Closed earthnuker closed 5 years ago
Hello,
I think this is something that mfoc already have and is used no matter of a nested or hardnested attack.
Please, correct me if I'm wrong.
BR
El 10 de agosto de 2019 17:39:08 CEST, Earthnuker notifications@github.com escribió:
Hi,
would it be possible to check the recovered key against all (uncracked) sectors after running a hardnested attack? This would speed up the recovery in case of key-reuse.
Best regards,
Earthnuker
-- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/vk496/mfoc/issues/5
-- Enviado desde mi dispositivo Android con K-9 Mail. Por favor, disculpa mi brevedad.
0 | 0? | 0 | Brute force benchmark: 359 million (2^28.4) keys/s | 140737488355328 | 5d
0 | 0? | 0 | Using 235 precalculated bitflip state tables | 140737488355328 | 5d
348 | 3A | 1358 | Apply bit flip properties | 76356050944 | 4min
354 | 3A | 1359 | Apply Sum property. Sum(a0) = 128 | 34363326464 | 2min
357 | 3A | 1362 | Apply bit flip properties | 34363326464 | 2min
380 | 3A | 1362 | Starting brute force... | 34363326464 | 2min
607 | 3A | 1362 | Brute force phase completed. Key found: aabbccddeeff | 0 | 0s
Using AVX2 SIMD core.
time | trg | #nonces | Activity | expected to brute force
| | | | #states | time
-------------------------------------------------------------------------------------------------------------
0 | 0? | 0 | Start using 8 threads and AVX2 SIMD core | |
0 | 0? | 0 | Brute force benchmark: 291 million (2^28.1) keys/s | 140737488355328 | 6d
0 | 0? | 0 | Using 235 precalculated bitflip state tables | 140737488355328 | 6d
343 | 4A | 1310 | Apply bit flip properties | 76356050944 | 4min
350 | 4A | 1311 | Apply Sum property. Sum(a0) = 128 | 34363326464 | 2min
355 | 4A | 1314 | Apply bit flip properties | 34363326464 | 2min
355 | 4A | 1314 | (Ignoring Sum(a8) properties) | 34363326464 | 2min
379 | 4A | 1314 | Starting brute force... | 34363326464 | 2min
613 | 4A | 1314 | Brute force phase completed. Key found: aabbccddeeff | 0 | 0s
From the output it looks like it ran hardnested twice without checking for key reuse, so it recovered the same key twice for two different sectors.
When i have time i can implement the improvement and submit a PR, i already have a patch that does something similar but runs libnfc_crypto1_crack
instead of the hardnested code from PM3
Best regards,
Earthnuker
Hi,
would it be possible to check the recovered key against all (uncracked) sectors after running a hardnested attack? This would speed up the recovery in case of key-reuse.
Best regards,
Earthnuker