PDA

View Full Version : function analysis

dion
December 13th, 2005, 02:30
hi, i was trying to figure out the invert function of "foo":

Code:


#include "stdafx.h"

#include <big.h>



miracl *mip = mirsys(100,16);

big str2,key1;



void foo(big a, big b, big c)

{

	zero(a);

	//countbits(big c)

	char sctemp[200];

	unsigned int bitcount;

	mip->IOBASE=2;

	bitcount = cotstr(c,sctemp);

	

	unsigned int i;

	mip->IOBASE=16;

	for (i=0;i<bitcount;i++)

	{

		add(a,a,a);

		if (sctemp[I] == '1') add(a,b,a);

	}

	big localtemp = mirvar(0);

	divide(a,str2,localtemp);

}



int main(int argc, char* argv[])

{

	key1 = mirvar(0);

	str2 = mirvar(0);

	big key1fix = mirvar(0);

	mip->IOBASE=16;

	cinstr(str2,"E9D3D13D9906C1622D5ECCB0AC41A8B56A64CF5F";

	cinstr(key1,"5DAB51C2E2A4F1EE514664FFA4C770D06C5F74CA";

	cinstr(key1fix,"5DAB51C2E2A4F1EE514664FFA4C770D06C5F74CA";



	big temp = mirvar(0);

	foo(temp,key1,key1);

	otnum(temp,stdout);



	copy(temp,key1);

	foo(temp,key1,key1);

	otnum(temp,stdout);

....


foo parameters :
return value in a.
b and c are input number, can be different/same value.

is this function was well known? all i know is just the modulus op. but the if(sctemp[I].... line make this little complicated. or any known attacks except blind bruteforce?

thanks
KSA
December 13th, 2005, 11:43
Hi,

This is RSA where:
N = E9D3D13D9906C1622D5ECCB0AC41A8B56A64CF5F
P = FF40C7FEB84FB74B9F2F
Q = EA82FC45A45A69AF46D1
E = 5DAB51C2E2A4F1EE514664FFA4C770D06C5F74CA
D = 649148AE4091CA3CCA9BE7B1D2F97B6A6351DD21

That's all
dion
December 13th, 2005, 23:46
i was think like that too, but later i found, it is not rsa.
ok, frankly, i code the function to mimic a protection used by xxx. if you interested on analysing the target yourself, please said so, i'll pm you.
i need more time to tune a bruteforce, well, a lame blind bruteforcer
KSA
December 14th, 2005, 07:12
Quote:
for (i=0;i<bitcount;i++) { add(a,a,a); if (sctemp[I] == '1') add(a,b,a); }


this (sctemp[I] == '1') as I know FastExp algorithm. But, the add function should be mul function. BTW, you can PM me if you mind.

KSA
dion
December 15th, 2005, 01:54
no man...
it is rsa indeed :P
i check it again with powmod function.
btw, the foo function is work well, it is add, not mul. actually the original function uses subtract function after each addition, if the num bigger than n.
but it is really unreasonable by me how this kind op (bit/sliding method?) can finally results in exp mod. just can't think why/how

and thanks, KSA, remind me again.