1

I need to decrypt an encrypted file with RC4 to answer to a Internet challenge.

The file in question is a dump of a Teensy ROM and it is completely encrypted.

Luckily, it looks like it's a standard Intel HEX format.

For the example, a clear file taken at random:

:1000000001C100001DC100001BC1000019C100009A
:1000100017C1000015C1000013C1000011C100008C
:100020000FC100000DC100000C94D80A09C10000E6
:1000300007C1000005C1000003C1000001C10000AC
:10004000FFC00000FDC00000FBC00000F9C00000C0
:10005000F7C00000F5C00000F3C00000F1C00000D0
:10006000EFC000000C9442090C941309E9C0000091
:10007000E7C00000E5C00000E3C00000E1C00000F0
:10008000DFC00000DDC00000DBC00000D9C0000000
:10009000D7C00000D5C00000CA0BEC0BD10CEC0B94

I can deduce some of the XOR keys used for the first 9 bytes for example (:10000000) but also for all others (:10001000, :10002000, the return characters of each line, ...).

I started with a somewhat generic question because I am not an expert in cryptography about a "bad" implementation of RC4. But we must believe that it was not the right steps.

I tested approaches like bruteforce attack. But with a key of 256 characters apart from making the concatenation of words hoping that the password is formed in this way. But do not appear!

I dropped the "standard" attacks based on WEP/RC4 or SSL/RC4 because I did not find any corelation with my problem.

So, is it possible to decrypt a text encrypt with RC4 without even knowing the encryption key?

Taking into consideration the Intel HEX file format:

  1. characters 0-F this is a .hex
  2. because of its structure, checksum at the end of each line and the normalization of the line break, ...

I have not found much about the possibilities of decrypting a file with RC4 when we know only part of the plaintext.

I do not know if all teensy dumps start with the same 9 first bytes. But the first and the last bytes of each line can be known.

Now is it possible to decipher the rest?

Mekhalleh
  • 39
  • 3
  • RC4 has some widely known security flaws. – Elias Feb 18 '18 at 16:34
  • I have already looked at all that. I looked at the implementation of FMS and other derivatives of that. I tested some attacks but I did not find anything that matches my problem.

    So, thank you for this Wikipedia link but I was rather expecting to be directed to a particular algorithm, or an explanation ...

     – Mekhalleh Feb 18 '18 at 17:24
  • Possibly related: RC4 : Keystream reconstruction? – e-sushi Feb 18 '18 at 18:43
  • Where does that firmware come from? Is it native to Teensy or was it dumped from something that contained the module? – Mark Feb 18 '18 at 20:25
  • 1
    Sorry, but you don't even read the hex file right. The data of the first block is 01C100001DC100001BC1000019C10000. That might be more of a hint - it's rather obviously not random. – Maarten Bodewes Feb 19 '18 at 09:03
  • The file containing the sequence is an example of ROM (just here to get an idea of ​​what I needed to decrypt).

    I finally found a solution to decrypt. I'll make a return as soon as I have some time.

    Sorry for my english ;)

     – Mekhalleh Feb 21 '18 at 16:54

0 Answers0