Results 1 to 7 of 7

Thread: Advanced RSA, ECC and crypto keygenning...

  1. #1
    x30n-
    Guest

    Advanced RSA, ECC and crypto keygenning...

    Why arn't there any tutorials for this stuff? Now days it seems like CORE, DAMN, and TMG are the only guys that know how to crack this stuff. Why don't they put out tutorials?? They chose not to share their knowledge?

    Does anyone have any links on this kind of stuff? For new programs? I would love to learn about crypto keygenning... but I cannot find a place to start!!

    Thanks guys.
    x30n-
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  2. #2
    Sab
    Guest
    think tE runs a crypto site with source etc.. also topic in #tmg's channel topic was 'Need ECC info/sources ? -> http://www.manning.com/Rosing/'

    hrm.. thats about all i know off the top of my head theres more im sure...
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  3. #3
    Sab
    Guest
    http://egoiste.cjb.net/ forgot the link heh..
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  4. #4
    Spath.
    Guest
    Ok, you have to realize a few things :

    1) These people are no crypto geniouses :
    they did not invent new methods to break
    the algorithms, they either use the methods
    that are public, or sometimes they find
    attacks against specific implementations of
    these algorithms. Some of these latter attacks
    are smart and elegant, but they don't question
    the strengh of the algorithms themselves.

    2) If you're interested in the algorithms, the
    cryptanalysis methods are public and
    described in the crypto litterature, and most
    of them can be found for free on the internet.
    Understanding some of these cryptanalysis
    methods require very advanced math
    background, but anybody can use the
    implementations of these methods. For
    instance, when many crackers explain they
    'broke RSA', it actually means that they just
    ran a QS program they understand nothing
    about for a few dozen hours.

    3) If you are looking for implementations
    attacks, there are plenty of different ones ;
    therefore, I would suggest you to first
    understand how the existing ones are done
    by studying the keygens and also going on
    IRC to discuss with these guys (or others,
    new keygen tricks are known quite fast on
    IRC). As I said, there are plenty of different
    ones, and talent and imagination will be
    required to find new ones.

    4) Why they don't make tutorials ? As a
    non-technical and heavily subjective question,
    I think only these people can answer properly
    to it.

    Spath.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  5. #5
    agoutinz
    Guest
    idaw.exe c:\keygen.exe
    and get the private private key X Or P and Q
    they are always in clair !
    but diassamble first the target to get the
    modulus N for rsa or p g y
    /screendump c:\keyz
    for example thematic chroma
    x=6A60524225B9
    get the egoiste source code
    miracl lib and play avec ces pirates.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  6. #6
    Kythen
    Guest
    For some good info on ECC (Elliptic Curve Crypto) check out the tutorial and other info at http://www.certicom.com/research.html

    Also, do check out the link to the Manning book above. It's a great resource for ECC info.

    I can maybe find a spot an post a short paper I did for my number theory class on ECC as well if enough ppl want it.

    HTH

    Kythen
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  7. #7
    הבּרוּ נשׂאי כּלי יהוה mike's Avatar
    Join Date
    Mar 2001
    Posts
    491
    Public key keygen is going to work one of two ways, both of which have their weaknesses.

    One way is to have encrypted code. You have to type in the key to decrypt it, which is impossible if you don't know the key. There might be a way to brute force it if they chose *really* small parameters, but usually they don't. However, once the code is decrypted, it can, of course, be dumped to disk, at which point you can make a version w/out encryption.

    Another way is to use it as a hash function: decrypt the key using RSA and see if it matches a built-in string. This one is easy: generate your own keypair and replace the key in the app. Encrypt the string it's comparing against under your other key.

    All crypto can do for you in an app is prevent someone from brute-forcing a valid key. It's not a magic wand or a silver bullet. If you want functionality that no one can reverse-engineer, it has to run on a processor over which the cracker has no control.

Similar Threads

  1. FlexLM keygenning question
    By john in forum Advanced Reversing and Programming
    Replies: 3
    Last Post: April 26th, 2014, 09:51
  2. Help doing inline keygenning....
    By EJ12N in forum The Newbie Forum
    Replies: 9
    Last Post: May 7th, 2004, 14:20
  3. Struck in keygenning
    By hell in forum The Newbie Forum
    Replies: 2
    Last Post: March 19th, 2004, 01:51
  4. Finding RSA Constants for keygenning...
    By foxthree in forum RCE Cryptographics
    Replies: 3
    Last Post: April 12th, 2002, 09:45
  5. RSA keygenning
    By DinDon in forum Advanced Reversing and Programming
    Replies: 10
    Last Post: December 18th, 2000, 05:01

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •