Reverse Engineering Team
Unregistered, You must accept the Forum Rules below to be able to use some forum functions.

Read forum rules below...

1. All posts must be written in English.
2. Don't spam/abuse any other member via E-mail or Private Messages.
3. Have phun!

For breaking above rules you may be warned/banned appropriately!

Join the forum, it's quick and easy

Reverse Engineering Team
Unregistered, You must accept the Forum Rules below to be able to use some forum functions.

Read forum rules below...

1. All posts must be written in English.
2. Don't spam/abuse any other member via E-mail or Private Messages.
3. Have phun!

For breaking above rules you may be warned/banned appropriately!
Reverse Engineering Team
Would you like to react to this message? Create an account in a few clicks or log in to continue.

Sentinel HL WBAES

+6
maha
b30wulf
nodongle.biz
Techlord
niculaita
califor
10 posters

Page 1 of 2 1, 2  Next

Go down

Sentinel HL WBAES Empty Sentinel HL WBAES

Post by ovis25 Mon Dec 01, 2014 4:18 pm

There is solution to bypass Wba encryption, anyone have such targets can ask PM.


Last edited by ovis25 on Sun Jan 08, 2017 8:09 am; edited 2 times in total

ovis25

Posts : 648
Points : 1234
Reputation : 332
Join date : 2014-06-07

Back to top Go down

Sentinel HL WBAES Empty Re: Sentinel HL WBAES

Post by nodongle.biz Wed Dec 17, 2014 8:01 am

Yes, the emulator with WBAES support is exists. Wink

nodongle.biz

Posts : 390
Points : 456
Reputation : 24
Join date : 2013-05-16
Location : nodongle.biz

http://nodongle.biz

Back to top Go down

Sentinel HL WBAES Empty Re: Sentinel HL WBAES

Post by ovis25 Wed Dec 17, 2014 8:32 am

And how u extract Wbaes key?

ovis25

Posts : 648
Points : 1234
Reputation : 332
Join date : 2014-06-07

Back to top Go down

Sentinel HL WBAES Empty Re: Sentinel HL WBAES

Post by califor Mon Aug 03, 2015 7:07 am

.


Last edited by califor on Tue Aug 11, 2015 11:16 am; edited 1 time in total

califor

Posts : 59
Points : 71
Reputation : -103
Join date : 2015-05-11
Age : 38

Back to top Go down

Sentinel HL WBAES Empty Re: Sentinel HL WBAES

Post by ovis25 Mon Aug 03, 2015 1:07 pm

Wbaes key is set by algorithm if u so smart tell us how u did it?

ovis25

Posts : 648
Points : 1234
Reputation : 332
Join date : 2014-06-07

Back to top Go down

Sentinel HL WBAES Empty Re: Sentinel HL WBAES

Post by b30wulf Thu Aug 06, 2015 7:49 am

Firmware emulator is solution for wbaes

b30wulf

Posts : 18
Points : 39
Reputation : 11
Join date : 2012-01-14

Back to top Go down

Sentinel HL WBAES Empty Re: Sentinel HL WBAES

Post by nodongle.biz Thu Aug 06, 2015 8:06 am

Or complete hasp srm key emulator Smile

nodongle.biz

Posts : 390
Points : 456
Reputation : 24
Join date : 2013-05-16
Location : nodongle.biz

http://nodongle.biz

Back to top Go down

Sentinel HL WBAES Empty Re: Sentinel HL WBAES

Post by ovis25 Thu Aug 06, 2015 9:19 am

And very expensive and has very low practical use because u need extract firmware and for latest LDK keys don't know if possible.

As I know only way is to force old api, or other methods bypassing the new api encryption.

ovis25

Posts : 648
Points : 1234
Reputation : 332
Join date : 2014-06-07

Back to top Go down

Sentinel HL WBAES Empty Re: Sentinel HL WBAES

Post by b30wulf Thu Aug 06, 2015 5:10 pm

@nodongle
Complete srm emulator?
There is no problem making complete srm emulator, problem is wbaes algo extraction.
Would be very appreciated if you can share some weakness in wbaes.

b30wulf

Posts : 18
Points : 39
Reputation : 11
Join date : 2012-01-14

Back to top Go down

Sentinel HL WBAES Empty Re: Sentinel HL WBAES

Post by califor Mon Aug 10, 2015 7:22 pm

b30wulf wrote:@nodongle
Complete srm emulator?
There is no problem making complete srm emulator,  problem is wbaes algo extraction.
Would be very appreciated if you can share some weakness in wbaes.

Hi dear.... 


