Official discussion thread for Android-in-the-Middle. Please do not post any spoilers or big hints.
Hi. Just working this cypto challenge. The crypto part is “very easy” as the rating suggests. However, I am stumped on remote execution. The program computes “C” (The public key of CPU) but does not send it. It simply sends “???”. Without that, this is a very different challenge. Is this by design or by accident?
Yes. Ordinarily, with a Diffie-Hellman exchange, the other party would send a value and you would send a value and you could then both work out the shared secret key. You need the shared secret key to encrypt the value the server is sending, but you don’t have the necessary part of the exchange. But if you did have it, it wouldn’t really be a hacking exercise!
It is possible. As a hint, try to explore the edge cases.