[op25-dev] RC4

historical

I've not much time these days but I'd be happy to comment and provide
pointers. Your suggestion sounds good - I'm sure that Max would accept any
patches that would do what you suggest.

On 6 October 2015 at 12:12, Joseph Cardani jcardani at verizon.net [op25-dev] <
op25-dev at yahoogroups.com> wrote:

>
>
> Hi All,
>
> I would like to resurrect this RC4 thread.
>
> Has there been any progress on this?
>
> I believe that a full key variable brute force retrieval within OP25 would
> raise way to many eyebrows. I believe a better idea would be two fold:
>
> First modify OP25 to decrypt ADP, DES-OFB, AES256 etc with a known key. I
> believe the code was discussed by Steve and Matt. So if you know the key
> variable, simply enter it and decrypt away.
>
> Second, modify OP25 to display the non-dropped “silence” bytes within the
> 6 blocks of data of VC1 & VC2. I believe this should be located in the
> first LDU1 frame right after the Header frame. Do this for ADP, DES-OFB,
> AES-256. Obviously the number of silence bytes would vary per algorithm.
>
> That would be very valuable.
>
>
> thanks,
> Joe
>
>
>
> On Feb 10, 2015, at 7:14 PM, matt.robert80 at yahoo.com [op25-dev] <
> op25-dev at yahoogroups.com> wrote:
>
> I think its possible and would be great to have in OP25 (seeing as this
> project is where these flaws were originally discovered and published)...
>
> I addition the software be tweaked to produce known plaintext and
> ciphertext pairs for DES-OFB key recovery as well - leaving the
> computational problem up to the user.
>
> One thing though - adding ADP and DES to the code will result in a massive
> increase of people downloading and building OP25, plus the extra attention
> it will get us... We should make sure our web server is bulletproof before
> releasing such a beast ;)
>
> Cheers,
> Matt
>
>
>
> 
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osmocom.org/pipermail/op25-dev/attachments/20151006/e08a3734/attachment.htm>