AES-CTR with Nonce Reuse

Can you exploit a reused nonce?


3 solved
Dec. 3, 2015, 10:26 p.m.

What format is the answer expected to be in? It isn't accepting the concatenation of the plaintexts.


Dec. 4, 2015, 1:23 a.m.

The solution is the two plaintexts concatenated in alphabetical order. There may be more than one solution, but the correct one should be obvious. If the plaintexts are jibberish it's not the correct solution. If you think you have the correct solution but it's not being accepted feel free to email us.


26 solved
Feb. 7, 2016, 9:43 p.m.

Accidently posted here instead of the solutions page


36 solved
March 19, 2016, 8:46 a.m.

I believe I got the right answer but its not accepting. Corresponding to two ciphers, I got p1 & p2 and then I did p1 concat p2 ( since first char of p1 < first char of p2)


March 19, 2016, 11:46 p.m.

You can email us with the specifics if you think your answer is correct.


23 solved
Feb. 24, 2019, 5:18 a.m.