1. Forum
  2. Usenet
  3. SCI.CRYPT

  • Hacking the Nintendo Alarmo

    From The Running Man@21:1/5 to All on Wed Nov 13 04:17:04 2024
    <https://garyodernichts.blogspot.com/2024/10/looking-into-nintendo-alarmo.html>

    I was somewhat surprised how easily they decrypted the encrypted firmware.

    "The CRYP interface is configured for AES-128-CTR, which makes things easier. Since, in CTR mode, a keystream is created, which is then combined with the plaintext to
    encrypt and decrypt files, we can simply create a large amount of this keystream using
    the CRYP interface, and then combine it with the encrypted files to decrypt them"

    This shouldn't be possible since they keystream should never be reused.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Rich@21:1/5 to The Running Man on Wed Nov 13 15:10:42 2024
    The Running Man <running_man@writeable.com> wrote:
    <https://garyodernichts.blogspot.com/2024/10/looking-into-nintendo-alarmo.html>

    I was somewhat surprised how easily they decrypted the encrypted
    firmware.

    "The CRYP interface is configured for AES-128-CTR, which makes things
    easier. Since, in CTR mode, a keystream is created, which is then
    combined with the plaintext to encrypt and decrypt files, we can
    simply create a large amount of this keystream using the CRYP
    interface, and then combine it with the encrypted files to decrypt
    them"

    This shouldn't be possible since they keystream should never be
    reused.

    Yes, but this is also why the usual comment re. broken crypto goes
    something like:

    "The cryptographic primitives are secure, it is the
    use/implementation of those into a larger system that is broken".

    AES-128 is secure.

    AES-128-CTR is also secure, **if used correctly**.

    This is yet one more in a long line of examples of "not used correctly".

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)