Crypto Analysis Tool

cipher · Post by **cipher** » Wed Feb 15, 2006 9:53 am

I have found a tool that is providing interesting results with brute force testing.

h**p://www.cryptool.org/

Using this tool I have found that you can test different scenarios of possible keys. For example using the analysis menu and symmetric encryption modern DES ECB selection there is a provision to do what if values on a binary file containing the ciphered hex data.

I created a binary file from the SPI log auth sequence information as follows.

Take the following XX portion of the 80 3C SPI command and put it into a bin file using Hex Workshop or some other hex tool.

80 3C 99 70 00 00 00 CA A0 00 1D 00 00 80 XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX 02 04

Then using the tool menu I named above and entering a value of ** ** ** ** UA UA UA UA where UA is the HEX Unit Address value and ** is a wild card of brute force values to be perform on the cipher hex data file.

The brute force process takes a significant amount of time e.g. 1.5 days on a 3.0Ghz CPU.

This could be a an important discovery, but it is early at this point to determine.

usbbdm and my self are working with this tool and could use your help with it. So give it a try if you are able to do this stuff.

twistedps · Post by **twistedps** » Wed Feb 15, 2006 1:17 pm

crazy stuff guys, i wish you the best of luck

tester5 · Post by **tester5** » Fri Feb 17, 2006 9:17 pm

i dont understand what you try to do?

got any idea how dish autorolls keys? it has to be simmilar this things are made by the book

cipher · Post by **cipher** » Sat Feb 18, 2006 7:18 am

I am trying to learn what the auth data represents. So trying hack different values that the DAC may use to encrypt could reveal the actual data and it's meaning, it's basic trialling and eventually someone sees something that has meaning. When the cipher trialled key is close to the actual key value it tends to reveal patterns like 00 FF this would not normally occur if the key were not close in value. Of course this is only valid if they are using DES ECB to encrypt it.

tester5 · Post by **tester5** » Tue Feb 28, 2006 11:59 am

is not tripple?

cipher · Post by **cipher** » Tue Feb 28, 2006 1:44 pm

It is not known for certain. But if you look at the big picture then you see the following. At the time of design if the system had to process encryption as triple DES the over head on the DAC system would be quite heavy and would be a performance problem. The XC chip is an 8 bit processor and to run a triple DES decryption would have significant performance issues. So the probability is that they would use Standard DES. This is a real time system and it can not have a significant processing delay.

USB JTAG

Crypto Analysis Tool

Crypto Analysis Tool

Who is online