# XORing strings

In [None]:
msg = "label"
xored_str = ""
for letter in msg:
    xored_str += chr(ord(letter) ^ 13)
print(xored_str)

In [None]:
def byte_xor(*byte_strs):
    result = byte_strs[0]
    for arr in byte_strs[1:]:
        result = [_a ^ _b for _a, _b in zip(result, arr)]
    return result

In [None]:
a = bytes.fromhex('a6c8b6733c9b22de7bc0253266a3867df55acde8635e19c73313')
b = byte_xor(a, bytes.fromhex('37dcb292030faa90d07eec17e3b1c6d8daf94c35d4c9191a5e1e'))
c = byte_xor(b, bytes.fromhex('c1545756687e7573db23aa1c3452a098b71a7fbf0fddddde5fc1'))
f = byte_xor(a, b, c, bytes.fromhex('04ee9855208a2cd59091d04767ae47963170d1660df7f56f5faf'))
print(str(f))

# XOR bruteforce

In [None]:
def bytewise_xor(msg, xor_val):
    return bytes([_a ^ xor_val for _a in msg])

In [None]:
def bytewise_xor_bruteforce(msg):
    result = []
    for i in range(0x100):
        possible_bytes = bytewise_xor(msg, i)
        possible_solve = "".join(chr(byte) for byte in possible_bytes)
        result.append(possible_solve)
    return result

In [None]:
msg = bytes.fromhex('73626960647f6b206821204f21254f7d694f7624662065622127234f726927756d')
bytewise_xor_bruteforce(msg)

# Format attack
We know the format is crypto{*}
"crypto{" ^ "0e0b213f26041e" = "myXORke"
"}" ^ "04 = "y"
Key is "myXORkey"

In [None]:
msg = bytes.fromhex('0e0b213f26041e480b26217f27342e175d0e070a3c5b103e2526217f27342e175d0e077e263451150104')
xor_key = "myXORkey"
key_len = len(xor_key)
solve_bytes = []
for i in range(len(msg)):
    solve_bytes.append(msg[i] ^ ord(xor_key[i % key_len]))
solve_str = "".join(chr(o) for o in solve_bytes)
print(solve_str)

# Greatest Common Divisor

In [None]:
import math

def gcd(a, b):
    a_divs = [1]
    b_divs = [1]
    for i in range(2, math.ceil(a / 2) + 1):
        if a % i == 0:
            a_divs.append(i)
    for i in range(2, math.ceil(b / 2) + 1):
        if b % i == 0:
            b_divs.append(i)

    a_divs.append(a)
    b_divs.append(b)

    gcd = 1
    for div in a_divs:
        if div in b_divs:
            gcd = div
    return gcd

In [None]:
print(gcd(12, 8))
print(gcd(66528, 52920))

# Bezout coefficients

In [None]:
import math

# Returns GCD, bezout coefficient s and t
def bezout_coefficients(a, b):
    r0, r1 = a, b
    s0, s1 = 1, 0
    t0, t1 = 0, 1
    while r1 != 0:
        q = math.floor(r0 / r1)

        r2 = r0 - (q * r1)
        r0 = r1
        r1 = r2

        s2 = s0 - (q * s1)
        s0 = s1
        s1 = s2

        t2 = t0 - (q * t1)
        t0 = t1
        t1 = t2

    return r0, s0, t0

In [None]:
print(bezout_coefficients(240, 46))
print(bezout_coefficients(26513, 32321))

# Modulus space
## Fermat's little theorem
(a ** p = a) in mod space p

In [None]:
for i in range(3, 19, 2):
    print(f"a: {i}, (a ** p) % p: {(i ** 17) % 17}")

a ** p - 1 = 1 in mod space p

## Modular Inverting
[Wikipedia](https://en.wikipedia.org/wiki/Modular_multiplicative_inverse)
ax + my = gcd(a, m) = 1 -> a * x == 1 (mod m)
Only works if m is prime

In [None]:
def modular_inverse(a, m):
    for x in range(m):
        if (a * x) % m == 1:
            return x
    return False

In [None]:
modular_inverse(5, 13)

## Modular Square Root
In mod space 29
a = 11
a*a = 121 % 29 = 5

Any x is a *Quadratic Residue* if there is a such that a ** 2 = x mod p
Any x is a *Quadratic Non-Residue* if there is a such that a ** 2  = x mod p

In [None]:
def mod_sqrt_old(a, p):
    for i in range(p):
        if (i * i) % p == a:
            return i
    return False

In [None]:
print(mod_sqrt_old(5, 29))
print(mod_sqrt_old(18, 29))

In [None]:
print(mod_sqrt_old(14, 29))
print(mod_sqrt_old(6, 29))
print(mod_sqrt_old(11, 29))

## Properties of Quadratic Residues
QR = Quadratic Residue
QNR = Quadratic Non-Residue

QR * QR = QR
QR * QNR = QNR
QNR * QNR = QR

To remember, substitude QR with +1 and QNR with -1
1 * 1 = 1
1 * -1 = -1
-1 * -1 = 1

