Sponsored Links

Sponsored Links

Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 27



  1. #11
    Contributor tripellex's Avatar
    Join Date
    Jan 2010
    Posts
    187
    Sponsored Links
    Sponsored Links
    Quote Originally Posted by XiLE View Post
    I don't think tripellex was suggesting that Sony used an MD5 hash

    I think he meant that as we now have access to encrypted and unencrypted versions of the same file, you could generate an MD5 hash of the unencrypted file, then repeatedly try and decrypt the encrypted file using random hashes, and then generate an MD5 hash on those attempted decryptions until it matches the MD5 hash you got from the original unencrypted file?
    Exactly. Once the MD5 hashes sync up, we know the file's cracked. Doing this in a cloud format would greatly speed up the process.

    Again, if I'm misinformed about encryption protocals here, please do correct me so I'm not just talking out of my a$$
    Last edited by tripellex; 08-25-2010 at 04:54 PM

  2. #12
    Registered User Keeper75's Avatar
    Join Date
    Aug 2010
    Posts
    12
    Sponsored Links
    Sponsored Links
    TITLE: MD5 Algorithm Cracked Using Gaming Consoles

    security researchers have successfully created a forged certificate authority, exploiting a so-called "colliding certificates" attack, clearly indicating that the certification authorities must advance their security related standards with immediate effect.

    The researchers used 200 PS3 game consoles over eight days.
    [Register or Login to view links]



    Extracted from: [Register or Login to view links]
    Attached Images<br><br> Attached Images

    Last edited by Keeper75; 08-26-2010 at 10:42 AM Reason: Automerged Doublepost

  3. #13
    Contributor tripellex's Avatar
    Join Date
    Jan 2010
    Posts
    187
    Sponsored Links
    Sponsored Links
    Well there ya go. 200 PS3s. There are thousands of registered users here. Even if only a tenth of us contributed, I'm sure we could bust the Cell encryption open in no time.

  4. #14
    Registered User whinis's Avatar
    Join Date
    Jan 2010
    Posts
    133
    With a rainbow table you can crack an md5 in about 25 seconds - 4 minuets using the above method. MD5 is not that secure, as I found out last night, it only allows for quick easy compare method as you can tell whether the file was tampered with.

    And you only need 1 ps3 or single core computer.
    Last edited by whinis; 08-26-2010 at 11:08 AM

  5. #15
    Registered User Keeper75's Avatar
    Join Date
    Aug 2010
    Posts
    12
    Well, what i've posted is for cloning certificates, by creating collisions so that you can have two different certificates with the same md5 integrity verification validated...

    MD5 is just for checking the integrity of files (i.e.: if you change one single bit inside a file, the MD5 hash check will fail) - not to encrypt/decrypt...

    [Register or Login to view links]

    I mean, you can theoretically have two hashes (one for the decrypted file and one for the encrypted file), which would be verified and accepted by your PS3 - this assuming that PS3 was/is/were using Md5 checks - but what would the PS3 do with the already decrypted file which has a valid MD5 check ? doesn't the PS3 needs to "decrypt" the already decrypted (and MD5 integrity checked) file so to execute it?

    What you really need to know is what encryption/decryption method is being used by PS3..

  6. #16
    Registered User whinis's Avatar
    Join Date
    Jan 2010
    Posts
    133
    You don't decrypt md5 you just use it to compare to an already known file/hash. So the ps3 would use the md5 to insure that the file is either complete or correct. It is in fact impossible to decrypt a md5 since it has multiple answers which is the reason collisons work. Its 2 answers to the same problem.

  7. #17
    Registered User Keeper75's Avatar
    Join Date
    Aug 2010
    Posts
    12
    Uh... MD5 does NOT encrypt (or decrypt) anything... (i've post above that link to wiki, so to explain better what's MD5 - MD5 is just a integrity check algo...)

    I'll say it again...what is needed to know, is the encryption algorithm used - which is a different thing from MD5.
    Last edited by Keeper75; 08-26-2010 at 11:28 AM

  8. #18
    Registered User whinis's Avatar
    Join Date
    Jan 2010
    Posts
    133
    you can surely encrypt any number of text under 128 characters into md5 just not the reverse. However finding the other encryption method will be the challenge.

  9. #19
    Registered User Keeper75's Avatar
    Join Date
    Aug 2010
    Posts
    12
    example of some Integrity check (Authentication) Algorithms:

    MD5; SHA1; SHA-2; CRC; CRC32; etc

    example of some Encryption algorithms:

    RSA; DES; 3DES; Blowfish; RC4; etc

    In my limited knowledge of cryptography and based on what i've always considered to be the way cryptography worked, idk how can you use MD5 has an encryption algo, since it was never designed to do so.

  10. #20
    Registered User whinis's Avatar
    Join Date
    Jan 2010
    Posts
    133
    Many websites use Md5 to store passwords as even if you get the database you can not reverse the passwords. However I have a feeling they are using RSA or a variation of it.

 

Sponsored Links

Page 2 of 3 FirstFirst 123 LastLast
Affiliates - Contact Us - PS3 Downloads - Privacy Statement - Site Rules - Top - © 2014 PlayStation 3 News