One Time Pad (Smart City, 300p)

SOC has managed to acquire two encrypted messages and a plain text message, that corresponds to one of the encrypted messages.

Identify the encryption key and recover the other plaintext.
Get the files from HERE

solution

Archive contains three files, encrypted mainfile.enc, plaintext message.txt and encrypted message.txt.enc. Latter two files are identical in size, which corresponds to task's name - One Time Pad.

# 7z l -ba captured_files.zip
2022-09-16 11:39:34 .....          142          147  mainfile.enc
2000-08-08 22:51:07 .....         5851         2394  message.txt
2022-09-16 11:39:34 .....         5851         5856  message.txt.enc

One-time pad is usually done with simple xor operation, xor-ing each plaintext and key byte by byte, and if that would be the case and key was reused, then mainfile.enc could be decrypted in seconds. Unfortunately, this is custom-ish one-time pad.

After various trial-and-error, it was found that this OTP uses PT + K % 256 sheme. Try to decrypt mainfile.enc

#!/usr/bin/env python3
import io
with io.open('message.txt', 'rb') as fp:
        m1pt = fp.read()
with io.open('message.txt.enc', 'rb') as fp:
        m1ct = fp.read()
with io.open('mainfile.enc', 'rb') as fp:
        m2pt = fp.read()

k = b''
for i in range(len(m1pt)):
        k += bytes([(m1ct[i] - m1pt[i]) % 256])
o = b''
for i in range(len(m2pt)):
        o += bytes([(m2pt[i] - k[i]) % 256])
print(o)

# python3 solve1.py
b'\n   Insert required amount of spaces *here* to decrypt the message.\n\n   The flag is:\n\n       \xac\x14[\x93\xe1*(>\xb3)C\x9b\x1ez\xf7\xa9\xf3AvV\xeb\xea\xeff\xd1\xbd{c!\xd7\xb5\x9c\x88\\5-\xa9+\xa6\x99\x11\xc3\t#\xe8\xc5r\xa9\x88'

Looks like additional work (adding unknown number spaces) is required to retrieve the flag.

#!/usr/bin/env python3
import io
with io.open('message.txt', 'rb') as fp:
        m1pt = fp.read()
with io.open('message.txt.enc', 'rb') as fp:
        m1ct = fp.read()
with io.open('mainfile.enc', 'rb') as fp:
        m2pt = fp.read()

k = b''
for i in range(len(m1pt)):
        k += bytes([(m1ct[i] - m1pt[i]) % 256])

p = 37
for x in range(1000):
        o = b''
        m2ptm = m2pt[:p] + (b' ')*x + m2pt[p+6:]
        for i in range(len(m2ptm)):
                o += bytes([(m2ptm[i] - k[i]) % 256])
        print(x, o)

