[op25-dev] RC4

Joseph Cardani jcardani@verizon.net [op25-dev] op25-dev at yahoogroups.com
Tue Oct 6 02:12:21 UTC 2015

Hi All,

I would like to resurrect this RC4 thread. 

Has there been any progress on this?

I believe that a full key variable brute force retrieval within OP25 would raise way to many eyebrows. I believe a better idea would be two fold: 

First modify OP25 to decrypt ADP, DES-OFB, AES256 etc with a known key. I believe the code was discussed by Steve and Matt. So if you know the key variable, simply enter it and decrypt away. 

Second, modify OP25 to display the non-dropped “silence” bytes within the 6 blocks of data of VC1 & VC2. I believe this should be located in the first LDU1 frame right after the Header frame. Do this for ADP, DES-OFB, AES-256. Obviously the number of silence bytes would vary per algorithm.  

That would be very valuable. 



> On Feb 10, 2015, at 7:14 PM, matt.robert80 at yahoo.com [op25-dev] <op25-dev at yahoogroups.com> wrote:
> I think its possible and would be great to have in OP25 (seeing as this project is where these flaws were originally discovered and published)...
> I addition the software be tweaked to produce known plaintext and ciphertext pairs for DES-OFB key recovery as well - leaving the computational problem up to the user.
> One thing though - adding ADP and DES to the code will result in a massive increase of people downloading and building OP25, plus the extra attention it will get us... We should make sure our web server is bulletproof before releasing such a beast ;)
> Cheers,
> Matt

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osmocom.org/pipermail/op25-dev/attachments/20151005/f3fd06bf/attachment.html>

More information about the op25-dev mailing list