记几种类型的RSA攻击

RSA加密算法

RSA 基于一个简单的数论事实，两个大素数相乘十分容易，将其进行因式分解却是困难的

然而即便 RSA 算法目前来说是安全可靠的，但是错误的应用场景，错误的环境配置，以及错误的使用方法都会导致 RSA 的算法体系出现问题，从而也派生出针对各种特定场景下的 RSA 攻击方法

RSA
RSA 算法涉及三个参数，n，e，d，私钥为 d，公钥对为 n，e

其中 N=pq(p, q 均为大素数)

ed≡1modφ(n)

φ(n) 是 n 的欧拉函数

c 为密文，m 为明文，则加密过程如下：

c≡m^e mod n

解密过程如下：

m≡c^d mod n

n，e 是公开的情况下，想要知道 d 的值，必须要将 n 分解计算出 n 的欧拉函数值，而 n 是两个大素数 p，q 的积, 将其分解是困难的。 但是对于特定的情况可以使用特殊方法进行分解

rsa共模攻击

介绍

如果在 RSA 的使用中使用了相同的模 n 对相同的明文 m 进行了加密，那么就可以在不分解 n 的情况下还原出明文 m 的值。即：

c1≡m^e1 mod n 
c2≡m^e2 mod n

要求e1与e2互质
最终的结果为

m=c1^s1*c2^s2)mod n

求s1,s2

e1*s1+e2*s2=1

可以用扩展欧几里得算法求出s1,s2

证明

(a + b) % p = (a % p + b % p) % p  （1）
(a - b) % p = (a % p - b % p) % p  （2）
(a * b) % p = (a % p * b % p) % p  （3）
a ^ b % p = ((a % p)^b) % p        （4）

则：

(c1^s1*c2^s2)%n = ((m^e1%n)^s1*(m^e2%n)^s2)%n
(c1^s1*c2^s2)%n = ((m^e1)^s1*(m^e2)^s2)%n

则：

(c1^s1*c2^s2)%n = (m^(e1*s1+e2*s2))%n

我们只需要使得
e1s1+e2s2=1即可

求s1，s2的算法：

def exgcd(a,b):
    if b==0:
        return (1,0)
    else:
        x,y=exgcd(b,a%b)
        tempx=x
        x=y
        y=tempx-int((a/b))*y
    return x,y
a=exgcd(13,2)
print(a)

当然也可以用gmpy2的函数直接得到结果:

gmpy2.gcdext(x,y)

注意：
假如我们解出来s2是为负数。
而在数论模运算中，要求一个数的负数次幂，与常规方法并不一样。
比如此处要求c2的s2次幂，就要先计算c2的模反元素c2r，然后求c2r的-s2次幂。
例如
题目地址

