Hi All,
I would like to resurrect this RC4 thread.
Has there been any progress on this?
I believe that a full key variable brute force retrieval within OP25 would raise way to
many eyebrows. I believe a better idea would be two fold:
First modify OP25 to decrypt ADP, DES-OFB, AES256 etc with a known key. I believe the code
was discussed by Steve and Matt. So if you know the key variable, simply enter it and
decrypt away.
Second, modify OP25 to display the non-dropped “silence” bytes within the 6 blocks of data
of VC1 & VC2. I believe this should be located in the first LDU1 frame right after the
Header frame. Do this for ADP, DES-OFB, AES-256. Obviously the number of silence bytes
would vary per algorithm.
That would be very valuable.
thanks,
Joe
On Feb 10, 2015, at 7:14 PM, matt.robert80(a)yahoo.com
[op25-dev] <op25-dev(a)yahoogroups.com> wrote:
I think its possible and would be great to have in OP25 (seeing as this project is where
these flaws were originally discovered and published)...
I addition the software be tweaked to produce known plaintext and ciphertext pairs for
DES-OFB key recovery as well - leaving the computational problem up to the user.
One thing though - adding ADP and DES to the code will result in a massive increase of
people downloading and building OP25, plus the extra attention it will get us... We should
make sure our web server is bulletproof before releasing such a beast ;)
Cheers,
Matt