--- Log opened Wed Dec 15 00:03:01 2010
00:03 -!- [Saint] [S_a_i_n_t@203.184.0.28] has quit [Disconnected by services]
00:03 -!- S_a_i_n_t [S_a_i_n_t@203.184.1.31] has joined #freemyipod-support
03:31 -!- TheSeven [~TheSeven@rockbox/developer/TheSeven] has quit [Ping timeout: 265 seconds]
03:35 -!- TheSeven [~TheSeven@rockbox/developer/TheSeven] has joined #freemyipod-support
05:39 -!- robzyabc [dcefce94@gateway/web/freenode/ip.220.239.206.148] has joined #freemyipod-support
05:39 < robzyabc> hiya
05:40 < robzyabc> i know i should just ask a question if i have one, but im not looking for answers so much as a discussion
05:40 < robzyabc> particularly about the AES unit within iDevices
05:40 < robzyabc> i've been reading up on AES sidechannel attacks
05:41 < robzyabc> i was looking to find out what some of the AES registers on the Samsung CPUs actually do
05:41 < robzyabc> things like AESUNKREG0 and AUSUNKREG1, AESKEY (shouldn't that be internal), etc. etc.
08:46 -!- user890104 [Venci@venci-notebook-lan.ipv6.6bez10.info] has quit []
08:53 -!- user890104 [Venci@venci-notebook-lan.ipv6.6bez10.info] has joined #freemyipod-support
09:25 < TheSeven> robzyabc: those register names were guessed ages ago by some iphone hackers, and have partly proven wrong by now
09:26 < TheSeven> we don't really know the effects of everything, but we know how to do AES128-CBC encryptions/decryptions using the hardware key
09:26 < TheSeven> (the code tries to simulate exactly what apple does)
09:31 < TheSeven> the aes unit can also use a user-provided key and IV, not just the hardware key
10:02 -!- S_a_i_n_t [S_a_i_n_t@203.184.1.31] has quit [Quit: I'm only going to Heaven if it feels like Hell, I'm only going to Heaven if it tastes like caramel...]
11:02 < robzyabc> ah i see
11:02 < robzyabc> is it certain that it is AES128-CBC, or just a very likely guess?
11:03 < robzyabc> also, you wouldn't happen to know if the AES encryption is actually executed using the processors execution units, or if there's a seperate entity that does them?
11:03 < robzyabc> i'm just wondering how much information one could gather for a side-channel attack
11:06 < user890104> TheSeven: my build of iloader r334 boots rockbox, but the lcd output is somehow messed up
11:06 < TheSeven> user890104: which rockbox version?
11:07 < user890104> the latest stable i think
11:07 < user890104> let me check
11:07 < TheSeven> that can't work
11:08 < user890104> which one should i use?
11:09 < TheSeven> at least r28811
11:10 < TheSeven> robzyabc: we're fairly sure that it's AES128 (well, it has a 16-byte block size, and some iphone guys have done non-hardware key operations with it and verified that it's AES IIRC), and i'm absolutely sure that it's CBC, because on the nano2g we have to do the CBC "by hand"
11:11 < robzyabc> ahhh, i see, that explains the piece of code i'm looking at i think, ((uint32_t*)data)[ptr + i] ^= ((uint32_t*)data)[ptr + i - 4]; would be the CBC operation i imagine
11:11 < TheSeven> AFAIK one can disable the CBC if wanted
11:11 < TheSeven> exactly.
11:12 < TheSeven> and it's just a peripheral on the AHB bus, nothing really inside the CPU
11:13 < robzyabc> does it use any part of the memory as a scratchspace? perhaps even the AESINADDR itself? or does it just read AESINADDR in one go, and then write it to AESINADDR all in one go?
11:13 < robzyabc> (although, i understand if noone has actually looked at that :P)
11:14 < TheSeven> i'd guess that AESAUXADDR is used for scratch space, if it needs that at all
11:14 < robzyabc> AESOUTADDR, AESINADDR and AESAUXADDR all point to the same place, though, don't they?