import gmpy2
data=[[0xa5f7f8aaa82921f70aad9ece4eb77b62112f51ac2be75910b3137a28d22d7ef3be3d734dabb9d853221f1a17b1afb956a50236a7e858569cdfec3edf350e1f88ad13c1efdd1e98b151ce2a207e5d8b6ab31c2b66e6114b1d5384c5fa0aad92cc079965d4127339847477877d0a057335e2a761562d2d56f1bebb21374b729743 , 0x1614984a0df , 0x7ded5789929000e4d7799f910fdbe615824d04b055336de784e88ba2d119f0c708c3b21e9d551c15967eb00074b7f788d3068702b2209e4a3417c0ca09a0a2da4378aa0b16d20f2611c4658e090e7080c67dda287e7a91d8986f4f352625dceb135a84a4a7554e6b5bd95050876e0dca96dc21860df84e53962d7068cebd248d],
[0xa5f7f8aaa82921f70aad9ece4eb77b62112f51ac2be75910b3137a28d22d7ef3be3d734dabb9d853221f1a17b1afb956a50236a7e858569cdfec3edf350e1f88ad13c1efdd1e98b151ce2a207e5d8b6ab31c2b66e6114b1d5384c5fa0aad92cc079965d4127339847477877d0a057335e2a761562d2d56f1bebb21374b729743 , 0x15ef25e10f54a3 , 0x7c5b756b500801e3ad68bd4f2d4e1a3ff94d049774bc9c37a05d4c18d212c5b223545444e7015a7600ecff9a75488ed7e609c3e931d4b2683b5954a5dc3fc2de9ae3392de4d86d77ee4920fffb13ad59a1e08fd25262a700eb26b3f930cbdc80513df3b7af62ce22ab41d2546b3ac82e7344fedf8a25abfb2cbc717bea46c47e],
[0xa5f7f8aaa82921f70aad9ece4eb77b62112f51ac2be75910b3137a28d22d7ef3be3d734dabb9d853221f1a17b1afb956a50236a7e858569cdfec3edf350e1f88ad13c1efdd1e98b151ce2a207e5d8b6ab31c2b66e6114b1d5384c5fa0aad92cc079965d4127339847477877d0a057335e2a761562d2d56f1bebb21374b729743 , 0x1da0ca25f5a8d , 0x65af8559c93c05efecb6a3029dce7e831787878d5539f7b20fc7645ef4892cee23f53384377180a8789e2b2697b7f07fe1e02f3c6b4bb583a072cf27867f558bd51bdc4880b522e2e81c6572b5629241a601acda31356a4fc7767f6a54163f6d16a0bfb6f577c6662e6e1dee78dc6dc51b4d719a1de3d9c2cb5c41a6987cf2b2],
[0xa5f7f8aaa82921f70aad9ece4eb77b62112f51ac2be75910b3137a28d22d7ef3be3d734dabb9d853221f1a17b1afb956a50236a7e858569cdfec3edf350e1f88ad13c1efdd1e98b151ce2a207e5d8b6ab31c2b66e6114b1d5384c5fa0aad92cc079965d4127339847477877d0a057335e2a761562d2d56f1bebb21374b729743 , 0xc2eac4c2b , 0x711892a29a738e3ac3b996427e4188f23d1c63d9d9c962bfd65b675698e432f27f0ce4e42101576dacaf7b8c78851d406a2695142103d39fbbdd0c111a8587af65834546a5efa8ab6d622a7408d485fe910aaa3ce44168508ab03ad69b15855913c31406be650a492aad1ddde05ac6e655fd842be659ceed886ec6cae8476f1d],
[0xa5f7f8aaa82921f70aad9ece4eb77b62112f51ac2be75910b3137a28d22d7ef3be3d734dabb9d853221f1a17b1afb956a50236a7e858569cdfec3edf350e1f88ad13c1efdd1e98b151ce2a207e5d8b6ab31c2b66e6114b1d5384c5fa0aad92cc079965d4127339847477877d0a057335e2a761562d2d56f1bebb21374b729743 , 0x1a6c23 , 0x57ab8d4c79a58718c0db0dd62a8ba97883e03cd7d14cc3366108a37e8998fc55abd555ca54f81fc975c64e1374d253d95cd957bbb26780e09ca411e8c29742de3414e7cf3f572aea0c35c99b733533e3d39efd5c6c2ce28e67831fb7ecb59186ee791670ffaa08eb6f44614553ec89f7cd5fded09c7c14603e5234f63deb3cf9],
[0xa5f7f8aaa82921f70aad9ece4eb77b62112f51ac2be75910b3137a28d22d7ef3be3d734dabb9d853221f1a17b1afb956a50236a7e858569cdfec3edf350e1f88ad13c1efdd1e98b151ce2a207e5d8b6ab31c2b66e6114b1d5384c5fa0aad92cc079965d4127339847477877d0a057335e2a761562d2d56f1bebb21374b729743 , 0x2beccafd , 0x6630d2faf104547351da66f760fde920203a041b82f07c0db9034148f9dd17c1f14c2c8ec95ae64e8d0b546f58b998c0412046d48d6057758df3ca300d75106d1ad3210bfce28cd17eebb0fe453d954809aff7ff0fa3044adc6162cfd295cc1d28789e718489c70658758818e5150c09c8fd242d8d5b3699970b042e773b6f7a],
