From frank@funcom.com Tue Nov 9 13:23:29 1999 Date: Thu, 28 Oct 1999 12:57:37 +0200 (CEST) From: Frank Andrew Stevenson To: livid-dev@livid.on.openprojects.net Subject: [Livid-dev] Working PlayerKey cracker In response to feedback from yesterdays post I have now refined my attack in the following ways: The CSSdecrypt key can now be recoverd with only 5 bytes of known output. Sometimes multiple keys will be found to a single output, due to colissions in the mixing stage. But this is not a problem when recovering KEKs ( Key encryption Keys ), as all keys found will be equivalent / interchangable. There has been some debate around the 'hash function'. I choose to view it as a very simple encryption function. With 5 byte input, 5 byte output and 5 byte key. When searching for a player key, the input / output is known. The cipher can then be attacked with a complexity of 2^8. Code for the key recovery is given below. This cipher has many colissions, and some input outup pairs have no keys, while others have multiple. The latter is a concern when searching for Player keys, as they have to be eliminted by checking agains other discs. I have attached a program that works as follows: hippopotamus:~/tmp> time ./keyrec 22 e1 67 83 72 0f c1 7a 96 98 Recovering Key Possible mangling key: af c9 07 42 1f Possible Player key 51 67 67 c5 e0 Possible Player key 69 d2 e3 92 ae 5.000u 0.010s 0:05.44 92.0% 0+0k 0+0io 87pf+0w Here 2 equivalent player keys are recovered from the input: 22 e1 67 83 72 - Disc key output: 0f c1 7a 96 98 - intermediate key, common for all player keys The process takes 5.5 seconds on a PPro200, somewhat slower now that only 5 bytes are known in the keystream. If this works, as I hope it will, I will leave it as an exersice to the reader to recover all player keys :-) frank -------------- This is how to recover the 'hashing key' -------- static int unmangle ( unsigned char* in , unsigned char *out ) { unsigned char A[5]; unsigned char B[5]; unsigned char C[5]; unsigned char k[6]; int i,j; /* Recover mangling key */ memcpy( A, in, 5 ); memcpy( C, out, 5 ); k[5] = 0; for( i=0 ; i < 256 ; i++ ) { k[4] = i; for( j = 4 ; j >= 2 ; j-- ) { B[j] = k[j] ^ CSStab1[ A[j] ] ^ A[j-1]; B[j-1] = CSStab1[ B[j] ] ^ k[j] ^ C[j]; k[j-1] = A[j-2] ^ CSStab1[ A[j-1] ] ^ B[j-1]; } B[0] = CSStab1[ B[1] ] ^ k[1] ^ C[1]; k[0] = B[0] ^ CSStab1[ A[0] ] ^ B[4]; if( ( CSStab1[ B[0] ] ^ k[0] )== C[0] ) { printf( "Possible mangling key: %02x %02x %02x %02x %02x\n", k[0], k[1], k[2], k[3], k[4] ); } } return 0; } ----------- The following is the complete sourec for ------ ---------------- player key cracker ------------------------ begin 640 keyrec.c.Z M'YV0(]*X&<.F#IDR('C,H4,FS1L7:'PT4!!P8,&#"1?*$7@&HD2*`@D:1,AC M#)T\<,IXG%A1)$:%#-FD$;-2P<2%8>BD&0.BCILY:H5;)\=$V\VU'"`'Z.]<(SNTL-45X\= M/8[R>,:P#S]_#/H8VEWC(9,C>/_76Q4&0U:%T?`?'C`<2$.`>.1`X'XX!!?A M:P_"P"`-$R*8(0T/YK"5?C.0X9F(FUU5F`QA%68#B8^Q:(.)>-R0HF%C>%;C M9C/V)=F-C_%HPXPW7*4?&2SFP"(9,,(P(PTLPL`B#3#F,",9/.;`(QDSP@`C M#3S"P",-,^8@)'38'1C#@34PB,.#8QR(PX%C,!C#@S5D&$.&-3R(`X-C9(A# MAF,\*!4+0X*7`WADP`<#>C2`!P-X-,"7`WIDS)?#?&2@!P-\-,P'PWPTH)=# M?F1*MU@,B]5`&@ZBC;$8#HN-05H,HM5P6@RG^;4=:6.5(9H9Q&X&W@W@S0"? M#.C9`)X,X-D`WPWHS3#?#?/-@)X,\-DPGPSSV8#>#:06>Z`9!^KE6!@/EG%@ M&`>6P:`9#XJ1H1D9/K4P@V5D&$:&93QHQH>EUL!B#"S6`",.,X[!(@XLC@%C M##/6P&,,/-8P(PXPCL$C#CR.,6,,8Q;+HADLB@%C&#,2M3"+9,.!,S`HPX,V'"C#@38P>,.#,V1X0X8S/"@# M@S9D*$.&-CQX`\G%@F<&>&+`%P9Z98`7!GAEP&<&>F+,9\9\8J`7!GQES!?& M?&6@9X89$YV5E@(XL=733T$-5=1<==W%E%,R\.478`H(5NJ`CEG8NZ:Y99ED M<8X>"$.&QO7N:9-=*MJ9?N=5=ZJ@<@H+'LW5S3SK?&=69R=\N%9WB8 MCB>*!N_Y>JN]+V4LRL`CO^>?]O;Y?I,&,*&ESB#:#.F:T0Q@I"_'',:`=&.0 MN@QXFA`9D$.GEG,W#Q# MN,),*CBQZ1"#?!,<0X4I2KVQU(%RD*%1!> M[;C)3ZN:#\RV\S/X_(I_Q:H6XJ@&H\PYQEB?K!B#$O?);"4-:Z2IW"<39L%2 M,6UA2]N6XQX4!@8M;F'/8M'7%J:X;SW,8\M2SY!(4RG'\,>8&4J4,8=SI"M1 M:C8/(@.#B&-,1$U)B&UR3)^TR:OZQ"QH\.F5-MG$)_2X2ILMZUFK5%BJT3D& M6^\\FM6F9;F#76Q:QK5F0:YA M'&/<#$J'%IN@;BT[6=U;7"<7NMA%*;,SUA;2)`/KZF#M&G-I5J8=RIU*'B`8-.Q2I4;[K5F%:5IS05*QZBBM2I=O6L1$VK M4;/:UK)25:5H#>M(VK7AMTU/TD%;!P_6I1 M&4M7QTY5IY$5[(K4RE;+VO6MB96L7"G+U[H>]JY,S>M@25O8OOX5I8&=[!M+ MZ]G38C:TFGUJ:TW[VMNF5K&KG>UN:^M.WYH/N)LE;&=IXU;(XE:VC66N78UK MU>2R=KF/A6UFH5M9Z=H60;$=K7"QVUSM/E>\T0TJ=55KW?$:MK?@W2YZNZO> M^)YWL>YU;4[M^UO1XC>]E^7O9MAW]SD,IM7QF@F5 M+G*8Z:SG%X^.HJ=+74;=TKJXP.ZC>'$*#6SWEQX$)L:%+!";]$9+MC5,4!VB M4S3I5C'!B2PK2O73A@#E-X\!