Proxmark3 community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

Announcement

Time changes and with it the technology
Proxmark3 @ discord

Users of this forum, please be aware that information stored on this site is not private.

Pages: 1

#1 2009-10-18 04:36:53

rfider
Member
Registered: 2009-01-04
Posts: 15

CRAPTO1:about lfsr_recovery32

I try to recover the states using the function lfsr_recovery32 in crapto1 2.3.

It works fine when I use ks2.

but doesn't when I try ks0(the very first 32bit keystream used for encrypting nT in multiple sector authentication)

key:  0xCE412C3F31BE
uid:  0xce412c3f
nt:   0x3df57cb1
{nt}: 0x7ad0f8ea

I try this code to test the function lfsr_recovery32

#include "crapto1.h"
#include <stdio.h>

int main()
{
  struct Crypto1State *rs;
  uint64_t lfsr;
  uint32_t ks;
  
  rs = crypto1_create(0xFFFFFFFFFFFFULL);
  ks = crypto1_word(rs, 0x12345678, 0);
  
  rs = lfsr_recovery32(ks, 0x12345678);
  for (; rs->odd; rs++) {
    lfsr_rollback(rs, 0x12345678, 0);
    crypto1_get_lfsr(rs, &lfsr);
    if (lfsr == 0xFFFFFFFFFFFFULL)
      printf("found\n");
  }
  return 0;
}

it turns out the key can not be recovered. Is the function able to handle this situation?

Last edited by rfider (2009-10-18 09:56:23)

Offline

#2 2009-10-19 16:37:50

hat
Contributor
Registered: 2009-04-12
Posts: 160

Re: CRAPTO1:about lfsr_recovery32

you're using old code. It's probably a good idea to try it with latest version.

Last edited by hat (2009-11-08 12:34:36)

Offline

Pages: 1

Board footer

Powered by FluxBB