RSA Vulnerability 1

The thing to note is that the same message is being encrypted many times. Knowing $d, e, c$ for all 520 encryptions, you can construct a system of modular equations for $m$ , the message you are trying to retrieve.

$\large \displaystyle \begin{aligned} c_1 &\equiv m^e \pmod{n_1} \\ c_2 &\equiv m^e \pmod{n_2} \\ ... & \text{ }\text{ }\text{ }\text{ }...\\ c_{520} &\equiv m^e \pmod{n_{520}} \\ \end{aligned}$

You can find a solution for $m^e \equiv x \pmod{n_1n_2n_3...n_j}$ by implementing the Chinese Remainder Theorem on the first $j$ equations. In order to retrieve $m$ , we can make $n_1n_2n_3...n_j > m^e$ by considering a susficiently large $j$ so that $m^e$ does not even wrap around the modulus, making $x = m^e$ . So by taking $x^{\frac{1}{e}}$ , we obtain $m$

Via the source code, we know that $n > 10^{308}$ and for each block, $m<10^{91}$ . Hence, an upper bound for the minimum of $j$ satisfies $308j > 91e$ , $\min(j) < 76$ (which is far less than 520).

The code I used to execute this can be found here . My online implementation can be found here . This gives the output:

Aye LJK! I did the work u shud have done. Here: https://pastebin.com/raw/Pvc0UVPi Yes! Isn't that not my job? That's rig6��{y�txx��c��� t6��w�_V�*

Going to the URL would bring you to the answer sheet.

I don't know why the last block did not decrypt properly. If you know why, please tell me.

eZpZ nooooobs