[0xa5f7f8aaa82921f70aad9ece4eb77b62112f51ac2be75910b3137a28d22d7ef3be3d734dabb9d853221f1a17b1afb956a50236a7e858569cdfec3edf350e1f88ad13c1efdd1e98b151ce2a207e5d8b6ab31c2b66e6114b1d5384c5fa0aad92cc079965d4127339847477877d0a057335e2a761562d2d56f1bebb21374b729743 , 0x280554063943 , 0x5bcc5f5435fd087c9615bf04864a82a8fed19576fd311cfde565ca340303cd72d3842ad7a8de9c7123cacbcb9b8be1af01590ef19ff0ebf71e5fec2314639c0d5626cd9ee74fbc8a21325778ba3ef3e1ea310e51b029b5ff9b162b881a240ef4f285dc3a40f62e8a1267e9d6fb3d425509dedefc05ab38f4db5b3f47ddc7619b],
[0xa5f7f8aaa82921f70aad9ece4eb77b62112f51ac2be75910b3137a28d22d7ef3be3d734dabb9d853221f1a17b1afb956a50236a7e858569cdfec3edf350e1f88ad13c1efdd1e98b151ce2a207e5d8b6ab31c2b66e6114b1d5384c5fa0aad92cc079965d4127339847477877d0a057335e2a761562d2d56f1bebb21374b729743 , 0x23b0d , 0x48bd06fba0691da8883286c21cd49e02eb65d0e3b6ee12b2113940cc64d9f6b921fcb6a8aa82aac592e6a9552d9e27d80e5061501892ec1227ab24dca4236474502156dce8f852eebcbe515c79d998037f55b00858bd16c4ea6fb7b4bea193f6893be766f234b1aa0a38eebaefc2a11264493ea11fb2c103a7552968d8f808bc],
[0xa5f7f8aaa82921f70aad9ece4eb77b62112f51ac2be75910b3137a28d22d7ef3be3d734dabb9d853221f1a17b1afb956a50236a7e858569cdfec3edf350e1f88ad13c1efdd1e98b151ce2a207e5d8b6ab31c2b66e6114b1d5384c5fa0aad92cc079965d4127339847477877d0a057335e2a761562d2d56f1bebb21374b729743 , 0x6b8a5ae7 , 0x6fdcbfb5cd2cacd032ef7200fd49b9f304a6dbd8399f4a91a72d1d9150f97b3b513f44dfc56f6f7c8ec41a8ef9b93a80230a1e65e29d2ef519bb83931d4b0c7a589059cfdf2d571660ab790a9c7e085e3018bf19748abd6d521952b68bc9594c1ad34726658bd9bd445d3b6381ceee57328838e8a129867e505be0ca0d1a1da5],
[0xa5f7f8aaa82921f70aad9ece4eb77b62112f51ac2be75910b3137a28d22d7ef3be3d734dabb9d853221f1a17b1afb956a50236a7e858569cdfec3edf350e1f88ad13c1efdd1e98b151ce2a207e5d8b6ab31c2b66e6114b1d5384c5fa0aad92cc079965d4127339847477877d0a057335e2a761562d2d56f1bebb21374b729743 , 0x360f1c91fed , 0xa149bb3969479d5b9eff15099ce863d36899d1146c731a91db91ef15869358df4dbe82eaca128d5cd977eeafcb306f949603e5261e9262820f890f8b5dd145718d7af46590eb6474883fe38f399a724d027e04b015d76fd98376d1c5a6d2f63cbc95f15d523692180ca505b327255a67294e5eb69157b3c1230818ac116e48ee],
[0xa5f7f8aaa82921f70aad9ece4eb77b62112f51ac2be75910b3137a28d22d7ef3be3d734dabb9d853221f1a17b1afb956a50236a7e858569cdfec3edf350e1f88ad13c1efdd1e98b151ce2a207e5d8b6ab31c2b66e6114b1d5384c5fa0aad92cc079965d4127339847477877d0a057335e2a761562d2d56f1bebb21374b729743 , 0xefe30ec7dabb , 0x6fce7de911abe59864e01b9b306c167bdde17da28dfcfb7b3c768ec47d0ae4160cebedae9e482468c65c412eab54ed5d422c3b7b7f818fb6813412b0c1d710f02c763a3cbe4a24140f7a48f543190bfc61a838344ce13e093728a285ec9671c93230aa6abb5f52b83e3f065c9fef894c6c2cb17176e8c2c5cb09f03300de66ab],
[0xa5f7f8aaa82921f70aad9ece4eb77b62112f51ac2be75910b3137a28d22d7ef3be3d734dabb9d853221f1a17b1afb956a50236a7e858569cdfec3edf350e1f88ad13c1efdd1e98b151ce2a207e5d8b6ab31c2b66e6114b1d5384c5fa0aad92cc079965d4127339847477877d0a057335e2a761562d2d56f1bebb21374b729743 , 0x753fdb5 , 0xa2403b99c19c2a882bbca51ee414486e1d60db003d16fdf8f30290bae586aaa5500c74b6e8dfe7a3081092da567fd38c57fa04e8a49a94daf229ede6e27fe2571420025aafe123e95b3bcf00a7b64a5e5f48528c8788303c148a4558ab4104b58b2846fde31466f2540b9c5926ffeebfd540ab8da05f9a82db791d72806b74ff],
[0xa5f7f8aaa82921f70aad9ece4eb77b62112f51ac2be75910b3137a28d22d7ef3be3d734dabb9d853221f1a17b1afb956a50236a7e858569cdfec3edf350e1f88ad13c1efdd1e98b151ce2a207e5d8b6ab31c2b66e6114b1d5384c5fa0aad92cc079965d4127339847477877d0a057335e2a761562d2d56f1bebb21374b729743 , 0x12546aff963f4b6b35f , 0x7293cec4d46c8073ce78b4ec8d97c086124376cf75fbcc4c0a57159b02e9c7a8545