficiently implemented (i know it's not an efficient attack from the start but people asked for it) - add ? (here you put what you think is missing) .History ********* - v.0.1f - added the low public exponent 'attack' :) - added automatic base convertion, so it's easier to work with - added automatic md5 hasher (a request) - added Encrypt/Decrypt functions to play with the RSA keys - v.0.1b - first version released .Greets ******* RET, TKM!, KANAL23, LZ0 Members as they all put up with my stupid questions :P ...展开收缩

(系统自动生成,下载前可以参看下载内容)