Crypto - Monkfish
Hmm... smells like a fishy proof of knowledge... - emh
Challenge
#!/usr/bin/sage
import sys
print("I caught a monkfish in the sea! ")
sys.stdout.flush()
from hashlib import sha256
from Crypto.Util.number import bytes_to_long
from random import SystemRandom
import ast
def verif_pok(v, F, pi):
com = pi[0]
resp = pi[1]
verif = pi[2]
a = list(FF)[sha256(bytes([list(FF).index(i[0]) for i in list(com) + list(v) + list(verif)])).digest()[0] % len(list(FF))]
out1 = apply(F, resp)
out2 = com + (a * a) * v - a * verif
return out1 == out2
s = random_matrix(FF, n, 1)
m0 = matrix(FF, m, 1, [0]*100)
m1 = matrix(FF, n, 1, [0]*100)
m2 = v
pi = (m0, m1, m2)
res = verif_pok(v, F, pi)
I omit the whole question as we can use this method to solve the question in a small number of attempts. A more general and proper solution is given in the next part.
We give m0,m1,m2
as input and we need the proof of knowledge to be verified.
Suppose we give resp
to be 0, then out1
becomes 0. Then we need to get out2
to be 0. We do this by setting com
to zero and verif
to v. However, this method only works if the value of a becomes 0 or 1, which has a 40% chance based on the value of v
Last updated