## The Legendre Symbol
(a / p) == a^(p - 1) / 2 mod p
p most be odd prime
(a / p) == 1 if a is quadratic residue and a !== 0 mod p
(a / p) == 0 if a === 0 mod p
(a / p) == -1 if a is quadratic non-residue mod p

In [None]:
def legendre_symbol(a, p):
    if a == 0:
        return 0

    sym = pow(a, (p - 1)//2, p)
    if sym == 1:
        return 1
    else:
        return -1

In [None]:
for i in range(11):
    print(legendre_symbol(i, 11))

In [None]:
# For challenge

p = 101524035174539890485408575671085261788758965189060164484385690801466167356667036677932998889725476582421738788500738738503134356158197247473850273565349249573867251280253564698939768700489401960767007716413932851838937641880157263936985954881657889497583485535527613578457628399173971810541670838543309159139

ints = [25081841204695904475894082974192007718642931811040324543182130088804239047149283334700530600468528298920930150221871666297194395061462592781551275161695411167049544771049769000895119729307495913024360169904315078028798025169985966732789207320203861858234048872508633514498384390497048416012928086480326832803, 45471765180330439060504647480621449634904192839383897212809808339619841633826534856109999027962620381874878086991125854247108359699799913776917227058286090426484548349388138935504299609200377899052716663351188664096302672712078508601311725863678223874157861163196340391008634419348573975841578359355931590555, 17364140182001694956465593533200623738590196990236340894554145562517924989208719245429557645254953527658049246737589538280332010533027062477684237933221198639948938784244510469138826808187365678322547992099715229218615475923754896960363138890331502811292427146595752813297603265829581292183917027983351121325, 14388109104985808487337749876058284426747816961971581447380608277949200244660381570568531129775053684256071819837294436069133592772543582735985855506250660938574234958754211349215293281645205354069970790155237033436065434572020652955666855773232074749487007626050323967496732359278657193580493324467258802863, 4379499308310772821004090447650785095356643590411706358119239166662089428685562719233435615196994728767593223519226235062647670077854687031681041462632566890129595506430188602238753450337691441293042716909901692570971955078924699306873191983953501093343423248482960643055943413031768521782634679536276233318, 85256449776780591202928235662805033201684571648990042997557084658000067050672130152734911919581661523957075992761662315262685030115255938352540032297113615687815976039390537716707854569980516690246592112936796917504034711418465442893323439490171095447109457355598873230115172636184525449905022174536414781771, 50576597458517451578431293746926099486388286246142012476814190030935689430726042810458344828563913001012415702876199708216875020997112089693759638454900092580746638631062117961876611545851157613835724635005253792316142379239047654392970415343694657580353333217547079551304961116837545648785312490665576832987, 96868738830341112368094632337476840272563704408573054404213766500407517251810212494515862176356916912627172280446141202661640191237336568731069327906100896178776245311689857997012187599140875912026589672629935267844696976980890380730867520071059572350667913710344648377601017758188404474812654737363275994871, 4881261656846638800623549662943393234361061827128610120046315649707078244180313661063004390750821317096754282796876479695558644108492317407662131441224257537276274962372021273583478509416358764706098471849536036184924640593888902859441388472856822541452041181244337124767666161645827145408781917658423571721, 18237936726367556664171427575475596460727369368246286138804284742124256700367133250078608537129877968287885457417957868580553371999414227484737603688992620953200143688061024092623556471053006464123205133894607923801371986027458274343737860395496260538663183193877539815179246700525865152165600985105257601565]

for i in range(len(ints)):
    if legendre_symbol(ints[i], p) == 1:
        print(i)

pow(ints[5], (p + 1) // 4, p)

## Tonelli-Shanks algorithm
All odd primes are
    - p === 1 mod 4
    - p === 3 mod 4
3 mod 4 case is already defined as +- n ^ ((p + 1) / 4)
Algorithm for finding 1 mod 4 case is Tonelli-Shanks

Used for finding r in congruence r^2 === n (mod p)
p must be odd prime
n must be non-zero
Returns r so that (r**2) % p == n


In [None]:
def tonelli_shanks(n, p):
    if gcd(n, p) != 1:
        return -1
    if pow(n, ((p + 1) / 4), p) == (p - 1):
        return -1

    q = p - 1
    s = 0
    while (q % 2 == 0):
        q = q / 2
        s += 1

    for i in range(2, p):
        if legendre_symbol(i, p) == 1:
            z = i
            break

    m = s
    c = pow(z, q)
    t = pow(n, q)
    r = pow(n, (q + 1) / 2)

    while True:
        if t == 0:
            return 0
        if t == 1:
            return r
        for i in range(m):
            if pow(pow(t, 2), i) == 1:
                break
        b = pow(pow(c, 2), m - i - 1)


    return False

In [None]:
# Implement Tonelli-Shanks eventually
def mod_sqrt(a, p):
    return mod_sqrt_old(a, p)

# Caeser Cipher

In [None]:
def caeser_bruteforce(input):
    for _ in range(127-32):
        ords = []
        for byte in input:
            byte = (byte + i)