Nodongle.biz shared??? hahahaha you dream dear Wink




Califor

califor

Posts : 59
Points : 71
Reputation : -103
Join date : 2015-05-11
Age : 38

Back to top Go down

Sentinel HL WBAES Empty Re: Sentinel HL WBAES

Post by niculaita Tue Aug 11, 2015 3:25 am

maybe nodongle.biz has not got it
why if he is an intermediar?

niculaita

Posts : 2
Points : 3
Reputation : 1
Join date : 2012-07-28

Back to top Go down

Sentinel HL WBAES Empty Re: Sentinel HL WBAES

Post by nodongle.biz Tue Aug 11, 2015 3:37 am

HASP SRM key complete emulator is exists since 2009.

nodongle.biz

Posts : 390
Points : 456
Reputation : 24
Join date : 2013-05-16
Location : nodongle.biz

http://nodongle.biz

Back to top Go down

Sentinel HL WBAES Empty Re: Sentinel HL WBAES

Post by Techlord Tue Aug 11, 2015 4:03 am

b30wulf wrote:@nodongle
Complete srm emulator?
There is no problem making complete srm emulator,  problem is wbaes algo extraction.
Would be very appreciated if you can share some weakness in wbaes.

Hello friend,
Please check out this link :

http://rghost.net/private/7F75XxbXg/117bb9c62d1ec8d1219c5b9510f32450

This paper is available publicly but I don't remember where exactly I'd gotten it...

Techlord

Posts : 11
Points : 20
Reputation : 4
Join date : 2013-11-26

Back to top Go down

Sentinel HL WBAES Empty Re: Sentinel HL WBAES

Post by ovis25 Tue Aug 11, 2015 5:07 am

With few exceptions most members can't understand it....

Can u make a brief summary for us ?

Maybe a tutorial how to ?

ovis25

Posts : 648
Points : 1234
Reputation : 332
Join date : 2014-06-07

Back to top Go down

Sentinel HL WBAES Empty Re: Sentinel HL WBAES

Post by Techlord Tue Aug 11, 2015 11:41 pm

ovis25 wrote:With few exceptions most members can't understand it....

Can u make a brief summary for us ?

Maybe a tutorial how to ?

I have uploaded the paper mainly as a reply to the request by @Beowulf.

White Box AES, just like most of the Crypto-based topics, requires a SOLID knowledge and background of the Principles, Mechanisms, Algorithms and Implementations of the underlying fundamentals of Cryptography.

I would recommend this excellent book : Applied Cryptography by Bruce Schneier as a good starter, before one delves into more complicated materials.

Yes, I will try to make a short summary of the above paper when I am free, but even then, unless one has strong background in Crypto Concepts, it would be difficult to understand.

Techlord

Posts : 11
Points : 20
Reputation : 4
Join date : 2013-11-26

Back to top Go down

Sentinel HL WBAES Empty Re: Sentinel HL WBAES

Post by Techlord Wed Aug 12, 2015 5:54 am

Ok guys, will give a very quick and short summary :

Many were asking me to quickly explain what this article means for US, as reversers, and whether the AES key can be "extracted" from a dongle using WBAES.

Disclaimer: I am not an "expert" Very Happy but...

The short answer is YES. Smile

Excerpts from the above paper supporting my answer (Please refer to it as needed) :

1. "We show how DCA can extract the secret key from all publicly (non-commercial) available white-box programs implementing standardized cryptography"
- from "Abstract"

2. "In this paper we show that DCA can be used to eciently extract the secret key from white-box implementations. We apply DCA to all publicly available, as far as we are aware, white-box challenges of standardized cryptographic algorithms; concretely this means extracting the secret key from four white-box implementations of the symmetric cryptographic algorithms AES and DES."
- from 2nd paragraph, page 3


3. "However, as we have shown in this work, all current publicly available white-box implementations (not using remote external encodings) do not even oer any short-term security since the dierential computation analysis (DCA) technique we outlined can extract the secret key within seconds."
- from "Conclusions" on page 18

Now, to answer the burning questions that may come up in your mind Smile

1) SO now we know that we can extract the WB AES key ... Can it be done at home ?

No... At least not unless you invest a little in some good hardware and have good programming/debugging skills.
It can cetainly be done in a small computer lab with an investment of a few thousand dollars.

2) Can the key be extracted from a sentinel dongle for example ? Wink

The answer is given in the last para on page 18, going onto page 19 :

"If medium to long term security is required then tamper resistant hardware solutions, like a secure element, are a much better alternative."


In ENGLISH Smile , this means that it "depends".
If you invest enough money in equipment and resources AND if you have a good knowledge of debugging, then it is very much possible.
But at home, on an old computer ? NO.

