I have found a tool that is providing interesting results with brute force testing.
h**p://www.cryptool.org/
Using this tool I have found that you can test different scenarios of possible keys. For example using the analysis menu and symmetric encryption modern DES ECB selection there is a provision to do what if values on a binary file containing the ciphered hex data.
I created a binary file from the SPI log auth sequence information as follows.
Take the following XX portion of the 80 3C SPI command and put it into a bin file using Hex Workshop or some other hex tool.
80 3C 99 70 00 00 00 CA A0 00 1D 00 00 80 XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX 02 04
Then using the tool menu I named above and entering a value of ** ** ** ** UA UA UA UA where UA is the HEX Unit Address value and ** is a wild card of brute force values to be perform on the cipher hex data file.
The brute force process takes a significant amount of time e.g. 1.5 days on a 3.0Ghz CPU.
This could be a an important discovery, but it is early at this point to determine.
usbbdm and my self are working with this tool and could use your help with it. So give it a try if you are able to do this stuff.
Crypto Analysis Tool
-
- Junior Member
- Posts: 21
- Joined: Wed Jul 27, 2005 9:16 pm
- Location: NewYork&Chicago
- Contact:
-
- Junior Member
- Posts: 381
- Joined: Fri Oct 28, 2005 8:43 am
I am trying to learn what the auth data represents. So trying hack different values that the DAC may use to encrypt could reveal the actual data and it's meaning, it's basic trialling and eventually someone sees something that has meaning. When the cipher trialled key is close to the actual key value it tends to reveal patterns like 00 FF this would not normally occur if the key were not close in value. Of course this is only valid if they are using DES ECB to encrypt it.
-
- Junior Member
- Posts: 21
- Joined: Wed Jul 27, 2005 9:16 pm
- Location: NewYork&Chicago
- Contact:
-
- Junior Member
- Posts: 381
- Joined: Fri Oct 28, 2005 8:43 am
It is not known for certain. But if you look at the big picture then you see the following. At the time of design if the system had to process encryption as triple DES the over head on the DAC system would be quite heavy and would be a performance problem. The XC chip is an 8 bit processor and to run a triple DES decryption would have significant performance issues. So the probability is that they would use Standard DES. This is a real time system and it can not have a significant processing delay.
Who is online
Users browsing this forum: No registered users and 9 guests