Speaking outloud, so slap me...

Trying to further the development of the Android on the Revue? Talk about it hear and document it on the wiki: http://www.wiki.gtvhacker.com

Moderator: Revue Mod

AZImmortal
Android 1.0
Posts: 32
Joined: Fri Sep 02, 2011 9:29 pm
GTV Device Owned: Logitech Revue

Re: Speaking outloud, so slap me...

Post by AZImmortal »

webdude12 wrote:I think you missed my point of how we brute forced and that where I did say we got lucky. The idea is not to start a 0 and count up, but in turn methodically randomly pick key and try them. After a key has been test and fails, randomly pick another one.

Not saying it would get the key, but saying that people play the lottery every day with random numbers and every once in a while some one win a million dollars. I personally have 4 computers at home that are on 24 hours a day, but used maybe 10 tops. So if I can make them process some tests with the off chance I might hit the lottery then why not.

That's my whole point. But without having the formula to test generated keys aganist, I can't even play. :-)
Ok, seriously, I'm not trying to be mean, but reading each of your replies makes me cringe. You don't seem to understand exactly how many combinations we're dealing with here. Even if you devised a magical method that could somehow exclude 99% of the possible combinations (which you CAN'T do with random keys), that would still leave 1% of the combinations. Reality (the user who has been replying to this thread so far) already gave an optimistic example that it would take 120,989 years to crack 184 bit encryption, so if we take 1% of that, it would be 1,210 years, and this is only with 184 bit. You still need to double the time with each incremental bit.

Do people win the lottery? Sure, but the odds that every single person on Earth can win the lottery every single day for the rest of their lives are better than the odds are that you can brute force 256 bit encryption.
Discovered wrote:See that is a good point.
No, it's not.
Discovered
2.2 Froyo
Posts: 232
Joined: Thu Dec 08, 2011 9:57 am
GTV Device Owned: Logitech Revue

Re: Speaking outloud, so slap me...

Post by Discovered »

"I got all day", haha no really. I know what you mean but IF it happened it would be nice.
LGVM670 - CM 9
IPhone 3GS - IOS 5.1.1
Revue - HC 3.2
Aspire 3000 - JoliOS
webdude12
Android 1.0
Posts: 13
Joined: Sat Dec 03, 2011 9:09 pm
GTV Device Owned: Logitech Revue

Re: Speaking outloud, so slap me...

Post by webdude12 »

You guys seem to think that I am 100% thinking this will get us the key. Im am on your side as far as the chances of getting the key are next to impossible. My whole point of this, was the same as when we cracked the 64bit key with the other group.

1. Brute forcing the key starting at 0 and going up would never happen.
2. The chances of us finding the key using a random key selected from a database are slim to none. But we as a small group have exhausted all our other knowledge on how to get past the security on the device and we had computers sitting idle for several hours a day, why not attempt it.

Like I said at around a 100 keys a second, with 20 of us, we got lucky. Damn Lucky. I know that. Yes we are dealing with a longer key (much longer), but in turn we can also process a lot more keys per second. Billions per second if we use the gpu. Does that really increase our odds any. No. Not at all. But again, while we are waiting for the others to security hole in the software, what would hurt if a few of us let our computers do some work while idle?

My idea is to just give the computer the best chance at finding the key, even though its a near impossibility.

I will be the first to admit. I know absolutely zero about android, the bootloader, etc. And dont really have the time to research it long enough to even start to look for security flaws. I came from a hobby where we beat the hell (Glitched) out of the processor to give up its secret. Without unmounting the chip from the board, thats not really an option here. But even then, after we had the raw code, its was all pure assembly language.

What I do know is most of the web based languages and some C+ / C# / ASM. So even if I do find the key, I am not going to know what to do with it. But why the "Experts" are hunting down security flaws, why not let me others play. Its not going to hurt you. If you do not want to participate dont. I will release the code if and when its ever written so anyone can run it, but its not like I am saying if you do not run this, I am going to shoot your dog.
Reality
Android 1.0
Posts: 3
Joined: Wed Dec 07, 2011 3:08 pm
GTV Device Owned: Logitech Revue

Re: Speaking outloud, so slap me...

Post by Reality »

AZImmortal wrote:Reality (the user who has been replying to this thread so far) already gave an optimistic example that it would take 120,989 years to crack 184 bit encryption, so if we take 1% of that, it would be 1,210 years, and this is only with 184 bit. You still need to double the time with each incremental bit.
I've actually only quoted time for 114-bit encryption. We're not even half way. If I was quote 184-bit encryption, then 128 bit encryption would be feasibly cracked in a life time. Which its not either. Your point's still valid, though.

webdude12 wrote:I think you missed my point of how we brute forced and that where I did say we got lucky. The idea is not to start a 0 and count up, but in turn methodically randomly pick key and try them. After a key has been test and fails, randomly pick another one.

Not saying it would get the key, but saying that people play the lottery every day with random numbers and every once in a while some one win a million dollars. I personally have 4 computers at home that are on 24 hours a day, but used maybe 10 tops. So if I can make them process some tests with the off chance I might hit the lottery then why not.

That's my whole point. But without having the formula to test generated keys aganist, I can't even play. :-)
I think you missed my point, where math.

webdude12 wrote:You guys seem to think that I am 100% thinking this will get us the key. Im am on your side as far as the chances of getting the key are next to impossible. My whole point of this, was the same as when we cracked the 64bit key with the other group.

1. Brute forcing the key starting at 0 and going up would never happen.
2. The chances of us finding the key using a random key selected from a database are slim to none. But we as a small group have exhausted all our other knowledge on how to get past the security on the device and we had computers sitting idle for several hours a day, why not attempt it.

Like I said at around a 100 keys a second, with 20 of us, we got lucky. Damn Lucky. I know that. Yes we are dealing with a longer key (much longer), but in turn we can also process a lot more keys per second. Billions per second if we use the gpu. Does that really increase our odds any. No. Not at all. But again, while we are waiting for the others to security hole in the software, what would hurt if a few of us let our computers do some work while idle?

My idea is to just give the computer the best chance at finding the key, even though its a near impossibility.

I will be the first to admit. I know absolutely zero about android, the bootloader, etc. And dont really have the time to research it long enough to even start to look for security flaws. I came from a hobby where we beat the hell (Glitched) out of the processor to give up its secret. Without unmounting the chip from the board, thats not really an option here. But even then, after we had the raw code, its was all pure assembly language.

What I do know is most of the web based languages and some C+ / C# / ASM. So even if I do find the key, I am not going to know what to do with it. But why the "Experts" are hunting down security flaws, why not let me others play. Its not going to hurt you. If you do not want to participate dont. I will release the code if and when its ever written so anyone can run it, but its not like I am saying if you do not run this, I am going to shoot your dog.
Look in to setting up mass scale automated software testing. Send crash reports to people who know what to do. Or learn more and find bugs.
AZImmortal
Android 1.0
Posts: 32
Joined: Fri Sep 02, 2011 9:29 pm
GTV Device Owned: Logitech Revue

Re: Speaking outloud, so slap me...

Post by AZImmortal »

Reality wrote:
AZImmortal wrote:Reality (the user who has been replying to this thread so far) already gave an optimistic example that it would take 120,989 years to crack 184 bit encryption, so if we take 1% of that, it would be 1,210 years, and this is only with 184 bit. You still need to double the time with each incremental bit.
I've actually only quoted time for 114-bit encryption. We're not even half way. If I was quote 184-bit encryption, then 128 bit encryption would be feasibly cracked in a life time. Which its not either. Your point's still valid, though.
Whoops, I don't know why I typed 184 instead of 114.
havikx
1.6 Donut
Posts: 146
Joined: Mon Aug 08, 2011 8:14 pm
GTV Device Owned: Logitech Revue
Location: New Jersey, SEVEN3II

Re: Speaking outloud, so slap me...

Post by havikx »

based on threads title... i feel i can speak of things i have no knowledge about.


that said, it seems one system would take more than a lifetime to crack the encryption on the revue. it'd be comparable to hitting the lottery. a very very expensive lottery. with lots of other possible numbers.

what if every1 set up their system to run automated key tests? one system would take practically forever. would it matter how many machines you had running this tests? would say... the gtv hacker forums member roster's machines work better?

if it does, i have a pc and a mac i could run all damn day. 2 machines more.

and if none of this applies, please don't flame me! just speaking out loud.
HTC one s - cm10 jellybean unofficial
T-mobile g1 - cm6
T-Mobile g2- andromadus ics beta
T-Mobile hd2- cm9 by tytung
HP touchpad- CM9 alpha 2
Logitech revue- OTA downgrade 3.1
Member xda forums
AZImmortal
Android 1.0
Posts: 32
Joined: Fri Sep 02, 2011 9:29 pm
GTV Device Owned: Logitech Revue

Re: Speaking outloud, so slap me...

Post by AZImmortal »

havikx wrote:based on threads title... i feel i can speak of things i have no knowledge about.


that said, it seems one system would take more than a lifetime to crack the encryption on the revue. it'd be comparable to hitting the lottery. a very very expensive lottery. with lots of other possible numbers.

what if every1 set up their system to run automated key tests? one system would take practically forever. would it matter how many machines you had running this tests? would say... the gtv hacker forums member roster's machines work better?

if it does, i have a pc and a mac i could run all damn day. 2 machines more.

and if none of this applies, please don't flame me! just speaking out loud.
Could you try? Sure, knock yourself out. To give you another example of what you're up against, here's a snippet from Wikipedia's article on brute-force attack:
Breaking a symmetric 256-bit key by brute force requires 2128 times more computational power than a 128-bit key. A device that could check a billion billion (10^18) AES keys per second (if such a device could ever be made) would in theory require about 3×10^51 years to exhaust the 256-bit key space.
The world population is currently just over 7 billion, so let's say that each of the 7 billion people in the world had two non-existent super-computers capable of running through 10^18 keys per second that they can dedicate to the cause. 14 billion non-existent super-computers at our disposal would mean that it would only take us about 2x10^41 years to run through the entire 256-bit key space. I would suggest that you get a few friends to join in.
Jigoku
Android 1.0
Posts: 6
Joined: Wed Nov 16, 2011 7:40 pm
GTV Device Owned: NSZ-GT1 (Bluray Player)

Re: Speaking outloud, so slap me...

Post by Jigoku »

http://xkcd.com/538/

...Anyone know who has the key? I'm sure we all have a wrench lying around. It would be much cheaper and faster.
1xNSZ-GT1 Sony Blu-Ray Player with GoogleTV
2xLogitech Revue (Working)
1xLogitech Revue (Bricked)
Discovered
2.2 Froyo
Posts: 232
Joined: Thu Dec 08, 2011 9:57 am
GTV Device Owned: Logitech Revue

Re: Speaking outloud, so slap me...

Post by Discovered »

Haha I wish it was that easy.
LGVM670 - CM 9
IPhone 3GS - IOS 5.1.1
Revue - HC 3.2
Aspire 3000 - JoliOS
Post Reply