Thanks for Social Engineering Xperts for preparing those interesting problems!
An extremely interesting crypto! The author generates
As XOR is a bitwise operation, it's natural to convert the ciphertexts to bit vectors. Now, it's the key point to the problem.
Trick. Change
We may easily prove this fact. Assume that
Given
Ortho-Lattice Attack is well-explained in the section 3.1 of this paper
There are many vectors in the orthogonal complement, but we require
Now, we may run LLL (a popular method to find small things, see wiki) and get a short vector. But it's not short enough …
Why not using BKZ as we don't have time limitation :P Here is my script for finding a short vector. Note that if
with open("neural_output.txt") as f:
_ = f.readlines()
def toVec(n):
v = []
for i in range(40 * 8):
if n & (1 << i):
v += [1]
else:
v += [-1]
return v
M = Matrix(ZZ, 320, 200 + 320)
a = 2^50
for i in range(200):
n = int(_[i][:-1])
v = toVec(n)
for j in range(320):
M[j, i] = a * v[j]
M[j, j + 200] = 1
L = M.LLL()
L = L.BKZ(block_size = 10)
for i in range(320):
v = list(L[i])
if v[:200].count(0) == 200 and v[200:].count(1) + v[200:].count(-1) == 320:
print(v[200:])
break