|
|||||||||
|
|||||||||
| |||||||||
|
|||||||||
|
|||||||||
| |||||||||
|
|
|
| |||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
Dev Shed Forums Sponsor:
|
|
Stop making mediocre tutorials.The best tutorials are video! Camtasia Studio makes it easy to create engaging, buzz-building screen videos at any size, in any popular format. Download the free trial!
|
|
#1
March 31st, 2008, 05:55 PM
|
|||
|
|||
|
Crypto Algorithm Question - Searching for algorithm, arriving at a dead end
Data available:
2 inputs, 2 matched outputs. 8-bytes/64-bits each. 1 extraneous piece of data, 4-bytes/32-bits, identical for both sets (possible key). --------------- Assumptions: The source and target both read an identical input (64-bit, 8-byte). The source generates and stores a 64-bit, 8-byte output. It is assumed that the target is using the same input and algorithm, then generating and comparing an output. If they match, a pass condition exists, otherwise a fail condition exists. --------------- Goal: I am trying to determine how the output is generated from the input. I am not 100% positive that there is no private key or 3rd data component, but I am 100% positive that both would use the SAME key if there was one (in other words, the target decoding has no way of receiving an updated key). --------------- Data: Code:
Input 1: E0 07 00 00 07 FB F0 88 Output 1: 01 DD 00 E7 68 02 00 E7 Code:
Input 2: E0 07 00 00 07 FB EF FB Output 2: 00 DD 00 E7 F4 02 00 E7 ---------------- You will notice that the inputs both begin with "E0 07 00 00 07 FB". You will also notice that both outputs contain the characters "DD 00 E7 02 00 E7". You will also notice that "FB" appears twice in the second input, but neither DD nor 02 appear twice in the output. Code:
Guess 1: E0 is equal to DD or 02 FB is equal to DD or 02 00 is equal to 00 or E7 07 is equal to 00 or E7 ---------------- Next, notice that the only difference between the two inputs is in the last 2 bytes "F0 88" versus "EF FB". Code:
Guess 2: F0/88 equal to 68/01 in set 1 EF/FB equal to F4/01 in set 2 ---------------- My first theory was a possible mix/rotation, where each set was mixed (as far as char position goes), then each byte was rotated (wrapping at FF, 255). I created a table showing possible distances between input and output values, with some showing promise (rot16/32 patterns). In the end though, I couldn't find enough similarities in the two sets. ---------------- Things started to become more interesting when I started working with a decimal covertion of the two sets. It looks something like this: Code:
Input 1: 224 7 0 0 7 251 240 136 Output 1: 1 221 0 231 104 2 0 231 Code:
Input 2: 224 7 0 0 7 251 239 251 Output 2: 0 221 0 231 244 2 0 231 ---------------- What is interesting is that, going from the mix/rot theory, there are several ways to arrive at pieces of the output sets using data from the input sets exclusively. For example, in set 1: Code:
240-136 = 104 239-251 = -12 (or 256-12) -> 244 So, position 7 minus position 8 equals position 5. This works for both sets. Look at it like this: I7-I8=O5 (input position 7 + input position 8 = output position 5) I did also find that I5+I6=O6 in both sets. ---------------- WHAT NEXT? The question then becomes, with this theory, is there a similar way to arrive at "1", "221" and "2" (ignoring 0 and 231 for now, because of their repetion)? I'm not sure if I'm going about this all wrong. I have played a little with XOR on the sets, bit shifting and a few other ideas, but nothing seems to be as probably as the ROT. ANY help or direction would be excellent. Many thanks.
|
|
| Viewing: Dev Shed Forums > System Administration > Security and Cryptography > Crypto Algorithm Question - Searching for algorithm, arriving at a dead end |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
 |
|
|
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
