PRS-500 Analysis of USB trace for flashing Reader

[TadW]

I think the key is encoded in SubjectPublicKeyInfo format, as used by OpenSSL when exporting public key binary blobs. Then for instance for a 1024-bit RSA keypair, SubjectPublicKeyInfo encoding is 162 bytes compared to 140 bytes for the RSAPublicKey encoding.

[scotty1024]

Quote:

Originally Posted by VladSukhoy

> SHA-1 isn't that secure anymore, can be broken quite easily.
not easily at all - 2^69 operations were still required as I remember..

http://it.slashdot.org/article.pl?si...id=172&tid=218

I believe a crack could be done in a reasonable time, for a reasonable price, using a few of the latest generation Xilinx Virtex 5 FPGA's to create a "multi core" cracker engine.

http://www.xilinx.com/products/silic...tex5/index.htm

[VladSukhoy]

Want to start collecting donations for those Xilinx FPGA's? =)

[scotty1024]

Found this article interesting: http://ieeexplore.ieee.org/xpls/abs_...nt=20&index=13

[scotty1024]

Links to more papers on fun with SHA-1.

http://theory.csail.mit.edu/~yiqun/pub.htm

[TadW]

If you haven't updated yet, here is how I would do it:

1. generate a new RSA keypair
2. patch UsbUpdater with the new public key (so involves no code patching)
3. replace UsbUpdater in cramfs.Fsk
4. sign both cramfs.Fsk and cramfs.Rootfs using the new private key and insert results in checksum
5. run the update

[igorsk]

Well, if you didn't update yet, you can just replace UsbUpdater with the old one.

[TadW]

True, you could do that. But then you might run into problems with future updates that expect UsbUpdater from the current update.

[Corwin]

More intresting is to patch UsbUpdater to bypass RSA checks at all

offset 0x9b14 BEQ 9b5c->B 9b5c (info from russian community, not mine)

[TadW]

Corwin I prefer replacing a the RSA key as it doesn't involve any code patching. Of course a code patch has the benefit of not requiring any further image signing.

[igorsk]

Quote:

Originally Posted by TadW

True, you could do that. But then you might run into problems with future updates that expect UsbUpdater from the current update.

Don't think so. I expect all future updates to be compatible with the original release. Current updater does check which version of UsbUpdater is running on the device and sends checksum or signature accordingly.

[doctorow]

Patching UsbUpdater or replacing it with the old one is trivial (see my earlier posts with the disassembly).

Getting the patched file on a device that has already been updated is what we should focus on here.

[igorsk]

Don't worry, we're working on that

[doctorow]

How about sharing the fruits, igorsk?

[scotty1024]

Quote:

Originally Posted by TadW

If you haven't updated yet, here is how I would do it:

1. generate a new RSA keypair
2. patch UsbUpdater with the new public key (so involves no code patching)
3. replace UsbUpdater in cramfs.Fsk
4. sign both cramfs.Fsk and cramfs.Rootfs using the new private key and insert results in checksum
5. run the update

Your unit would then reject updates from Sony.

The only clean fix for the USB Updater is to out a SHA-1 private key.