From a81b99b9b1fbd8eae9f819a2d997a2cef0e2efea Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Tue, 5 Apr 2016 04:49:34 +0200 Subject: [PATCH] ADD: @zhovner 's decryption of trace data to mfkey64 --- tools/mfkey/example_trace.txt | 63 +++++++++++++++++++++++++++++++++++ tools/mfkey/mfkey64.c | 42 +++++++++++++++++++++-- 2 files changed, 103 insertions(+), 2 deletions(-) diff --git a/tools/mfkey/example_trace.txt b/tools/mfkey/example_trace.txt index 83dd157c..5a8a521a 100644 --- a/tools/mfkey/example_trace.txt +++ b/tools/mfkey/example_trace.txt @@ -23,3 +23,66 @@ :: ./mfkey64 9C599B32 82A4166C A1E458CE 6EEA41E0 5CADF439 ./mfkey64 52B0F519 5417D1F8 4D545EA7 E15AC8C2 5056e41b + +### Communication decryption + + +RDR 26 +TAG 04 00 +RDR 93 20 +TAG 14 57 9f 69 b5 +RDR 93 70 14 57 9f 69 b5 2e 51 +TAG 08 b6 dd +RDR 60 14 50 2d +TAG ce 84 42 61 +RDR f8 04 9c cb 05 25 c8 4f +TAG 94 31 cc 40 +RDR 70 93 df 99 +TAG 99 72 42 8c e2 e8 52 3f 45 6b 99 c8 31 e7 69 dc ed 09 +RDR 8c a6 82 7b +TAG ab 79 7f d3 69 e8 b9 3a 86 77 6b 40 da e3 ef 68 6e fd +RDR c3 c3 81 ba +TAG 49 e2 c9 de f4 86 8d 17 77 67 0e 58 4c 27 23 02 86 f4 +RDR fb dc d7 c1 +TAG 4a bd 96 4b 07 d3 56 3a a0 66 ed 0a 2e ac 7f 63 12 bf +RDR 9f 91 49 ea + + +./mfkey64 14579f69 ce844261 f8049ccb 0525c84f 9431cc40 7093df99 9972428ce2e8523f456b99c831e769dced09 8ca6827b ab797fd369e8b93a86776b40dae3ef686efd c3c381ba 49e2c9def4868d1777670e584c27230286f4 fbdcd7c1 4abd964b07d3563aa066ed0a2eac7f6312bf 9f9149ea + +Recovering key for: + uid: 14579f69 + nt: ce844261 + {nr}: f8049ccb + {ar}: 0525c84f + {at}: 9431cc40 +{enc0}: 7093df99 +{enc1}: 9972428ce2e8523f456b99c831e769dced09 +{enc2}: 8ca6827b +{enc3}: ab797fd369e8b93a86776b40dae3ef686efd +{enc4}: c3c381ba +{enc5}: 49e2c9def4868d1777670e584c27230286f4 +{enc6}: fbdcd7c1 +{enc7}: 4abd964b07d3563aa066ed0a2eac7f6312bf +{enc8}: 9f9149ea + +LFSR succesors of the tag challenge: + nt': 76d4468d + nt'': d5f3c476 + +Keystream used to generate {ar} and {at}: + ks2: 73f18ec2 + ks3: 41c20836 + +Decrypted communication: +{dec0}: 3014a7fe +{dec1}: c26935cfdb95c4b4a27a84b8217ae9e48217 +{dec2}: 30152eef +{dec3}: 493167c536c30f8e220b09675687067d4b31 +{dec4}: 3016b5dd +{dec5}: 493167c536c30f8e220b09675687067d4b31 +{dec6}: 30173ccc +{dec7}: 0000000000007e178869000000000000c4f2 +{dec8}: 61148834 + +Found Key: [091e639cb715] \ No newline at end of file diff --git a/tools/mfkey/mfkey64.c b/tools/mfkey/mfkey64.c index 8bb59ecc..b09eeaeb 100755 --- a/tools/mfkey/mfkey64.c +++ b/tools/mfkey/mfkey64.c @@ -22,23 +22,42 @@ int main (int argc, char *argv[]) { printf("Recover key from only one complete authentication!\n\n"); if (argc < 6) { - printf(" syntax: %s \n\n",argv[0]); + printf(" syntax: %s <{nr}> <{ar}> <{at}> [enc...]\n\n", argv[0]); return 1; } + int encc = argc - 6; + int enclen[encc]; + uint8_t enc[encc][120]; + sscanf(argv[1],"%x",&uid); sscanf(argv[2],"%x",&nt); sscanf(argv[3],"%x",&nr_enc); sscanf(argv[4],"%x",&ar_enc); sscanf(argv[5],"%x",&at_enc); - + for (int i = 0; i < encc; i++) { + enclen[i] = strlen(argv[i + 6]) / 2; + for (int i2 = 0; i2 < enclen[i]; i2++) { + sscanf(argv[i+6] + i2*2,"%2x", (uint8_t*)&enc[i][i2]); + } + } + printf("Recovering key for:\n"); + printf(" uid: %08x\n",uid); printf(" nt: %08x\n",nt); printf(" {nr}: %08x\n",nr_enc); printf(" {ar}: %08x\n",ar_enc); printf(" {at}: %08x\n",at_enc); + for (int i = 0; i < encc; i++) { + printf("{enc%d}: ", i); + for (int i2 = 0; i2 < enclen[i]; i2++) { + printf("%02x", enc[i][i2]); + } + printf("\n"); + } + // Generate lfsr succesors of the tag challenge printf("\nLFSR succesors of the tag challenge:\n"); printf(" nt': %08x\n",prng_successor(nt, 64)); @@ -54,6 +73,25 @@ int main (int argc, char *argv[]) { printf(" ks3: %08x\n",ks3); revstate = lfsr_recovery64(ks2, ks3); + + // Decrypting communication using keystream if presented + if (argc > 6 ) { + printf("\nDecrypted communication:\n"); + uint8_t ks4; + int rollb = 0; + for (int i = 0; i < encc; i++) { + printf("{dec%d}: ", i); + for (int i2 = 0; i2 < enclen[i]; i2++) { + ks4 = crypto1_byte(revstate, 0, 0); + printf("%02x", ks4 ^ enc[i][i2]); + rollb += 1; + } + printf("\n"); + } + for (int i = 0; i < rollb; i++) + lfsr_rollback_byte(revstate, 0, 0); + } + lfsr_rollback_word(revstate, 0, 0); lfsr_rollback_word(revstate, 0, 0); lfsr_rollback_word(revstate, nr_enc, 1); -- 2.39.2