In other words, DIRECT extraction of the AES key from the DONGLE ITSELF is NOT what this paper talks about and is effectively very difficult if not impossible.

Also, it is important to note that finally, one DERIVES the key, rather than EXTRACT the key from a dongle.

It is not like, for example, "extracting" pulp or seeds from a fruit Smile
But rather a derivation, if it has to be "got out" from a dongle.

Further,again, from page 18:

"Another potential countermeasure against DCA is the use of external encodings. This was the primary reason why we were not able to extract the secret key from the challenge described in Section 5.5."

These "external encodings" are seen in dongles like hasp which use wbaes and these again prove to be a major hindrance.

However, to overcome that (again from page 18):

"the adversary can obtain knowledge related to the external encoding applied when he observes the behavior of the white-box implementation in the entire software-framework where it is used (especially when the adversary has control over the input parameters used or can observe the final decoded output)."

This again means that since WHITE BOX itself means that we have control over input parameters and can watch the decoded output (ie from the protected program when it runs) AND since we can actually see HOW the algo is implemented (THAT is why it is called "white box" and not "black box" in the first place !), we will be able to figure out the "external encodings" used.
This "figuring out" requires brains as well as money and equipment.

So FINALLY, the answer is a BIG resounding YES. It can be done.

Don't ask me the ACTUAL STEPS now Smile to "get the key out of a dongle"

Techlord

Posts : 11
Points : 20
Reputation : 4
Join date : 2013-11-26

Back to top Go down

Sentinel HL WBAES Empty Re: Sentinel HL WBAES

Post by ovis25 Sun Jan 08, 2017 7:59 am

Solution exist to bypass Wba encryption.

ovis25

Posts : 648
Points : 1234
Reputation : 332
Join date : 2014-06-07

Back to top Go down

Sentinel HL WBAES Empty Re: Sentinel HL WBAES

Post by nodongle.biz Sun Jan 08, 2017 8:03 am

It is only one of possible ways...  Smile

nodongle.biz

Posts : 390
Points : 456
Reputation : 24
Join date : 2013-05-16
Location : nodongle.biz

http://nodongle.biz

Back to top Go down

Sentinel HL WBAES Empty Re: Sentinel HL WBAES

Post by ovis25 Sun Jan 08, 2017 12:47 pm

Please provide other possible ways?

ovis25

Posts : 648
Points : 1234
Reputation : 332
Join date : 2014-06-07

Back to top Go down

Sentinel HL WBAES Empty Re: Sentinel HL WBAES

Post by nodongle.biz Sun Jan 08, 2017 1:15 pm

It is not public solution.

nodongle.biz

Posts : 390
Points : 456
Reputation : 24
Join date : 2013-05-16
Location : nodongle.biz

http://nodongle.biz

Back to top Go down

Sentinel HL WBAES Empty Re: Sentinel HL WBAES

Post by ovis25 Sun Jan 08, 2017 3:11 pm

Firmware emulator ? What other besides this two ?

ovis25

Posts : 648
Points : 1234
Reputation : 332
Join date : 2014-06-07

Back to top Go down

Sentinel HL WBAES Empty Re: Sentinel HL WBAES

Post by b30wulf Sun Jan 08, 2017 7:47 pm

one of the most important things is new vectors

b30wulf

Posts : 18
Points : 39
Reputation : 11
Join date : 2012-01-14

Back to top Go down

Sentinel HL WBAES Empty Re: Sentinel HL WBAES

Post by ovis25 Mon Jan 09, 2017 3:20 am

extracted from firmware or from what?

ovis25

Posts : 648
Points : 1234
Reputation : 332
Join date : 2014-06-07

Back to top Go down

Sentinel HL WBAES Empty Re: Sentinel HL WBAES

Post by maha Sat Sep 30, 2017 5:39 am

Sentinel srm protected software is updated not able to extract the AES key but older version AES key is available with us.
my question is AES key same for old & new version.
maha
maha

Posts : 12
Points : 17
Reputation : 2
Join date : 2017-09-21

Back to top Go down

Sentinel HL WBAES Empty Re: Sentinel HL WBAES

Post by nodongle.biz Fri Oct 06, 2017 12:19 am

Of course the AES keys is different.

nodongle.biz

Posts : 390
Points : 456
Reputation : 24
Join date : 2013-05-16
Location : nodongle.biz

http://nodongle.biz

Back to top Go down

Sentinel HL WBAES Empty Re: Sentinel HL WBAES

Post by Sponsored content


Sponsored content


Back to top Go down

Page 1 of 2 1, 2  Next

Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum