Hi All,

I would like to resurrect this RC4 thread.

Has there been any progress on this?

I believe that a full key variable brute force retrieval within OP25 would raise way to many eyebrows. I believe a better idea would be two fold:

First modify OP25 to decrypt ADP, DES-OFB, AES256 etc with a known key. I believe the code was discussed by Steve and Matt. So if you know the key variable, simply enter it and decrypt away.

Second, modify OP25 to display the non-dropped “silence” bytes within the 6 blocks of data of VC1 & VC2. I believe this should be located in the first LDU1 frame right after the Header frame. Do this for ADP, DES-OFB, AES-256. Obviously the number of silence bytes would vary per algorithm.

That would be very valuable.

thanks,

Joe

On Feb 10, 2015, at 7:14 PM, matt.robert80@yahoo.com [op25-dev] <op25-dev@yahoogroups.com> wrote:

I think its possible and would be great to have in OP25 (seeing as this project is where these flaws were originally discovered and published)...

I addition the software be tweaked to produce known plaintext and ciphertext pairs for DES-OFB key recovery as well - leaving the computational problem up to the user.

One thing though - adding ADP and DES to the code will result in a massive increase of people downloading and building OP25, plus the extra attention it will get us... We should make sure our web server is bulletproof before releasing such a beast ;)

Cheers,
Matt

__._,_.___

Posted by: Joseph Cardani <jcardani@verizon.net>

Reply via web post

•

Reply to sender

•

Reply to group

•

Start a New Topic

•

Messages in this topic (14)

Visit Your Group

• Privacy • Unsubscribe • Terms of Use