Now marginally more spooky!
We are given intercept.txt and problem.sage, which are some data the challenge script.
This implements an elliptic curve key distribution algorithm, and the curve has quite a interesting property, E_order = N
. This allows us to use the smart attack.
The main idea about this is to lift the curve from mod N
to mod N^2
, and ECC multiplication becomes an additive group. More detail is in the paper about smart attack here
Here is just a short derivation of Hensel lifting for this particular case.
Let
Since
Since we just need to find
The division of
Flag:
hsctf{Y_does_4lice_have_such_weird_cuRV3s?}