# python3 solve2.py | grep ctf
730 b'\n   Insert required amount of spaces y\x11.\xed-8\x08\x16Iky\x9f~\n\xd9\n\x8d\x90+\xe6\xe79jp\xe7\xe5\x96\x0e\xe9\x16\x96%iJ\x1c\xac\t\x99\x93\x86\x86X\xfd,~\xdc#]S\x17kN\xb8\x86HJp\xb7vf\xda&\xc6h\xfb\x9d\xd3\x86\xd7\x01\x85\xb5\xf1\xfb`V\x11\xd1\xe0B\x1a\xe4\x94\xa2\xe6\x8ca\x94\re\x85\xe7\xd9\x9cK\xdeh\xfcmI3d=\x0e\x13\x01-\xb1\x96\x91\xa5E]\xb4A\x8f2\xc5\x8d\xeb\xa3N\x89B\x10\xb7\xa3@\xa8\x10\xd6\xfe\xaa\x12\xa1\xa3\xdc\xb8~\x80\xb0\x00\x07\xa6q=\x1e\x14\xe6\x96\xea\x03\x8b\xcc\xc4\xca[\xc6\xd9Iu\x0b\xdf\x02{\xfc\xcc\xacZl\x8a\xc5\x87\x12\xd2\x03\xcaZ\x7f\x97\xa7\xde\x1b@\xa1\r\xb8\xf4J\xceTO\xc9Q\xcd\xca)\x08i4/,\xcaU\x16BY\x8c\x17$-\xb4\xad\n)\x04\x920\x86\xb4\xe8D\xb8\xa3)%\xfb\x92\x99\x97\xb9Z\x8f\x9cY\xd1\x93\xfa\x97\x04t\xc3?\xc7\x90\xb7\xb2d\x14\r\x96N\x92N\xd1?j\x88N\xaa\x8fF\xf0\r\x14,U;<\xf0\xaf\xae\xb1\xce\xaf\xb9%\xe5\xa7\x12oc\x06\xe80M\x02\xd8C\x8c\xd7q\x81\x84\xf3\xf18\x9bEH\x95*\x00s\x14L\xa2\xec\x8cvVi\xfa\x9f\x9f/\xa8\x87V\n\x9e\xaf\xe4BL\xb3r\xbc(\x88\xdaF\xe0\x06\xa8F"J[\xae\x83mu\xd3\xdf\xb5\xdf\xf4\x84\x83GfE9\x14\x80K\xf2\xcc:\xa4\xfb\xad\xff\x8b\xac\xd6\x07\xb1\xcc\x98kvx\x11\xb9)4M\t>|\xcb\x8e\x04\xe7\x99\x831X\xcb\x8e\x13\xdd \xb5sA\x11T_\xb6c\x036\xc7]\xaf\xc5\x0e\xff\xea\xda\xdc=\xd6\xba\xfe\xd9\xdat\x85\x87\xaa\xa3K\x1c\xf5\n\xc5\x05\x80\x92\x17\x80\x93\x04\xde\x94,:\xaf\x80\x10\xd2\\\xe4\xfcA\xc0~\x83\xddm\xb1\x90\xdcsH\xb6\x92\x0f\xb3\xb7\x0e\\\x1d\x9an\x9aO\xcd\xd4L\x92l\xe7\xe4\xc3\xba\x87\xdd\x7f\xd53G\x90\xb0z7\xff\xe1\x84\xaf\xd6\x9d\x8b\xb0\x05\xdcY\x1cG\xad\x02\xce\xef\'>f\x7f\x84\xd3\xfaF63} ^\x87\x02\x0c\xf7F\x12\x05\xb9,\x94\xd5\x1b\x87\xe59u\xf1\xc0`\xae\xcc\x85\xd2\xc3\xa3@\xa8\xf8\xbe)\xd4Y#\xa6@;\xd5\x98z\xd0\xf6\xed\x06\xb8\x1bH\x95\xd3cn\xb7\xbb\x05\xec\x8a\xfc\xdb\xdbm\xb1+#H\xbf\xea}7\xa4\xf5\xa9N<\x1fX=\xcaG\xdckR\x07q\x05\x8f-\x1e}5\x80\xb0g\xf0\x8f\xd8\xf2lC\xd7\xcf\x1d\x19\xc7t\xb3\xf3\xf1|\xedh\x8d\x08"y?++\xed\xa6k\xb7\xcf7u\xf24\'&\x90e/\x9c\xce\x9f\x8d\r\x9da\xb6\xf7`\x1d\r\xdc\x9a99\x8d\xd6\xbd\x8fqY\x85\xbf@T\x875\x0bW\xdd\xf33\x0f\xb5\x8a\x0c\xa0\xb8\x9a\x14\xa0\xc5\x85\'\x87n\x16\x86-\x7f\xdd\xd0v\xd7\xf9\xb2\xe38\xf8\xc5\x93\x92*\xe8.\xed@\xf7\x94^zu\x8c\x9e\x11.\xed-8 to decrypt the message.\n\n   The flag is:\n\n       ctftech{0e4bac814bc9f95dee247bd630afb6529e7d607d}'

Flag is ctftech{0e4bac814bc9f95dee247bd630afb6529e7d607d}.