Re: A89: Re: faking a rom


[Prev][Next][Index][Thread]

Re: A89: Re: faking a rom




I had been talking with several people about this. I think the general
idea that was the product of my talks was that the public key is
512-bits, the tigcc docs talks about this. But that the private key most
likely only 128bits. I believe though the the 512 bits is mangaled(sp?)
down to a smaller bit count with some the bignum math functions that are
in the rom.

Juan Corral wrote:
> 
> Just one question, why are "we" all of sudden assuming that the key is
> 512-bits?  I think it's a far, more reasonable number (*hint*) something
> like 24-64-bit.  But I'm probably wrong...
> 
> Juan
> TI-Net @ http://www.tinews.net
> 
> ----- Original Message -----
> From: "Robin Kirkman" <misty@drrobin.yi.org>
> To: <assembly-89@lists.ticalc.org>
> Sent: Saturday, June 03, 2000 3:04 PM
> Subject: A89: faking a rom
> 
> >
> > i just thought of a way to reduce the amount of brute forcing for
> generationg
> > your own ROM from 2^512 to 2^68...
> >
> > I make the assumption that the 512bit checksum is really just 8 RC5
> checksums
> > (64bits each), that was then encrypted w/ RSA.
> >
> > I also make the assumption that the checksums are sequential, eg:
> >
> > There is 1mb of FlashRom.
> > There are 8 checksums.
> > the 1st 128kb are used for checksum 1
> > the 2nd 128kb are used for checksum 2
> > the 3rd 128kb are used for checksum 3
> > etc..
> >
> > rather than trying to brute force the RC5, which has not only a big key
> size,
> > but is slow, instead focus on the rc5.
> > essentially, i can change that first 128kb of flashrom any way i like,
> provided
> > that the rc5 checksum for it is the same as the rc5 checksum for the
> original.
> > since an rc5 checksum is 64 bits, and each bit of the input is equally
> likely to
> > change any bit on the output...
> > leave 8 bytes (64 bits) that you are going to brute force with. run the
> rc5 on
> > that 1st 128kb with different values for those 64bits, and eventually, you
> will
> > get an rc5 checksum that matches the original!
> >
> > on average, brute forcing one of the rc5 checksums will take 2^63
> operations.
> > on average, brute forcing all 8 will take 2^66 tries.
> >
> > this is within the limits of modern day computing!
> > if we can write our own rom image with correct checksums, we can, for
> example,
> > modify it to not check the checksums on applications... thereby removing
> the
> > necessity to purchase TI's SDK.
> >
> > anyone else got ideas for this?
> > --robin
> >

-- 
Scott "Wrath" Dial
wrath@calc.org
ICQ#3608935
Member of TCPA - tcpa.calc.org
_____________________________________________
NetZero - Defenders of the Free World
Click here for FREE Internet Access and Email
http://www.netzero.net/download/index.html



References: