Cryptography

Cryptography and Cryptanalysis are the art of creating and breaking codes.

This section will only explain the most common attacks, as there are too many of them (and would require too much time to write). However, tools and resources will be provided to help you learn more about cryptography and understand the well-known attacks.

Platforms with cryptanalysis challenges:

Name	Description	Website
Cryptohack	Cryptanalysis challenges presented in a game-like and competitive (no public solutions) way.	https://cryptohack.org
CryptoPals	Sets of hard challenges with public solutions available.	https://cryptopals.com

Common tools

SageMath - Website
Powerful mathematics software, very useful for crypto and number theory.
Crypton - GitHub
Archive repository of the most common attacks on cryptosystems.
Crypto Attacks repository - GitHub
A large collection of cryptography attacks.

Common attacks

Predictable Pseudo-Random Number Generators
For performance reasons, most of random number generators are predictable. Generating a cryptographic key requires a secure PRNG.
For example, python’s random module uses the Mersenne Twister algorithm, which is not cryptographically secure. randcrack is a tool that can predict the next random number generated by the Mersenne Twister algorithm when you know the 624 previously generated integers (4 bytes each).
Duplicate Signature Key Selection (DSKS) - StackExchange
Given a message m and a signature s, it is possible to find a second signature s' generated from a different private/public key pair.
This is valid for most of digital signature schemes, including RSA, DSA, ECDSA.
Square root when $p ≡ 3$ mod $4$
Computing the square root of a number modulo a prime number is easy when the prime is congruent to 3 modulo 4.
Here is how to do it with SageMath:
```
p = 101
F = GF(p)
sr = F(71).sqrt()
assert sr**2 % p == 71
```

Fundamentals Public Key Symetric Diffie-Hellman Elliptic Curves Hashes Misc Codes

sagemath_quickref.pdf