From email@example.com Thu, 28 Oct 1999 12:57:37 +0200 (CEST)
Date: Thu, 28 Oct 1999 12:57:37 +0200 (CEST)
From: Frank Andrew Stevenson firstname.lastname@example.org
Subject: [Livid-dev] Working PlayerKey cracker
In response to feedback from yesterdays post I have now refined
my attack in the following ways:
The CSSdecrypt key can now be recoverd with only 5 bytes of
known output. Sometimes multiple keys will be found to a
single output, due to colissions in the mixing stage. But
this is not a problem when recovering KEKs ( Key encryption
Keys ), as all keys found will be equivalent / interchangable.
There has been some debate around the 'hash function'. I choose
to view it as a very simple encryption function. With 5 byte
input, 5 byte output and 5 byte key. When searching for a
player key, the input / output is known. The cipher can then be
attacked with a complexity of 2^8. Code for the key recovery
is given below. This cipher has many colissions, and some
input outup pairs have no keys, while others have multiple.
The latter is a concern when searching for Player keys, as
they have to be eliminted by checking agains other discs.
I have attached a program that works as follows:
hippopotamus:~/tmp> time ./keyrec 22 e1 67 83 72 0f c1 7a 96 98
Possible mangling key: af c9 07 42 1f
Possible Player key 51 67 67 c5 e0
Possible Player key 69 d2 e3 92 ae
5.000u 0.010s 0:05.44 92.0% 0+0k 0+0io 87pf+0w
Here 2 equivalent player keys are recovered from the
input: 22 e1 67 83 72 - Disc key
output: 0f c1 7a 96 98 - intermediate key, common for all player keys
The process takes 5.5 seconds on a PPro200, somewhat slower
now that only 5 bytes are known in the keystream.
If this works, as I hope it will, I will leave it as an exersice
to the reader to recover all player keys :-)
-------------- This is how to recover the 'hashing key' --------
----------- The following is the complete sourec for ------
---------------- player key cracker ------------------------
[Compressed File Removed]
This sentence is unique in this respect; it can safely
be attributed to my employer, Funcom Oslo AS.
E3D2BCADBEF8C82F A5891D2B6730EA1B PGPmail preferred, finger for key
There is no place like N59 50.558' E010 50.870'. (WGS84)