#F1VZB.>DHFWC-GM8JU$Z:*'P2UB9MHCF@YTS+*MTC,'ZX]25[:E MGL$(?7C8FF2X-K,HP4AEQB1@)\\H-2$Z:3M/BEG\=.DBJ)VL2"D[$HL<"%4N M'DU$2GW5;F)%F6=9)EJGBDVJ9K.8`T)5C<>RXNY6=1Q>Z6]92DSHK'I#&A:: M-H*?),T7MUHN!(&GD04:S[L<%R_(7<]0/T14NA!W+L.Q$Z66Y%0XUZ6X?G$. M?)*:(7R4N1GXD#(QDB.=`DQG45&WA75P>9U'99>7&K#:I/J9,Q:A"I\%OD;X MP0$^0273^_/M/H.Y[]U^#^<9VAM0]BV$?75<+QG6GT_U&3R]HVY/>L^D4H+$ MU'F<5QV:)QF8=SZ6MT&[TCNEARQI]$F-QW@MI'C2TRV'ATOG0W@9)'B](WG1 M@30C\DE[IWET% M4G$?*'"?!'#&Y&]J%3T"I6\+@V_:9&_;H2D$UT[Q]DGO9DSM)DC5H6X[LC#G MIDWE1DF],V];!6Z?Y&W&Q&W!H6T+Q40+8VWHE$'3UCOBUD[/]DG-ADPMI&S> MTRW'MC#%IDW#MAW($VU;Y6NAA$#&I&O!@6O=8FL+0VOCE$%Z4B$P`&K-AU$\ M80=OD`9%`5(',0=C(`=AT`9BP`9E@`(:56K2%SLJL`9ED`<@D`*O!AVD%GU& MX09(00=;00==00=?00=A00=700``+F,2`>29$GF9)1T04S.0,]@`(J@`(H`))Q(9(JD`(HD)(K(`,ID)0S M20,]8)$F<`,YV90SH`(RL`(XT`(8.9,UT`,P4%$@\)5@^95PL!$0:08`*0)+ M<)"I@Q`Y`0(X(0=TH`,@4`*Z@0=SN2AV2911F"0(B\`9U0`=P\)AR*0*'.1AF\`9R`)!IP)4@L`-&D1`@,">=:10K ML`().1@GE0`8V0,@E1>U0Y%=X`6MZ10SL`42B9.#H9HRT)0QX`,^$`,>J9HQ ML),H()$F$`,IP`,\@`,IX`59F9NK.9M*8YLT@)O0H9HV0)P^N9T6Z9LST)P6 MF0*^B9S.^9V^R9SE*9X^4`,I8`)E%9P6N9,6J9S,R0<<"9_9*9VKQI'6F0"J M60,KT)0VL`+/>9V)699G295@I`)\UX)L]@`,>V0>#<:!TL)@B MT)>4&:&EJ(HFJ(JNJ(LVJ(J,!$@\*(*$*-?205H@!!$D`9V M0(]LZ0:O\P9N$`=U4`9VD1--,09K`*,R2J,@0`1EL*.]4A1AX*,@<`<;00=T M4`9N``)B@)!&H(]NL`8@$`0N``),\:1:.@=`JJ1*^I4`:09@N@9`8`8^,09O MT`8N8*=M<)HSJ@)?*05EX(]A,`=Q`:0@$`8@<`10P`0@(!.]\A-EP*9]ZJ*4 M6JF6BJ(O$&KP^)!((04^P01F,`=R(`-"\#5K<`=U009SH)D0"0)V,#MP.3M9 M"I@BZ09G"@=SD)`@H#M?"91%(9*":9$L<)\PRJE&P0)J0)(S&IB&>9*OVA2Q MNA9EX)4@<)F9^9DG"0.CF0:@::M9BJO;6IJZRJM@*9$@<)(6"0(F`).'1:U? MF:XG"9#IZIL@@`.5N:Q?2:(@T#ES@)!T\`9R\0;`<:A4>CD+L:]NX)AG@`9< M*@>/&3F8V2MNV3ER,!?5BIEK'7J@:=LP:> M"0(T"P(8NJQK^Y5D2P=U(`=;:I$5M;9JD1.C!GT<=6H/:0=YL6HM:YUWJSKR M2(^RDX^F2J0`Z:L=51=^"@=,0;;[")B,R[F-GV7F[G] M6`9",*[%RKC`.I$5>9$9N9$=>;J>&[)(X094(`=Y0*VHVZIV,`13VA"5DJ74 M*I)IH*SYZJ=44`8'2P=T@128J[EE$`1&D:N(FA)RT`:/B;>&.K+%V@9ET`:$ M2@>LZK>J!IA9`0(M:[0FJYGG"I/;RK)^$:ZF*;,"(;Y9LP4@T+RC&P1;D`8M MV9(G"9QHNZS6JK[9VKX\8+[OZYEI$+-&L9CS^[?VRZTM&0+_:[HEJZ$<"@5$ M:KT89:A$*@>8Z:'H^Y5E@`=I`+X@T`)A"Z)L>SK%^Y`GG`9A(!-Z@!#*BQ#S M2Z2$"@)O8`:!Z;PT$*,D^Y4#C*WLJ\#NZ[(*S,`/K&KVB[^;N[_]N[[#Z\+I M"P*T:[OKJZV>F<4(><`ODD-*C,6UFP<,3*[O&K8GZ<4@0*_V^K,QV95I2Y'K MR\8ZVZYSW*PPJ;4:N<7$"Y;Z>L)$FA,(,09I``&J1/L*YJKTE6\3<6L!(?,"&N<3Q.[,E^\)A M0`9V,*42B\F:'+8)6[TSC)"D?+2!R932^9HE)9NI)E*WJ;7ONIL2.9[(')C# MZ9/&B9ST"9XTT,RK"<6D2YW6ZA!D4`<2RY'J&I@U(,1IB[3K"[F4W#EM M$,$@@)-A>NQ-3BA1B<,(\[,.VO,DH'9:[V[OT2,CK"P*>Z@:@ M*JJD:JJH*@>J*J^&"9B&R<)A*=``V=4^^M4;>\?'HZM?R[XRB\;E:IA\<)+L M:B$#4M@+[NRKMU_;L(@=?V M*K-[K:U]+<\>S9A&$`9IX(]%\ID^ M412TK:$\_)B0C+QUP`9(4=,U&\3XG-AVC1`MS5'+I=T.0-YB9=WN9<>2KYXH-!\@`)>?)XIP`)>[,_NM-G4 M#=8G+>1@>=J4"0)0X-1`,;IZS@9AD`=$BI('>9<+:NAA?N@BC>AE3L:V>YZ` M^>8"$N<8B;4^#)C%&<1LKJYV]0>KS08@<`8ZBA!@2@9W MVN-S\.-TD*L>B\5`BNL@T!#('NV'JMP"$9E!3K*#FU%\B^O8+LI1<0/^RY@6 M4AE0XBYOXA0N$SE<``,BH*S.9ZQ(4,)"H+%E0`5OD`00"9"2?+"6"P=.4`?\ M..BEO:Q\.Q?!VZIR\,<6BZYOP`9O<`>*>[\'G_!RL)(MN=MV\;\NZZ?(:H?(`.?,NWU&Z*O,E7.[:SL+%^K9QNZ5V@==9^\+S.\.&V^T\3NQL8.QT M4>OW"\+?++%G4!>5`6NMPR=13>@8R@=NO/A"QOJ6TW;MR MH8](2NAY,`>D?.\BZ1-MNOKBQV[ARX*<"4=D!Z9"6ZYA(L?"]^OA\J[\U ML-&5.WWV_?FXR_G3-P0C!?JF'SMKL`5_\?!(D0;(^L?Z"JAV2O=VC]MY?P:$ M?]WY)!K+)M?)*[?^YMB+TG^[;^DD/\`8/<3@$#O)/6_%E!2 MZ%\!M%\3$.@MP/?W_U!)/>&?UK?4#O):&^J:"U6E\(/$D@ M<`%>0/P7`C?@%JA.?TS%+2:`-`-CH`E,@![O*Z6`O8;Z0F#[NW-9+H/QN9G@ MZA:?[N,(A,_+B;E%1P6G(%YJ="ZP"P`F%*@%41)?Z(*M;P:`P1OX\9H92$%< M2"KCK0'`I)_88#$+8KLMGI6LMF7JIEX9@%MR:X^%*(N2ZOQ4$U!M6XI.\3V' M(+)(EDA:?`*!52&%NG`&:@3D\U.,T`YL@8_WXHQ5%5M6H2]V"(34M[[V`$P2 M"P0"*ZBMTK=1/E?LP'R<\"1YPE#("D>A%1-HC)`G;+C_M<(JH5A*@F>I"LR! M,,#VO%RNP@-V"1B"`&%(#.U2'D!(QQ`$),-EB)``4H["1[VOI16!@6"[X`#( M:E)I8`Z(*>N6`AI=)`R"<;#'X4&_!YR*5:DS97X,^VTW^.7=MI8;<&?I+M_A M@7V7I?P=P$-AWW"!`;UPB`H_4SS4=_S.'@:\;7<&).$"^POHJ]2I.HIEL:Q5 G[ZMI>,[VO0&Z!P5EG&XK?4X0[_TCX[?C,A^ULH/C$""1MKHEHBP* ` end This sentence is unique in this respect; it can safely be attributed to my employer, Funcom Oslo AS. E3D2BCADBEF8C82F A5891D2B6730EA1B PGPmail preferred, finger for key There is no place like N59 50.558' E010 50.870'. (WGS84) _______________________________________________ Livid-dev maillist - Livid-dev@livid.on.openprojects.net http://livid.on.openprojects.net/mailman/listinfo/livid-dev