keyspace_search() { int i, j, k; int is = 0, js = 0, ks = 0, ls = 0, ms = 0; for(i = is; i <= 255; i++) { for(j = js; j <= 255; j++) { #pragma omp parallel for for(k = ks; k <= 255; k++) { int l, m; for(l = ls; l <= 255; l++) { for(m = ms; m <= 255; m++) { unsigned char hashBuf[5]; hashBuf[0] = (char)i; hashBuf[1] = (char)j; hashBuf[2] = (char)k; hashBuf[3] = (char)l; hashBuf[4] = (char)m; try_key(hashBuf); } } } } } }
static void TryKnownKeys(void) { // Try the known default keys MFRC522_MIFARE_Key key; for (uint8_t k = 0; k < NR_KNOWN_KEYS; k++) { // Copy the known key into the MIFARE_Key structure for (uint8_t i = 0; i < MF_KEY_SIZE; i++) { key.keyByte[i] = knownKeys[k][i]; } // Try the key if (try_key(&key)) { // Found and reported on the key and block, // no need to try other keys for this PICC break; } } }
int main (int argc, char **argv) { int i; /* Loop index. */ des_key_manager km; /* Key manager. */ double delta = 0, new_delta; unsigned long long key, bestkey, finalkey, mask; int sbox; int k; /************************************************************************/ /* Before doing anything else, check the correctness of the DES library */ /************************************************************************/ if (!des_check ()) { ERROR (-1, "DES functional test failed"); } /*************************************/ /* Check arguments and read datafile */ /*************************************/ /* If invalid number of arguments (including program name), exit with error * message. */ if (argc != 3) { ERROR (-1, "usage: ta <datafile> <nexp>\n"); } /* Number of experiments to use is argument #2, convert it to integer and * store the result in variable n. */ n = atoi (argv[2]); if (n < 1) /* If invalid number of experiments. */ { ERROR (-1, "number of experiments to use (<nexp>) shall be greater than 1 (%d)", n); } read_datafile (argv[1], /* Name of data file is argument #1. */ n /* Number of experiments to use. */ ); /***************************************************************************** * Compute the Hamming weight of output of first (leftmost) SBox during last * * round, under the assumption that the last round key is all zeros. * *****************************************************************************/ /* per ogni cipher provo tutte le combinazioni dei primi 6 bit della key // medio i tempi dei cipher reali che dopo la sbox hanno hamming 0 e 4 // delta tra le due medie // cambio key e riprovo, terro la key che ha delta maggiore // ripetero per le box successive */ /* for every SBox */ finalkey = 0ULL; for(k=0; k<1; k++){ for (sbox = 7; sbox >= 0; sbox--){ mask = 63ULL << (42 - 6*sbox); finalkey &= ~mask; /* printf("mask :%012" PRIx64 "\n", ~mask); */ for (i = 0; i < 64; i++){ key = ((unsigned long long) i) << (42 - 6*sbox); new_delta = try_key(finalkey | key, sbox); if (new_delta > delta) { delta = new_delta; bestkey = key; } } delta = 0; finalkey |= bestkey; /*printf("finalkey:%012" PRIx64 "\n", finalkey);*/ } } /******************************************************************************* * Try all the 256 secret keys under the assumption that the last round key is * * all zeros. * *******************************************************************************/ /* If we are lucky, the secret key is one of the 256 possible with a all zeros * last round key. Let's try them all, using the known plain text - cipher text * pair as an oracle. */ km = des_km_init (); /* Initialize the key manager with no knowledge. */ /* Tell the key manager that we 'know' the last round key (#16) is all zeros. */ des_km_set_rk (km, /* Key manager */ 16, /* Round key number */ 1, /* Force (we do not care about conflicts with pre-existing knowledge) */ UINT64_C (0xffffffffffff), /* We 'know' all the 48 bits of the round key */ finalkey ); /* Brute force attack with the knowledge we have and a known * plain text - cipher text pair as an oracle. */ if (!brute_force (km, pt, ct[0])) { /* //printf ("Too bad, we lose: the last round key is not all zeros.\n"); */ } free (ct); /* Deallocate cipher texts */ free (t); /* Deallocate timings */ des_km_free (km); /* Deallocate the key manager */ /* printf("\n****\nReal key was: e59dcd40dc51b56d\n */ return 0; /* Exits with "everything went fine" status. */ }