# Crypto Challenge Set 6

This is **the last of our original crypto challenges**.

This set exclusively covers **number-theoretic cryptography**, and, in
particular, RSA and DSA.

This set is **hard**. The concepts are again new. The attacks involve
some math --- but nothing you didn't learn in 9th grade --- and a
significant amount of programming.

But **they're worth it**. Two of these attacks in particular are among
the most valuable in real-world cryptography.

41. [Implement unpadded message recovery oracle](https://depp.brause.cc/cryptopals/06/41.md)
42. [Bleichenbacher's e=3 RSA Attack](https://depp.brause.cc/cryptopals/06/42.md)
43. [DSA key recovery from nonce](https://depp.brause.cc/cryptopals/06/43.md)
44. [DSA nonce recovery from repeated nonce](https://depp.brause.cc/cryptopals/06/44.md)
45. [DSA parameter tampering](https://depp.brause.cc/cryptopals/06/45.md)
46. [RSA parity oracle](https://depp.brause.cc/cryptopals/06/46.md)
47. [Bleichenbacher's PKCS 1.5 Padding Oracle (Simple Case)](https://depp.brause.cc/cryptopals/06/47.md)
48. [Bleichenbacher's PKCS 1.5 Padding Oracle (Complete Case)](https://depp.brause.cc/cryptopals/06/48.md)