11:14 < TheSeven> yes, as we're doing in-place crypto operations
11:14 < TheSeven> one can also set AESINADDR to something different
11:15 < TheSeven> i'd have to look up what AESAUXADDR would be set to in that case
11:15 < robzyabc> sounds like it's time for me to jump on eBay and see if i can't find a nano2g :P
11:15 < TheSeven> IIRC (but i remember that only very vaguely) AUX was always set to the same as OUT
11:16 < robzyabc> i see
11:16 < TheSeven> so you want to try figuring out the hardware key?
11:16 < robzyabc> i'm guessing we don't have any details about the AES chip itself? (my googles turned up no keys)
11:16 < robzyabc> whether i'm actually capable of it i don't know, but yeah, i'm interested
11:17 < TheSeven> no, we don't know much more about that core than what's in the code we have :)
11:18 < TheSeven> this might of course be an interesting experiment, and of course i won't stop you from doing this, but even if we had the hardware key, that wouldn't help us a lot
11:18 < robzyabc> it's likely that the nano5/6g has the same key, though, isn't it?
11:19 < TheSeven> no, as far as i know each model has a different GID key
11:19 < robzyabc> ohh
11:20 < robzyabc> excuse the silly question (i've done a lot of reading over the past couple of days, but haven't found all the info yet :P) what's the GID key?
11:20 < TheSeven> there are two hardware keys, one is the so-called group key (GID), which is shared by all devices of a model, and one is the user key (UID), which is different for each chip
11:21 < robzyabc> by each chip, do you mean each model of chip, or each individual chip?
11:21 < TheSeven> each individual chip
11:23 < robzyabc> ahhhh, i see
11:23 < robzyabc> and since the GID is only shared between devices of all models, the nano2g wouldn't have the same key as the nano6g, would it?
11:24 < TheSeven> it doesn't even have the same one as the 3g/4g
11:24 < robzyabc> you're right, the hardware key wouldn't help a lot with anything :P
11:25 < TheSeven> the most promising way to get into the 5g/6g is probably looking at some bootrom vulnerabilities found by the iphone guys recently, and checking if they might also be present on the ipods
11:25 < robzyabc> are those the USB vulns?
11:25 < TheSeven> yeah, at least two of them are USB-related
11:25 < TheSeven> but i'm always a bit confused whether they're bootrom/WTF/iBoot exploits
11:26 < TheSeven> only the bootrom and WTF exploits would be useful for us
11:27 < robzyabc> i see
11:27 < robzyabc> well that puts a damper on my AES plans :P
11:27 < robzyabc> thanks for the info, though, it's very much appreciated
11:50 -!- [Saint] [S_a_i_n_t@203.184.0.178] has joined #freemyipod-support
12:35 -!- robzyabc [dcefce94@gateway/web/freenode/ip.220.239.206.148] has quit [Quit: Page closed]
13:21 -!- afk [~Dre@92.28.100.113] has joined #freemyipod-support
13:24 -!- Dreamxtreme [~Dre@92.30.19.175] has quit [Ping timeout: 260 seconds]
13:30 -!- afk [~Dre@92.28.100.113] has quit [Quit: Don't follow me]
13:30 -!- Dreamxtreme [~Dre@92.28.100.113] has joined #freemyipod-support
16:16 -!- [Saint] [S_a_i_n_t@203.184.0.178] has quit [Quit: I'm only going to Heaven if it feels like Hell, I'm only going to Heaven if it tastes like caramel...]
16:21 -!- [Saint] [S_a_i_n_t@203.184.0.73] has joined #freemyipod-support
16:30 -!- benedikt93 [~benedikt9@unaffiliated/benedikt93] has joined #freemyipod-support
19:18 -!- benedikt93 [~benedikt9@unaffiliated/benedikt93] has quit [Quit: Bye ;)]
20:03 -!- afk [~Dre@92.28.100.113] has joined #freemyipod-support
20:06 -!- Dreamxtreme [~Dre@92.28.100.113] has quit [Ping timeout: 260 seconds]
--- Log closed Thu Dec 16 00:01:16 2010