encrypted_ai

cryptography

forensics

xor

pytorch

Competetion

iCTF24

Challenge Author

saad_ullah

Date

Jan. 9, 2025

A student has designed a PyTorch model and embedded a hidden flag within it. To add a layer of security, he encrypted the model using XOR encryption with a random 16-byte key before sharing it with his friends. However, the student forgot to save both the encryption key and the unencrypted model, making the task of revealing the hidden flag a puzzle.

Your challenge is to recover the encryption key and decrypt the model to unveil the concealed information. The encrypted model file is provided i.e., `model_encrypted.pth`.

Good luck, and happy decrypting!


Hints

None

Solution

This prompt gives us a .pth file and tells us it's been encrypted using a 16-byte XOR key. Since XOR is reversible, all we need to do is find bytes that are the same across all pth files. If we use XOR with the encrypted bytes against the unencrypted bytes it will return the key as long as the encrypted bytes were the same as the unencrypted ones. A common way to do this for files is to find magic bytes. Magic bytes are a set of 16 bytes that signify what type of file it is. Since it's 16 bytes long, this is the perfect length for us to reverse the XOR against. ![](/media/writeup_images/ictf24/encrypted_ai/2025-01-09-08-37-54_encrypted_ai_.png) These are the magic bytes from another pth file, since magic bytes are always the first 16 bytes of a file, we just need to XOR the first 16 bytes of both files. ![](/media/writeup_images/ictf24/encrypted_ai/2025-01-09-08-40-56_encrypted_ai_.png) The output of the XOR will be our key. Since this is just our key, we still need to perform XOR on the entire file against this key. The best way to do this is by writing a small python script ```python key = bytes.fromhex("6ea09eb68dda284a2212e359f243b22d") def xor_decrypt(data, key): key_length = len(key) return bytes(data[i] ^ key[i % key_length] for i in range(len(data))) with open("model_encrypted.pth", "rb") as f: encrypted_data = f.read() decrypted_data = bytearray() key_length = len(key) for i in range(len(encrypted_data)): decrypted_data.append(encrypted_data[i] ^ key[i % key_length]) with open("model_decrypted.pth", "wb") as f: f.write(decrypted_data) ``` This script will successfully unencrypt the file using XOR with our key. After that, I used hexdump to see if the flag was the in unencrypted hexadecimal of the file. We use the -c flag to convert the data into it's ascii representation and pipe the command into more so not all of it loads immediately. ![](/media/writeup_images/ictf24/encrypted_ai/2025-01-09-08-50-25_encrypted_ai_.png) ``` ictf{XOR_Encryption_Is_Not_Secure} ```