Tags: crypto 


* Table generation using extremely weakened version of RC4 as per paper by [Fluhrer, Mantin and Shamir.](https://link.springer.com/content/pdf/10.1007%2F3-540-45537-X_1.pdf) The KSA is b-conversing
* Key generation leads to conditions that might give a special b-exact key.
* Reversing the given password using simple Matrix operations would give the first 12 output bytes of the cipher
* generate possible b-exact keys and check against the first table entries generated
* Use the key to re-generate table. re-generate passwords for the websites at netcat to get the flag

here's the link to the [official writeup]( https://blog.bi0s.in/2021/08/20/Crypto/Tabula-Recta-InCTF-Internationals-2021/)