Hacking the Xbox
Hacking the Xbox
Hacking the Xbox
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
106<br />
<strong>Hacking</strong> <strong>the</strong> <strong>Xbox</strong>: An Introduction to Reverse Engineering<br />
over a single block of data as in a block cipher, or it may occur once as in<br />
a stream cipher. All of <strong>the</strong> basic functions in a symmetric cipher are<br />
computationally simple, so symmetric ciphers are <strong>the</strong> preferred method<br />
for encrypting bulk data.<br />
Typical examples of mixing functions are XORs, modular additions and<br />
modular multiplications. The simplest function, XOR, has <strong>the</strong> property<br />
that any number XOR itself is zero. The XOR operation is often denoted<br />
with a ⊕ symbol. The XOR operation also has all <strong>the</strong> usual properties of<br />
arithmetic (commutative, associative, distributive, etc.), so<br />
(A ⊕ B) ⊕ B = A ⊕ (B ⊕ B) = A ⊕ 0 = A<br />
Thus, if A were a message and B were a key, (A ⊕ B) would be <strong>the</strong><br />
ciphertext, and <strong>the</strong> plaintext can be recovered by simply performing an XOR<br />
with B again.<br />
A key schedule is an algorithm that takes a relatively short key and expands<br />
its information over a long series of bits. Key schedules are used to help<br />
diffuse <strong>the</strong> key data over a larger block of data so <strong>the</strong> relationship<br />
between <strong>the</strong> ciphertext and <strong>the</strong> key is obscured.<br />
Very Difficult Problems<br />
Cryptographic functions are all based on ma<strong>the</strong>matical algorithms<br />
whose results are easy to compute given all <strong>the</strong> operands,<br />
but whose operands are very difficult to compute given<br />
just <strong>the</strong> result. The security of a cryptographic function is precisely<br />
<strong>the</strong> difficulty of computing <strong>the</strong>se operands given just<br />
<strong>the</strong> results. Let us take a moment and explore what it means to<br />
be very difficult.<br />
Consider <strong>the</strong> symmetric cipher AES. It uses a 128-bit key, and<br />
so far, it is strong against all known analytical cryptographic<br />
attacks, such as differential and linear cryptanalysis. When I<br />
say it is strong against analysis X, I mean that it will require at<br />
least as many operations to recover <strong>the</strong> key or plaintext using<br />
a brute-force search as it would using analysis X. A brute-force<br />
search is when I take a very fast computer and try every one<br />
of <strong>the</strong> 2 128 possible keys in order to recover <strong>the</strong> original data.<br />
Most cryptographic algorithms in common use today are<br />
strong against all known cryptanalysis techniques, so <strong>the</strong> important<br />
number to understand is <strong>the</strong> strength of a brute-force<br />
attack.<br />
As it turns out, older algorithms such as DES, a 56-bit cipher is<br />
not a very difficult problem. It is fairly easy to build a machine<br />
using FPGAs (Field Programmable Gate Arrays) that can crack<br />
keys at an economy of about 2 22 keys/second/dollar (2 22 is<br />
about four million). Note that this number increases with time<br />
at a rate equivalent to Moore’s Law. Today, if you are willing<br />
to wait about a week for each key, you can recover <strong>the</strong>m for<br />
(continued)