#61
|
|||
|
|||
Be my guest
|
#62
|
||||
|
||||
Thank's for sharing ECC Source contextrax!
Excuse me for my ignorance but, how to calculate the 8 ecc_curve_array[] parameters of an armadillo protected application? |
#63
|
|||
|
|||
Quote:
They are the hamming weight, A in the koblitz curve equation (y^2 + xy = x^3 + Ax^2 + B), point order and cofactor. The last four is the x,y coordinate for the base point and public point in polynomial base. Armadillo uses a 32 bit's seed for the base point so you will have to use arma source code to calc these values. They are however i the Type 2 Optimal Normal Base and you will have to do base conversion of them to go to x^113+x^9+1 But for testing speed or making a linux or GPU version then this is not necessary. The test curve that I use have A in the equation set to "0". This result in a different curve used for testing only. The order of this curve is 0x2000000000000000480DCA1242B1C and contains the factors: Prime factor : 2 - (2 bits) Prime factor : 2 - (2 bits) Prime factor : 18B9 - (13 bits) Prime factor : 1A89A0F - (25 bits) Prime factor : 31F1F2A998BD31AF391 - (74 bits) (Found by schoof2 from miracl library. "schoof2.exe 0 1 113 9") This makes is pretty good for testing (coz of the low order) and the test curve base point has a order of 0x31F1F2A998BD31AF391. (74 bit) You will also notice that the equivalence classes is maintained in all these subgroup (They all contain 113*2 as factors of p-1) which of course is typical for a koblitz curve. For base conversion you could make a matrix B=[1, b, b^2....,b^(m-1)] (m=113 for this base) Multiplying b^m*B^-1 should give you a polynomial base and to go from this base to x^113+x^9+1 you can use one of the 113 roots. For root finding you can use magma or sage or some other algo if you want to make one yourself. Hope this helps. Last edited by contextrax; 02-20-2018 at 03:17. |
The Following 4 Users Say Thank You to contextrax For This Useful Post: | ||
alekine322 (10-25-2018), Apuromafo (03-04-2019), cjack (02-25-2018), tonyweb (02-25-2018) |
#64
|
|||
|
|||
Hello! This is really cool, but isn't Armadillo discountinued? I am asking because I couldn't find it's homepage anymore.
|
#65
|
|||
|
|||
Yes that is true but there is still allot of programs that uses it for protection and for licensing coz of the "unbreakable" elliptic curve system they use
|
#66
|
||||
|
||||
Hi Contextrax, I have a VERY BAD target that I'm trying to reverse since a lot of time! The problem here is that it use A LOT of protected executables, so, maybe, the right way will be attacking the ECDSA certificate itself
Need support to calculate the last 4 ecc_curve_array[] parameters. If you can help I'll extract the public certificate and post it here asap. I think that a tool to calculate the 8 ecc_curve_array[] parameters will be AMAZING Last edited by cjack; 09-14-2018 at 13:50. |
#67
|
|||
|
|||
Quote:
|
#68
|
||||
|
||||
Yes sure! Here the link:
h**ps://mega.nz/#!V8RFxCDL!7JYuUUybRoJelyZwNvp8yB-LmkBGKEeJA_uUjfmxNls I've put into the zip just the registration app and a trial key (expired on november 2017 but if you set the clock back it'll work). As serial number use the string "Evaluation". Hope to start the bruteforcing soon Curious to see how many time will take! |
#69
|
|||
|
|||
Quote:
We used like 6 months last time so unless you have access to a lot of CPU's this will take forever. |
#70
|
|||
|
|||
can u share the target?
|
#71
|
|||
|
|||
Quote:
What is more important in bruteforcing - CPU GHz speed or # of cores? |
#72
|
||||
|
||||
Quote:
You have tried to use your models to find the protection system of flex_LM It also uses an ECC protection system. (If I'm wrong, please correct me) |
#73
|
|||
|
|||
Yes, but flex uses more stronger ECC
Last edited by RedLord; 10-26-2018 at 14:54. |
#74
|
|||
|
|||
Quote:
x64dbg (no plugins) hide command bp in 00402A90 as hw bp and start to check is posible use the values (provided) or any fake. here must be the end: Quote:
BR, Apuromafo |
#75
|
|||
|
|||
About the importance of privatevalue in the example before exposed:
generating a licence for apuromafo for x86+x64 (is the same cert shortv3 lv10) -> tool:ATK 0.4 Ecdsa Public: 1570789295,4089747062247003654720736468506441,10111618751385367037406972360317044 (Curve SEED : 1570789295 Base Point x : 4089747062247003654720736468506441 Base Point y : 10111618751385367037406972360317044) Private:1984557253727814641989266002264698 name:apuromafo Sym:BDA4FA1C press generate and see: name:apuromafo serial:000017-MC8PXU-6U3PC3-3V93J6-Y9MCJ5-7GF1E8-TRWK3F-JUGJV6-4QFZNC-TW0YVM in advanced log Quote:
BR, Apuromafo |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Replacing ECDSA in Target (arma) | Mynotos | General Discussion | 3 | 11-22-2019 00:49 |