Results 1 to 8 of 8

Thread: LFSR-based cypher analysis

  1. #1

    Question LFSR-based cypher analysis

    Hi,
    I'm analysing an hardware device (a dongle key) than seems to be using a linear feedback shift register (LFSR) cypher. I am quite sure it uses LFSR because i obtained similar results simulating 2 LFSR in cascade mode.

    The device contains a certain number of 16bits cells who could be programmed once from the vendor in order to obtain different cypher algorythms (2 cells = 1 algorythm).

    I found the algorythm is based on 2 'seed' values than depends from the 2 'cell' content (a dump obtained with some of those values follows).

    My purpose is to find the exact correlation between the 2 'cell' values and the 'seed' values.

    Does anyone has any suggestion about how to analyze the problem ?
    Thx for any reply

    cell#1, cell#2, seed#1, seed#2
    0x0000, 0x0000, 0x5001E000, 0x40018000
    0x0000, 0x0001, 0x500D6004, 0x40038000
    0x0000, 0x0002, 0x505CE010, 0x40058000
    0x0000, 0x0003, 0x50606014, 0x40078000
    0x0000, 0x0004, 0x526BE040, 0x40098000
    0x0000, 0x0005, 0x52C76044, 0x400B8000
    0x0000, 0x0006, 0x53B6E050, 0x400D8000
    0x0000, 0x0007, 0x532A6054, 0x400F8000
    0x0000, 0x0008, 0x4195E100, 0x40118000
    0x0000, 0x000F, 0x49FE6154, 0x401F8000
    0x0000, 0x0010, 0xD629E400, 0x40218000
    0x0000, 0x0080, 0xD140E000, 0x41018000
    0x0000, 0x0600, 0x5F51E000, 0x4C018000
    0x0000, 0x1000, 0x7C01E000, 0x60018000
    0x0000, 0x2000, 0x1001E000, 0x00018000
    0x0000, 0x3FFF, 0x43333554, 0x3FFF8000
    0x0001, 0x0000, 0x2FFFE000, 0x40007FFE
    0x0002, 0x0000, 0x68787999, 0x8CCCD554
    0x0003, 0x0000, 0xCBE5BFA5, 0xE28A36DA
    0x0004, 0x0000, 0x9014015E, 0x11451248
    0x0005, 0x0000, 0xFCA66C14, 0xD37A4B96
    0x0006, 0x0000, 0xE09EE788, 0xF25ECE9C
    0x0007, 0x0000, 0x03EC13F3, 0xF4B4B332
    0x0008, 0x0000, 0x61853184, 0xD0909110
    0x000F, 0x0000, 0xDF267CF3, 0x98360C62
    0x0010, 0x0000, 0x0381A538, 0x04110420
    0x0100, 0x0000, 0xD05DC296, 0x48058200
    0x1000, 0x0000, 0x5411CE80, 0x4401A000
    0x2000, 0x0000, 0x4101AC00, 0x5001C000
    0x3FFF, 0x0000, 0xC018000B, 0x80060002
    0x0001, 0x0001, 0x0DDD0666, 0xEAAA7FFE
    0x0001, 0x0002, 0xC1148665, 0x15547FFE
    0x0001, 0x0003, 0xD0066003, 0xBFFE7FFE
    0x0001, 0x0004, 0xA753866A, 0xEAA87FFE
    0x0002, 0x0001, 0xD2C2CFAF, 0xAEEED554
    0x0002, 0x0002, 0x21316D8D, 0xC888D554
    0x0002, 0x0003, 0xABBBDBBB, 0xEAAAD554
    0x0003, 0x0001, 0x779E7451, 0x400036DA
    0x0003, 0x0002, 0x3F5AAC84, 0xA79E36DA
    0x0003, 0x0003, 0x80116770, 0x051436DA
    0x0004, 0x0004, 0x52D80B3E, 0x934D1248
    0x0005, 0x0005, 0x5ECE0E98, 0x59F84B96
    0x0006, 0x0006, 0x177FB7EB, 0xFD92CE9C
    0x0007, 0x0007, 0xB7859609, 0xC282B332
    0x0008, 0x0008, 0x71013094, 0xC0809110
    0x000F, 0x000F, 0xE7F9F71E, 0x00500C62
    0x0010, 0x0010, 0xE5A12338, 0x84310420
    0x0080, 0x0080, 0x10416140, 0xC0008100
    0x0600, 0x0600, 0xD64E3E7B, 0x8C518C00
    0x1000, 0x1000, 0x7891CE80, 0x6401A000
    0x2000, 0x2000, 0x0501AC00, 0x1001C000
    0x3FFF, 0x3FFF, 0x00000006, 0x00000002

  2. #2

    hi

    just curious is that a sspro standard dongle your working on?

  3. #3
    Quote Originally Posted by Sab
    just curious is that a sspro standard dongle your working on?
    Hardlock I'd say ;-).

    Regards

    CrackZ.

  4. #4
    הבּרוּ נשׂאי כּלי יהוה mike's Avatar
    Join Date
    Mar 2001
    Posts
    491
    If it's really an LFSR, then you can use the Berlekamp-Massey algorithm.

  5. #5
    Hi mike,
    Very thanks for your suggestion.
    I found a C/C++ implementation on www.qualcomm.com.au/UsefulStuff.html, i'll try this one...
    Quote Originally Posted by mike
    If it's really an LFSR, then you can use the Berlekamp-Massey algorithm.
    About the 'sample' values, yes, there are from an SSPRO dongle using the 'standard' (not 'enhanced') query mode.
    The 'standard' algo is completely useless in order to emulate a 'real' dongle, but it's still useful to guess the original content of cells in range 00-07 (write & override pwds).
    Quote Originally Posted by Sab
    just curious is that a sspro standard dongle your working on?
    Regards,
    SaPu

  6. #6

    lsfr

    sspro std algo has been laying around for sometime now hidden . If you try checking out some dumpers for it (not spath type) you might find the answer inside rather then going through B Massey. -Sabbbbbrrrrr22orijdskflksdf

  7. #7
    Nope, B&M doesn't work.
    In fact, the B&M algorythm could be used to retrieve the LFSR feedback from a sequence of MULTIPLE results obtained with the SAME feedback value.
    In my case, i have a list of SINGLE results obtained with DIFFERENT feedback values.
    Does anyone has another suggestion ???

    Quote Originally Posted by mike
    If it's really an LFSR, then you can use the Berlekamp-Massey algorithm.

  8. #8

    who.?

    sapu. see pm, send me an email or send me ur email.

Similar Threads

  1. Dbgeng based Handles
    By blabberer in forum Blogs Forum
    Replies: 0
    Last Post: January 29th, 2013, 21:15
  2. # PRNG based on REP STOS
    By nezumi-lab in forum Blogs Forum
    Replies: 0
    Last Post: February 11th, 2009, 03:17
  3. #773: bug in IDA-Pro [fails to debug zero-based PE]
    By nezumi-lab in forum Blogs Forum
    Replies: 0
    Last Post: May 14th, 2008, 12:13
  4. Internet based protection
    By nimadismal in forum The Newbie Forum
    Replies: 3
    Last Post: January 22nd, 2005, 01:25
  5. Help determining cypher...
    By FEARHQ in forum RCE Cryptographics
    Replies: 6
    Last Post: June 3rd, 2002, 23:51

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •