Page 2 of 2 FirstFirst 12
Results 16 to 25 of 25

Thread: Seed Key and Algorithms

  1. #16
    This Forum deals with matters of reverse-engineering.

    You may find the Advanced Programming/Reversing subforum appropriate.

  2. #17
    in the end it all may be a "wash", which would be easier... figuring out what the alogo is or figuring out how to extract the code from the ECU... i would have to assume the ECU is some form of "protected" MPU/CPU. some are ease to glitch/hack... and some are near impossible, requiring decaping the chip and using microprobes to watch the line and "steal" the programming...

    but from what it sounds like with LLXX already "seeing" a texture to the alogo, you might want to invest more time in the alogo approach... also if you can give some details on the hardware/brains used, that could help...

    for what its worth...

    who needs sleep... will get all the sleep i need when i am dead...

  3. #18

    i have been doing a little thinking on my commute to and from work... and there is something i must have missed... you are obtaining these code key pairs from somewhere.... am i to assume you are "watching" the interaction from a dealers system talking to the ECU or is it something you have created that is running the routine to generate these key pair responses? and if this is a "dealers" system... why have you not attempted to hack it?

    this one second delay it takes to get a key pair... where is the delay coming from? your equipment, the dealers equipment, or the ECU?

    again i have to assume it is not your own routine that is getting the key pair or you would already know the alogo...

    i just want to make sure i understand the entire process... i have also looked more closely at the posts you have given with the example key pairs and there is a pattern there (assuming the are real)... but where did they come from in sequencial order, or did you get lucky and just so happen obtain these from snooping the lines between a dealer system and the ECU... if these are not luck from watching the lines... how did you force the sequencial order? the way i understand your communication between the systems is that the ECU provides the "challange" and your device has to give the correct "response" for communications to go any futher...

    what am i missing? i know, a clue...

    i would just hate for this to drop, because "we" dont fully understand the project that you have been working on for a long time and fully understand...

    who needs sleep... will get all the sleep i need when i am dead...

  4. #19

    I think if you read back your very first message carefully from the point of view of an outsider you'll find it a little hard to understand what you're aiming at too.

    With that said, I agree with korvak in that some more information about the dealer's system and where and how exactly you're snooping these values would be useful.

    If LLXX's educated guess is correct and an LSFR is being used to generate the values, you may be able to use something like that Berlekamp-Massey Algorithm to find the original values that are being used to generate the sequence. It's something I've had some luck with in the past. Perhaps you could provide us some more key pairs in sequence to work with?
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  5. #20
    Does any friend has an idea for this?
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  6. #21
    Quote Originally Posted by oakville View Post
    Does any friend has an idea for this?
    I can provide over 65535 samples if any friend needs to find the algorithm
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  7. #22
    This is a classic black box problem and actually sounds quite interesting.

    Sometimes these hidden algorithms are simple LSFR's as was suggested earlier, other times complex Feistel ciphers.

    I'd suggest a basic paper analysis of certain patterns of bits (0x0, 0xF, 0xFF, 0xFFF, 0xFFFF etc). Some of the early dongle black boxes were broken by simple pattern forming or playing with shifts/xors/rotates and so on.

    Hope the original poster found an answer. Theres always paying a company to completely take apart the silicon (starts at about $20,000 from recollection).



  8. #23

    Thumbs up WOW!

    This thread seems to have lot of heat! ...
    Well not sure what's goin on here, When you guys don't have the clue then how can a common man like me understand whats it all about but I like the way convo goin on here. cool man!
    I like it. Its enjoyable! love you guys!

    cya, have fun

  9. #24
    We didn't have a clue because we had no idea what he was talking about.

    Now if he said "I'm trying to work out this challenge/response algo - when the challenge is X, the response is Y, and heres a few dozen samples", its quite easy to know what they expect, but when they say things like "there is a 4 byte Algorithm that you have to send a command to", it makes me go "WTF?".

    I got what he was meaning later on (and so did others), but he appeared to have left well before then, thinking no one knew what a byte was...

    Just a case of he didn't know how to talk to a group of geeks

  10. #25

    seed&key algorithm


    Maybe we can provide the service (seed&key algorithm) please give us the e-amil If you need.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

Similar Threads

  1. Algorithm for Seed Key
    By croudfreak in forum RCE Cryptographics
    Replies: 2
    Last Post: May 28th, 2011, 08:25
  2. Hardlock E-Y-E dumped...incorrect Seed?
    By trcharlie in forum The Newbie Forum
    Replies: 12
    Last Post: February 22nd, 2008, 19:01
  3. A Framework for Hash Algorithms Analysis
    By evilcry in forum Blogs Forum
    Replies: 0
    Last Post: October 15th, 2007, 22:38
  4. Seed Code for Hasp 4
    By seed in forum Advanced Reversing and Programming
    Replies: 3
    Last Post: March 25th, 2004, 04:11
  5. Replies: 37
    Last Post: March 11th, 2003, 09:24


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts