AES-CTR with Nonce Reuse

Can you exploit a reused nonce?



consonant

3 solved
Dec. 3, 2015, 10:26 p.m.

What format is the answer expected to be in? It isn't accepting the concatenation of the plaintexts.

Robert

Staff
Dec. 4, 2015, 1:23 a.m.

The solution is the two plaintexts concatenated in alphabetical order. There may be more than one solution, but the correct one should be obvious. If the plaintexts are jibberish it's not the correct solution. If you think you have the correct solution but it's not being accepted feel free to email us.

dylan

26 solved
Feb. 7, 2016, 9:43 p.m.

Accidently posted here instead of the solutions page

global4g

36 solved
March 19, 2016, 8:46 a.m.

I believe I got the right answer but its not accepting. Corresponding to two ciphers, I got p1 & p2 and then I did p1 concat p2 ( since first char of p1 < first char of p2)

anton

Staff
March 19, 2016, 11:46 p.m.

You can email us with the specifics if you think your answer is correct.

balls

23 solved
Feb. 24, 2019, 5:18 a.m.

https://crypto.stackexchange.com/questions/2991/why-must-iv-key-pairs-not-be-reused-in-ctr-mode