zer0pts CTF 2021
crypto
The server encrypts flag with AES-CBC. Then provide us the chance to get the AES key. We repeatedly input some parameters , then the server manipulates 2 bits of the key with them and gives us .
are calculated as shown the following.
This seems like some of oblivious transfer protocols. We can easily get either xor . Then how do we get both of them?
As we can input four values, we must think out of how to choose them. For example, if or stands, the challenge seems to become pretty easy.
Thus, we need to make or . In order to do it, choosing is the easiest way.
should satisfy .
Then stands. So and .