mailRe: [Linux4nano-dev] Update to rc4 key search (optimized)


Others Months | Index by Date | Thread Index
>>   [Date Prev] [Date Next] [Thread Prev] [Thread Next]

Header


Content

Posted by Emmanuel Fleury on September 28, 2007 - 07:14:
mat h wrote:
ok, just give me a bell if you need cpu power.

Anyway what makes you so sure that the key is RC4?

It's not. We have some good clues against it.

Comparing several consecutive encrypted firmwares show us that the same
key is used each time.

In the case of an RC4 (or any stream cipher scheme), it would mean that
we could have some statistical properties poping out when XORing of two
encrypted firmwares (namely we should see something similar to the
statistical property of an ARM binary... As Serpilliere did mention it,
ARM binaries have very specific statistical properties (on the 'command'
part)).

We tried and nothing came out from this, which means that it's very
likely a block cipher scheme (with a fixed key).

Regards
-- 
Emmanuel Fleury

I do not fear computers. I fear the lack of them.
  -- Isaac Asimov



Related Messages


Powered by MHonArc, Updated Fri Sep 28 17:41:05 2007